OMXC252,184.31+0.74%
EUR/DKK7.4610+0.01%
Novo Nordisk BDKK 604.40+1.23%
Vestas WindDKK 115.30-0.52%
DAX18,947.50+0.31%
S&P 5005,473.20+0.48%
Brent Crude$82.15-0.37%
10Y DK Gov2.89%+0.04
Gold$2,341.80+0.19%
OMXC252,184.31+0.74%
EUR/DKK7.4610+0.01%
Novo Nordisk BDKK 604.40+1.23%
Vestas WindDKK 115.30-0.52%
DAX18,947.50+0.31%
S&P 5005,473.20+0.48%
Brent Crude$82.15-0.37%

Legal Documentation

Privacy Policy

Last updated: 10 April 2025  |  Effective date: 10 April 2025  |  Version 2.1

This Privacy Policy describes how Axiom ApS ("Axiom", "we", "our", "us"), registered in Denmark with CVR number 43218795, collects, uses, stores, and protects personal data when you visit our website, use our services, or communicate with us. We are committed to full compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Danish Data Protection Act (Databeskyttelsesloven, Act No. 502 of 23 May 2018).

1. Data Controller Information

The data controller responsible for your personal data is:

Axiom ApS
CVR: 43218795
Nørre Voldgade 84
1358 Copenhagen K
Denmark

Telephone: +45 70 83 29 17
Email: privacy@axiomanalysis.dk
Website: axiomanalysis.dk

If you have questions about how we handle your personal data or wish to exercise your rights, please contact us using the details above or write to our Data Protection contact at dpo@axiomanalysis.dk.

2. Personal Data We Collect

We collect personal data in the following circumstances:

2.1 Data You Provide Directly

  • Contact form submissions: Full name, email address, telephone number (optional), message content, company name (optional), and country of residence.
  • Subscription registrations: Full name, email address, billing address, payment method details (processed via our payment processor — we do not store raw card numbers), and chosen subscription tier.
  • Report orders: Full name, email address, billing address, VAT number (if applicable), and order details.
  • Newsletter sign-up: Email address and, optionally, first name and preferred content categories.
  • Account creation: Username, email address, password (stored in hashed form), and profile preferences.

2.2 Data Collected Automatically

  • Technical data: IP address, browser type and version, operating system, device type, screen resolution, and referring URL.
  • Usage data: Pages visited, time spent on pages, links clicked, search queries entered on-site, and download events.
  • Cookie data: Session identifiers, preference tokens, and analytics identifiers. See Section 8 for details.
  • Log data: Server access logs including timestamps, HTTP status codes, and requested resources. These logs are automatically purged after 90 days.

2.3 Data From Third Parties

We may receive data from third-party analytics providers (Google Analytics 4), advertising partners (Google Ads), and payment processors (Stripe Inc.). We use this data only for the purposes described in Section 4.

4. Purposes of Processing

We use your personal data to:

  • Provide and administer our financial analysis services, research reports, and subscription products.
  • Process and fulfil orders, including delivery of digital content by email.
  • Communicate with you regarding your enquiries, orders, or support requests.
  • Send you editorial newsletters, market updates, and promotional communications where you have given consent or have an existing customer relationship (in accordance with the Danish Marketing Practices Act, Markedsføringsloven).
  • Analyse website usage to improve the quality, relevance, and performance of our content and services.
  • Comply with applicable Danish and EU law, including accounting regulations and VAT requirements.
  • Detect, investigate, and prevent fraudulent transactions and other abusive activity.
  • Serve relevant advertisements on third-party platforms where you have provided consent.

5. Data Retention Periods

We retain personal data only as long as necessary for the purpose for which it was collected, or as required by law:

Data CategoryRetention PeriodBasis
Customer order records (invoices, billing)5 years from invoice dateDanish Bookkeeping Act (§10)
Active subscriber account dataDuration of subscription + 12 months after cancellationContract
Contact form submissions24 months from last interactionLegitimate interests
Marketing consent recordsUntil withdrawal of consent + 3 yearsLegal compliance
Server access logs90 daysLegitimate interests
Analytics data (aggregated)26 months (Google Analytics default)Consent / Legitimate interests
Cookies (session)Until browser session endsTechnical necessity
Cookies (persistent/analytics)Up to 13 months from last visitConsent

When data reaches the end of its retention period, it is securely deleted or anonymised.

6. Sharing and Disclosure of Personal Data

We do not sell, rent, or trade your personal data. We may share data only in the following circumstances:

6.1 Service Providers (Data Processors)

We engage trusted third-party processors under binding Data Processing Agreements (DPAs) in accordance with GDPR Article 28. These include:

  • Stripe Inc. — Payment processing. Processes billing and card data on our behalf.
  • Google LLC — Analytics (Google Analytics 4) and advertising (Google Ads). Data shared under standard contractual clauses.
  • Mailchimp (The Rocket Science Group, LLC) — Email newsletter distribution to subscribed users.
  • Amazon Web Services EMEA SARL — Cloud hosting and content delivery (EU region servers).
  • Zendesk Inc. — Customer support ticket management.

6.2 Legal Obligations

We may disclose data to competent authorities (including the Danish Tax Authority — Skattestyrelsen, and the Danish Financial Supervisory Authority — Finanstilsynet) when legally required.

6.3 Business Transfers

In the event of a merger, acquisition, or asset sale, personal data may be transferred. We will notify affected individuals prior to any such transfer.

7. International Data Transfers

Some of our service providers are located outside the European Economic Area (EEA). Where personal data is transferred to a third country, we ensure an adequate level of protection through one of the following mechanisms:

  • An adequacy decision by the European Commission (Art. 45 GDPR).
  • Standard Contractual Clauses (SCCs) approved by the European Commission (Art. 46 GDPR).
  • Binding Corporate Rules where applicable.

Transfers to the United States are governed by SCCs in conjunction with the EU-U.S. Data Privacy Framework. You may request a copy of the applicable transfer safeguards by contacting privacy@axiomanalysis.dk.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to operate our website and provide our services. For a full description of each cookie category, duration, and opt-out mechanism, please refer to our Cookie Policy.

In summary, we use:

  • Strictly necessary cookies — Required for the website to function (session management, security tokens). Cannot be disabled.
  • Analytical/performance cookies — Measure website traffic and user behaviour (Google Analytics 4). Activated only with your consent.
  • Functional cookies — Remember your preferences such as language, region, and cookie consent status.
  • Marketing/advertising cookies — Used to deliver relevant advertisements via Google Ads and remarketing. Activated only with your consent.

You may withdraw your cookie consent at any time by clicking Manage Cookies in the footer or by clearing your browser cookies.

9. Your Rights Under GDPR

As a data subject, you have the following rights under the GDPR. To exercise any right, please contact privacy@axiomanalysis.dk with proof of identity. We will respond within 30 calendar days.

  • Right of access (Art. 15): Request a copy of the personal data we hold about you and information about how we use it.
  • Right to rectification (Art. 16): Request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17): Request deletion of your data where there is no overriding legal ground for continued processing ("right to be forgotten").
  • Right to restriction (Art. 18): Request that we limit processing of your data in certain circumstances.
  • Right to data portability (Art. 20): Receive your data in a structured, machine-readable format (applies to data processed by automated means on the basis of consent or contract).
  • Right to object (Art. 21): Object to processing based on legitimate interests or for direct marketing purposes at any time.
  • Right to withdraw consent (Art. 7(3)): Withdraw consent for any processing based on consent at any time, without affecting prior processing.
  • Rights related to automated decision-making (Art. 22): Right not to be subject to solely automated decisions that produce legal or similarly significant effects. We do not conduct such processing.

You also have the right to lodge a complaint with the Danish data protection authority:

Datatilsynet
Carl Jacobsens Vej 35
2500 Valby, Denmark
Tel: +45 33 19 32 00
www.datatilsynet.dk

10. Security Measures

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:

  • TLS 1.3 encryption for all data in transit between your browser and our servers.
  • AES-256 encryption for sensitive data stored in our databases.
  • Access controls with role-based permissions and multi-factor authentication for staff systems.
  • Regular security audits and penetration testing by an independent third party.
  • Employee data protection training conducted annually.
  • Incident response procedures aligned with GDPR's 72-hour breach notification requirement (Art. 33).

In the event of a personal data breach likely to result in a high risk to your rights and freedoms, we will notify you without undue delay in accordance with Art. 34 GDPR.

11. Children's Privacy

Our services are intended for adults and are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a person under 18, please contact us immediately at privacy@axiomanalysis.dk and we will delete such data without delay.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. The "Last updated" date at the top of this page indicates when the most recent revision was made.

We will notify you of material changes by posting a notice on our website and, where appropriate, by sending an email to registered subscribers. Continued use of our services after any update constitutes acceptance of the revised policy.

Previous versions of this Privacy Policy are archived and available on request by contacting privacy@axiomanalysis.dk.

13. Contact & Data Protection Contact

For all matters relating to personal data and privacy, including exercising your rights, please contact:

Data Protection Contact — Axiom ApS
Nørre Voldgade 84, 1358 Copenhagen K, Denmark
Email: dpo@axiomanalysis.dk
Phone: +45 70 83 29 17
Response time: Within 30 calendar days

We take privacy enquiries seriously and aim to resolve all concerns promptly. If you are unsatisfied with our response, you retain the right to escalate your complaint to Datatilsynet.