WorcX

Legal

GDPR & Your Rights

How WorcX complies with the EU General Data Protection Regulation.

Last updated: 2 July 2026

WorcX ApS is committed to protecting your personal data in line with the EU General Data Protection Regulation (GDPR) and applicable Denmark data-protection law. This page summarises our role and your rights. It works together with our Privacy Policy.

1. Controller & processor

For personal data about your account and company, WorcX acts as a data controller. For the business content you store in the app (such as your own customers' details), WorcX acts as a data processor that processes the data on your instructions to provide the Service.

2. Lawful basis for processing

  • Contract — to provide the Service you signed up for;
  • Legal obligation — e.g. keeping accounting records;
  • Legitimate interests — to secure, maintain and improve the Service;
  • Consent — where we ask for it, which you may withdraw at any time.

3. Your rights

Under the GDPR you have the right to:

  • Access — obtain a copy of your personal data;
  • Rectification — correct inaccurate or incomplete data;
  • Erasure — have your data deleted (see Delete Data);
  • Restriction — limit how we process your data;
  • Portability — receive your data in a portable format;
  • Objection — object to processing based on legitimate interests;
  • Withdraw consent — where processing is based on consent.

4. How to exercise your rights

Email us at privacy@worcx.dk with your request. We will verify your identity and respond without undue delay, and within one month as required by the GDPR. There is normally no fee for exercising your rights.

5. International transfers

We process personal data primarily within the EU/EEA. Where data is transferred outside the EU/EEA (for example by a sub-processor), we use appropriate safeguards such as the European Commission's Standard Contractual Clauses.

6. Sub-processors

We use trusted sub-processors to run the Service, including our payment provider (Stripe) and cloud hosting/storage providers. Each is bound by a data-processing agreement and may only process data on our instructions. Our Privacy Policy lists the main categories.

7. Data breaches

If a personal-data breach is likely to result in a risk to your rights, we will notify the competent supervisory authority, and affected users where required, in accordance with the GDPR.

8. Complaints

If you believe we have not handled your personal data properly, please contact us first at privacy@worcx.dk. You also have the right to lodge a complaint with your local supervisory authority — in Denmark, this is the Datatilsynet (Danish Data Protection Agency).

9. Contact

WorcX ApS, Vesterbrogade 1, 1620 Copenhagen, Denmark (CVR 12345678) — privacy@worcx.dk.