Privacy

Privacy policy

Source: SAIBASPACE/saiba-internalcompliance/privacy-policy.md. Versioned in repo. The text below is the public-safe excerpt; the canonical document lives in the internal repo and is copied here at deploy time, not fetched live.

TODO: the saiba-internal companion PR that lands the canonical compliance/privacy-policy.md is not merged yet. The sections below are a structural placeholder so procurement reviewers can see the shape; the substantive text will replace this content once the internal PR lands.

Who we are

Saiba ApS, registered in Denmark. Headquartered in Copenhagen. Controller of personal data described in this policy unless explicitly noted otherwise.

What we collect and why

  • Contact form submissions: name, email, phone (optional), message — to respond to inquiries.
  • Booking data: meeting details and calendar metadata when you book a meeting through our site.
  • Analytics: aggregated, privacy-friendly usage data via Plausible (no cookies, no cross-site tracking).
  • Server logs: short-lived request logs for security and debugging.

Lawful basis (GDPR Art. 6)

Contact form and booking data: consent and the steps necessary to enter into a contract with you. Analytics and security logs: legitimate interest in operating, securing, and improving the site, balanced against your privacy (we use a privacy-friendly analytics provider specifically to keep this balance light).

Retention

Inquiry messages: retained while the engagement is active and for up to 24 months thereafter, unless legal obligations require longer. Booking data: retained per the calendar provider's defaults; copies in our CRM follow the same retention as inquiries. Server logs: rotated within 30 days.

Sub-processors

We use a small set of trusted sub-processors to deliver our service. The current list is published at /sub-processors and kept current.

Your rights

Under GDPR you have the right to access, rectify, erase, restrict processing, object, and data portability. To exercise these rights, email gus@nearweek.com. You also have the right to lodge a complaint with the Danish Data Protection Authority (Datatilsynet).

Contact

Privacy queries: gus@nearweek.com.