Privacy Policy

Last Updated: 1st January 2026

Introduction

orixaventra.top AS ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal information when you visit our website at orixaventra.top or use our wellness spa expansion planning services.

As a Danish company (CVR74589612), we comply with the General Data Protection Regulation (GDPR) and Danish data protection laws. This policy describes your rights regarding your personal data and how we handle your information.

Data Controller Information

The data controller for your personal information is:

orixaventra.top AS
Vesterbrogade 64
6039 Kolding
Southern Denmark
CVR: 74589612
Email: [email protected]
Phone: +45 39 56 31 32

Data We Collect

We may collect and process the following types of personal data about you:

  • Contact Information: Name, email address, phone number, postal address
  • Business Information: Company name, position, business requirements, project details
  • Communication Data: Records of correspondence, meeting notes, consultation records
  • Website Usage Data: IP address, browser type, pages visited, time spent on site
  • Technical Data: Device information, operating system, internet connection details
  • Marketing Data: Your preferences for receiving marketing communications

The data collection occurs when you contact us through our website, use our services, or interact with our business. We only collect information that is necessary for providing our spa expansion planning services and maintaining our business relationship with you.

How We Use Your Information

We use your personal data for the following purposes based on legitimate business interests and legal obligations:

  • Service Delivery: To provide spa expansion planning consultations and services
  • Communication: To respond to enquiries, provide updates, and maintain business relationships
  • Business Operations: To manage contracts, invoicing, and administrative processes
  • Legal Compliance: To meet regulatory requirements and legal obligations
  • Marketing: To send relevant business communications (with your consent)
  • Website Improvement: To analyse usage patterns and improve our online services

How we use your information depends on the nature of our relationship and the services you request. We always ensure that our use of your data is proportionate and necessary for the stated purposes.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to fulfil our service agreements
  • Legitimate Interests: For business operations, client relationship management, and service improvement
  • Legal Obligation: To comply with accounting, tax, and regulatory requirements
  • Consent: For marketing communications and optional data processing activities

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Third Parties

We may share your personal data with the following categories of recipients:

  • Service Providers: IT support, hosting services, payment processors
  • Professional Advisors: Legal, accounting, and business consultants
  • Regulatory Authorities: When required by law or regulation
  • Business Partners: With your consent for collaborative projects

We ensure that all third parties are contractually obligated to protect your data and use it only for specified purposes. We do not sell or rent your personal information to third parties.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Client Records: 7 years after the end of our business relationship (for legal and tax purposes)
  • Marketing Data: Until you withdraw consent or unsubscribe
  • Website Analytics: 26 months for Google Analytics data
  • Communication Records: 3 years for business correspondence

After the retention period expires, we securely delete or anonymise your personal data unless we are required to retain it for legal reasons.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete information
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for consent-based processing

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication procedures
  • Staff training on data protection principles
  • Secure backup and recovery procedures

International Data Transfers

As we operate primarily within the European Union, your data is generally processed within the EU/EEA. If we need to transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses.

Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

Privacy Officer
Email: [email protected]
Phone: +45 39 56 31 32
Address: Vesterbrogade 64, 6039 Kolding, Southern Denmark

You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) if you believe we have not handled your personal data in accordance with data protection law.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the updated policy on our website and updating the "Last Updated" date.

We encourage you to review this policy periodically to stay informed about how we protect your personal information.