Privacy Policy & GDPR Disclosure

How Copenhagen Staff ApS collects, uses, and protects your personal data

Last updated: March 2026

1. Data Controller

Copenhagen Staff ApS is the data controller responsible for your personal data.

Copenhagen Staff ApS
CVR: 46141296
35A Bülowsvej, Frederiksberg, 1870, Copenhagen, Denmark
Email: Team@StaffClubCopenhagen.com
Website: copenhagenstaff.com

For all data protection enquiries, please contact us at the email address above.

2. Scope of This Policy

This Privacy Policy applies to all personal data we process in connection with:

  • Workers registering on or using our staffing platform
  • Clients placing or enquiring about staff orders
  • Visitors to our website (copenhagenstaff.com)
  • Any other individuals whose data we handle in connection with our business

This policy complies with the EU General Data Protection Regulation (GDPR) (Regulation 2016/679) and the Danish Data Protection Act (Databeskyttelsesloven, Act No. 502 of 23 May 2018 as amended).

3. Personal Data We Collect

3.1 Workers

When you register as a worker or interact with our platform, we may collect:

  • Identity data: Full name, date of birth, nationality, photo/profile image
  • Contact data: Email address, phone number, home address
  • Tax and employment data: CPR number (Danish civil registration number), bank account details for payroll, tax card information (A-skat/B-skat), work permit or right-to-work documentation
  • Professional data: CV, work experience, qualifications, certifications, language skills, references
  • Assignment data: Shift history, hours worked, client feedback, attendance records
  • Financial data: Pay rates, holiday pay (feriegodtgørelse) accrual, payslip history
  • Communication data: Messages and correspondence with our team

3.2 Clients

When you use or enquire about our staffing services, we may collect:

  • Business data: Company name, CVR number, business address, industry type
  • Contact data: Name, job title, email address, phone number of contact persons
  • Order data: Staff requirements, shift dates and times, venue details, order history
  • Financial data: Invoice history, payment records, billing address
  • Communication data: Messages, emails, and correspondence relating to orders and services

3.3 Website Visitors

When you visit our website, we may automatically collect:

  • IP address and approximate location data
  • Browser type, version, and operating system
  • Pages visited, time spent, referral source
  • Cookie identifiers (see Section 10 on Cookies)

4. How We Use Your Personal Data

4.1 Workers

  • To manage your registration and platform profile
  • To match you with suitable shift assignments
  • To communicate shift offers, confirmations, and updates
  • To process payroll, including A-skat deductions, AM-bidrag, and feriegodtgørelse
  • To comply with Danish employment law obligations (Vikarloven, Ferieloven, Arbejdstidsloven)
  • To report to SKAT (Danish Tax Authority) as required by law
  • To manage conduct, performance, and platform access decisions
  • To respond to your enquiries and communications

4.2 Clients

  • To process and manage your staff orders
  • To issue and manage invoices and payments
  • To communicate with you about your orders and our services
  • To comply with our contractual obligations under the Client Master Service Agreement
  • To meet legal and regulatory obligations
  • To manage our business relationship with you

4.3 Website Visitors

  • To operate and maintain our website
  • To analyse website usage and improve our services
  • To comply with legal obligations

5. Legal Bases for Processing

We process your personal data on the following legal bases under GDPR Article 6:

Processing ActivityLegal Basis
Payroll processing and statutory deductionsLegal obligation (Article 6(1)(c)) — SKAT, Ferieloven, Arbejdstidsloven
Processing your registration and assignment matchingPerformance of a contract (Article 6(1)(b))
Client order processing and invoicingPerformance of a contract (Article 6(1)(b))
Keeping business records and financial documentsLegal obligation (Article 6(1)(c)) — Danish Bookkeeping Act
Website analytics and performance monitoringLegitimate interests (Article 6(1)(f))
Marketing communications (if applicable)Consent (Article 6(1)(a)) — you may withdraw at any time
CPR number processingLegal obligation (Article 6(1)(c) + Databeskyttelsesloven §11) — employment and tax law

6. Data Sharing and Third Parties

We may share your personal data with the following categories of recipients:

6.1 Clients (for workers)

When you are assigned to a shift, we share your name and contact number with the client venue solely for the purpose of facilitating that specific assignment. We share the minimum necessary data only.

6.2 Workers (for clients)

We share worker names and basic contact details with clients for confirmed assignments only.

6.3 Service Providers (Data Processors)

We engage third-party service providers who process data on our behalf under written data processing agreements:

  • Payroll and accounting software — for processing wages and statutory deductions
  • Email and communication platforms — for sending notifications and correspondence
  • Website hosting providers — for operating copenhagenstaff.com
  • Form submission services (e.g., FormSubmit) — for processing web form submissions

6.4 Statutory Authorities

We share data with SKAT (Danish Tax Authority) and other public authorities where required by Danish law.

6.5 No Data Sales

We never sell, rent, or trade your personal data to third parties for commercial purposes.

7. International Transfers

We aim to keep your data within the EU/EEA. Where any service provider processes data outside the EU/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, in compliance with GDPR Chapter V.

8. Data Retention

We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by applicable law:

Data CategoryRetention PeriodBasis
Worker registration and profile data5 years after last assignmentLegitimate interests; legal claims
Payroll records and tax documents5 years (Danish Bookkeeping Act)Legal obligation
CPR numberDuration of employment + 5 yearsLegal obligation (SKAT)
Client contact and order data5 years after last transactionLegitimate interests; legal claims
Invoice and financial records5 years (Danish Bookkeeping Act)Legal obligation
Website visitor data (analytics)Up to 26 monthsLegitimate interests
Marketing consent recordsUntil consent withdrawn + 1 yearConsent

9. Your Data Subject Rights

Under GDPR (Articles 15–22) and the Danish Data Protection Act, you have the following rights:

  • Right of access (Article 15): You may request a copy of all personal data we hold about you, along with information on how it is processed.
  • Right to rectification (Article 16): You may request that we correct any inaccurate or incomplete personal data we hold about you.
  • Right to erasure (Article 17): You may request deletion of your personal data where it is no longer necessary, where you withdraw consent, or where processing is unlawful. This right may be limited where we have legal obligations to retain data.
  • Right to restriction of processing (Article 18): You may request that we limit how we use your data in certain circumstances.
  • Right to data portability (Article 20): Where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, machine-readable format.
  • Right to object (Article 21): You may object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Where processing is based on your consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at Team@StaffClubCopenhagen.com. We will respond within 30 days. There is no charge for exercising your rights, unless requests are manifestly unfounded or excessive.

10. Cookies

Our website uses cookies and similar tracking technologies. Cookies are small text files stored on your device by your browser.

10.1 Types of Cookies We Use

  • Strictly necessary cookies: Required for the website to function (e.g., session management). These cannot be disabled.
  • Analytics cookies: Help us understand how visitors use our website (e.g., pages visited, time on site). We use anonymised or aggregated analytics data only.
  • Functional cookies: Remember your preferences (e.g., language selection).

10.2 Cookie Consent

Where cookies are not strictly necessary, we obtain your consent before placing them. You may withdraw consent or manage your cookie preferences at any time through your browser settings. Note that disabling certain cookies may affect website functionality.

10.3 Third-Party Cookies

Some third-party services we use (such as analytics providers) may set their own cookies. These are governed by those third parties' privacy policies.

11. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These include:

  • Access controls and role-based permissions
  • Encrypted data transmission (HTTPS/TLS)
  • Regular security reviews and updates
  • Staff awareness and data protection training
  • Incident response procedures

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Danish Data Protection Authority (Datatilsynet) within 72 hours as required by GDPR Article 33, and affected individuals where required under Article 34.

12. Supervisory Authority

You have the right to lodge a complaint with the Danish Data Protection Authority (Datatilsynet) if you believe we have processed your personal data unlawfully:

Datatilsynet
Carl Jacobsens Vej 35
2500 Valby, Denmark
Phone: +45 33 19 32 00
Email: dt@datatilsynet.dk
Website: www.datatilsynet.dk

We encourage you to contact us first at Team@StaffClubCopenhagen.com so we can resolve your concern directly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will publish the updated policy on this page with a revised “Last updated” date. For material changes, we will notify affected individuals by email where practicable.

14. Contact Us

For any questions, requests, or concerns relating to this Privacy Policy or the processing of your personal data:

Copenhagen Staff ApS
35A Bülowsvej, Frederiksberg, 1870, Copenhagen, Denmark
CVR: 46141296
Email: Team@StaffClubCopenhagen.com

DAEN