Privacy Policy

Last Updated: 28 July 2025

This Privacy Policy explains how Aest Interior Design ApS (“we”, “us”, or “our”) also known as Frederiksberg Indretning ApS and Aest Consulting ApS, collects, uses, stores, and shares your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Danish Data Protection Act.

1. Data Controller

Aest Interior Design ApS
Also known as Frederiksberg Indretning ApS and Aest Consulting ApS

Address: Dirch Passers Allé 20, 4. Th., 2000 Frederiksberg, Denmark
Company Registration number and VAT number (CVR): 45526399

Email: admin@aest-interiordesign.com
Phone: +45 5355 0067

We are the data controller responsible for the processing of your personal data.

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

  • Full name

  • Email address

  • Phone number

  • Home address or project address

  • Payment and invoicing details (including account numbers or VAT numbers)

  • Communications or correspondence related to our services

We do not intentionally collect or process special categories of personal data (e.g., health data, religious beliefs).

3. Purpose of Data Collection

We process your personal data for the following purposes:

  • To communicate with you regarding your design project

  • To plan, execute, and deliver design proposals and services

  • To issue quotes, invoices, and handle payments

  • To maintain customer records and comply with bookkeeping and tax laws

  • To handle disputes or legal claims, where relevant

4. Legal Basis for Processing

The legal bases under the GDPR for processing your personal data include:

  • Contract performance: To fulfill our obligations in providing services (Art. 6(1)(b))

  • Legal obligation: To comply with accounting, tax, and legal requirements (Art. 6(1)(c))

  • Legitimate interest: Where processing is necessary for our legitimate business interests and not overridden by your rights (Art. 6(1)(f))

5. Sharing of Personal Data

We only share your personal data with trusted third parties where necessary and in accordance with data protection laws. These third parties act as independent data controllers, meaning they determine how and why they process your personal data. These may include:

These organizations have their own legal responsibilities and privacy obligations as data controllers. We ensure that any data shared with them is limited to what is strictly necessary for the relevant purpose.

We do not sell or share your personal data with third parties for marketing purposes without your explicit consent.

The third-party vendors and service providers mentioned in this Privacy Policy are the main partners we use for processing your personal data. To the best of our knowledge at the time of writing, this list is accurate and complete. However, this list may not include every vendor we occasionally use, and we reserve the right to update it as needed. We remain committed to ensuring that any third parties we work with comply with applicable data protection laws.

6. Data Transfers Outside the EU

If we transfer your personal data outside the EU/EEA (e.g., if using cloud services with servers outside the EU), we ensure that appropriate safeguards are in place, such as:

  • The use of EU Standard Contractual Clauses (SCCs)

  • Transfers to countries with an adequacy decision from the European Commission

You can contact us for more information on data transfers.

7. Data Retention

We retain your personal data only as long as necessary for the purposes stated above and to comply with Danish legal obligations.

  • Typically, accounting-related data is stored for 5 years from the end of the financial year, in accordance with the Danish Bookkeeping Act.

  • Project files and correspondence may be retained for up to 10 years if necessary for legal documentation or liability purposes.

8. Your Rights

You have the following rights under GDPR:

  • Right of access – to see what data we hold about you

  • Right to rectification – to correct inaccurate or incomplete data

  • Right to erasure (“right to be forgotten”)

  • Right to restriction of processing

  • Right to object to processing

  • Right to data portability

  • Right to withdraw consent (where consent is the basis of processing)

  • Right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet): https://www.datatilsynet.dk

To exercise any of these rights, contact us at the details listed in section 1.

9. Data Security

We implement appropriate technical and organizational measures to secure your data against loss, misuse, and unauthorized access. These measures include:

  • Encrypted communication (e.g., TLS/SSL)

  • Secure storage and backups

  • Access control for systems and documents

10. Cookies and Website Tracking

If we collect data via our website, we may use cookies and analytics tools. Where required, we request your consent before placing cookies that are not strictly necessary.
Please see our separate [Cookie Policy] available on our website for more information.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website or upon request. Significant changes will be communicated directly when appropriate.

12. Disclaimer

This Privacy Policy is intended to provide a general overview of how we handle personal data in accordance with the General Data Protection Regulation (GDPR) and the Danish Data Protection Act. It reflects the data protection practices of Aest Interior Design ApS, Also known as Frederiksberg Indretning ApS and Aest Consulting ApS, as of the date indicated above.

While we strive to ensure the accuracy and clarity of this information, this policy does not constitute legal advice. As a small interior design studio, we aim to meet our legal obligations in good faith, but specific legal requirements may vary depending on your individual circumstances or the nature of your project.

If you have questions about your rights under data protection law or how your personal data is handled, we encourage you to contact us directly or seek independent legal counsel.

We may update this policy from time to time to reflect changes in our services, business practices, or legal obligations. The most recent version will always be available on our website.