WorcX ApS is committed to protecting your personal data in line with the EU General Data Protection Regulation (GDPR) and applicable Denmark data-protection law. This page summarises our role and your rights. It works together with our Privacy Policy.
1. Controller & processor
For personal data about your account and company, WorcX acts as a data controller. For the business content you store in the app (such as your own customers' details), WorcX acts as a data processor that processes the data on your instructions to provide the Service.
2. Lawful basis for processing
- Contract — to provide the Service you signed up for;
- Legal obligation — e.g. keeping accounting records;
- Legitimate interests — to secure, maintain and improve the Service;
- Consent — where we ask for it, which you may withdraw at any time.
3. Your rights
Under the GDPR you have the right to:
- Access — obtain a copy of your personal data;
- Rectification — correct inaccurate or incomplete data;
- Erasure — have your data deleted (see Delete Data);
- Restriction — limit how we process your data;
- Portability — receive your data in a portable format;
- Objection — object to processing based on legitimate interests;
- Withdraw consent — where processing is based on consent.
4. How to exercise your rights
Email us at privacy@worcx.dk with your request. We will verify your identity and respond without undue delay, and within one month as required by the GDPR. There is normally no fee for exercising your rights.
5. International transfers
We process personal data primarily within the EU/EEA. Where data is transferred outside the EU/EEA (for example by a sub-processor), we use appropriate safeguards such as the European Commission's Standard Contractual Clauses.
6. Sub-processors
We use trusted sub-processors to run the Service, including our payment provider (Stripe) and cloud hosting/storage providers. Each is bound by a data-processing agreement and may only process data on our instructions. Our Privacy Policy lists the main categories.
7. Data breaches
If a personal-data breach is likely to result in a risk to your rights, we will notify the competent supervisory authority, and affected users where required, in accordance with the GDPR.
8. Complaints
If you believe we have not handled your personal data properly, please contact us first at privacy@worcx.dk. You also have the right to lodge a complaint with your local supervisory authority — in Denmark, this is the Datatilsynet (Danish Data Protection Agency).
9. Contact
WorcX ApS, Vesterbrogade 1, 1620 Copenhagen, Denmark (CVR 12345678) — privacy@worcx.dk.