Privacy & Cookie Policy

1. Data Controller

The data controller for processing your personal information is:

Malou Gudiksen
Nørremøllevej 2A
8800 Viborg, Denmark
Phone: +45 93 88 93 11
Email: malougudiksen@gmail.com

2. Cookies

2.1 Use of Cookies

Our website uses cookies – small text files stored on your device – to:

  • Recognize your browser or device

  • Remember your preferences

  • Generate statistics on site usage

  • Deliver relevant advertisements

Cookies do not contain harmful code such as viruses.

2.2 How to Manage Cookies

You can delete or block cookies in your browser settings. However, some website functionalities may not work properly if cookies are disabled.

3. Personal Data

3.1 What We Collect

We collect and process the following types of personal data:

  • Technical data: IP address, browser type, device information, operating system, geographic location, etc.

  • Usage data: Clicks, time spent, pages visited, referring pages.

  • Direct data: Name, phone number, email address, postal address, and payment information – only if you voluntarily provide them, e.g., when signing up for a newsletter or making a purchase.

3.2 Legal Basis for Processing

We process your personal data on the following legal grounds under the GDPR:

  • Article 6(1)(a): Consent – e.g., for newsletters or marketing.

  • Article 6(1)(b): Contract – e.g., to fulfill orders.

  • Article 6(1)(f): Legitimate interest – e.g., communication or website analytics.

4. Purpose of Data Processing

We process your data for the following purposes:

  • To provide access to our website and services

  • To handle purchases, payments, and customer support

  • To send newsletters (with your consent)

  • To improve our website and services

  • To deliver personalized advertisements

  • To comply with legal obligations (e.g., bookkeeping)

5. Retention Period

Your data is stored for as long as necessary to fulfill the purpose it was collected for, or as required by law (e.g., 5 years for accounting records in Denmark).

6. Security

We have implemented appropriate technical and organizational security measures to prevent your data from being accidentally or unlawfully deleted, lost, or accessed by unauthorized parties.

Our staff is trained in data protection and follows internal GDPR procedures.

7. Newsletter

You may voluntarily sign up for our newsletter. We only send emails with your active consent (double opt-in). You can unsubscribe at any time via the link in the newsletter or by contacting us.

We keep your consent for up to 2 years after last use to comply with Danish marketing guidelines.

8. Sharing of Data

We do not sell or disclose your personal data to third parties unless required by law or to trusted data processors acting on our behalf (e.g., hosting, email systems, analytics).

We only use processors that guarantee GDPR compliance and have signed Data Processing Agreements with us.

9. Transfers to Third Countries

We primarily use data processors within the EU/EEA. If data is transferred outside the EU/EEA, it is only to countries or companies with adequate protection in accordance with GDPR (e.g., via Standard Contractual Clauses).

10. Your Rights

You have the following rights under the GDPR:

  • Right of access – to see what data we hold about you

  • Right to rectification – to correct inaccurate data

  • Right to erasure – to have data deleted (in certain cases)

  • Right to restriction – to limit how we process your data

  • Right to data portability – to receive your data in a structured format

  • Right to object – to certain types of processing (e.g., marketing)

  • Right to withdraw consent – at any time, if processing is based on consent

To exercise your rights, contact: support@cotiradesigns.com

11. Complaints

If you believe your data is being processed unlawfully, you have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet):
www.datatilsynet.dk