Privacy policy for the Sol og Strand Fund Sol og Strand Margit and Kjeld

1. Introduction and scope of application

This privacy policy describes how the Sol og Strand Foundation Sol og Strand Margit and Kjeld (“the Foundation,” “we,” “us,” “our”) processes personal data.

This policy applies to you if you create a user profile in the application system, submit an application for support, receive our newsletter, participate in surveys, or otherwise communicate with the Foundation.

The purpose is to give you a clear overview of what information we collect, for what purposes, what legal basis we use, who we may share information with, how long we store it, and what rights you have.

2. Data controller and contact details

Data controller:

The Sol og Strand Fund Sol og Strand Margit and Kjeld
CVR no.: 40 47 58 69
Ilsigvej 21
9492 Blokhus
Email: fondsadministrator@fondensologstrand.dk

The Fund is the data controller for the processing of personal data and ensures that information is processed lawfully, securely, and in accordance with the General Data Protection Regulation (GDPR).

3. Processing of personal data in connection with the creation of a user profile

Information we collect

When you create a user profile in the fund's application system in order to apply for a grant, we collect and register the following information:

Company information:

• Organization/company
• CVR number
• P number
• Department (if applicable)
• Address, postal code, city, and country

Contact details:

• First name and last name
• Title
• Email address
• Phone number

Purpose and legal basis

The purpose of the processing is to create and manage user profiles, enable the submission of applications, and ensure proper communication between the Fund and the applicant.

Legal basis:

• The creation and maintenance of your profile is based on your consent (GDPR Art. 6(1)(a)).
• Administration and operation of the system are based on legitimate interests (GDPR Art. 6(1)(f)).

Storage

Profiles are automatically deleted after 2 years of inactivity. You can delete your profile manually at any time.

4. Processing of personal data in connection with applications

When you complete and submit an application for support, the Fund will process the information you provide in the application form.

Information we collect

General information:

• Type of organization
• Previous support
• Project title, brief description, and attached files
• Detailed project description
• Project schedule and documentation

Finances and payment:

• Amount requested
• Total budget and self-financing
• Uploaded budget files
• Information about support from other foundations
• Bank details (registration number and account number)
• Information about payment via NemKonto

Purpose and legal basis

Purpose:

• Processing and evaluating the application
• Communicate with applicant
• Pay out funds
• Documenting grants
• Fulfill accounting and legal obligations

Legal basis:

• Article 6(1)(f) – legitimate interests (processing of applications and administration of grants)
• Article 6(1)(c) – legal obligation (accounting and tax obligations)
• Article 6(1)(b) – implementation of an agreement (by grant)

Important: The fund does not collect social security numbers.

5. Declaration of consent

By creating a user profile and submitting an application, you agree to the following:

Consent can be withdrawn at any time by contacting: fondsadministrator@fondensologstrand.dk

6. Newsletters

When you sign up for our newsletter, your email address and, if applicable, your name will be registered. Mailings are handled via Agillic.

Purpose: To send news, information, and invitations to events.

Legal basis: Consent pursuant to GDPR Art. 6(1)(a).

Storage: Your email address will be stored until you unsubscribe from the newsletter. You can unsubscribe at any time via the link at the bottom of each newsletter.

7. Questionnaires and evaluations

The fund sends out questionnaires via AG Analytics to gather experiences and documentation from grant recipients.

Purpose: To improve the fund's activities, document the impact of the support, and meet reporting requirements.

Legal basis: Legitimate interests pursuant to GDPR Art. 6(1)(f).

Storage: Responses to questionnaires are stored for five years after project completion and are then anonymized.

8. Recipients and data processors

We only share information with technical providers who support our systems. All providers act as data processors and only process information on our behalf and in accordance with our instructions.

Our data processors include:

• Amazon Web Services (AWS) – hosting and technical operations
• Agillic A/S – newsletter and communication
• Typeform S.L. – form data and questionnaires
• AG Analytics – questionnaires and evaluations
• Cookie Information A/S – handling cookie banners and consent

All data processors are subject to data processing agreements that ensure they meet the same data protection requirements as us.

Data transfers to third countries

Some of our suppliers (e.g., Amazon Web Services) may transfer data to the United States or other countries outside the EU/EEA. These transfers are secured through the EU Commission's standard contractual clauses or certification under the EU-US Data Privacy Framework.

9. Storage and deletion

We do not store personal data longer than necessary to fulfill the purposes of the processing:

• Applications: Retained for 5 years after project completion to meet accounting and legal requirements
• User profiles: Deleted after 2 years of inactivity
• Questionnaires: Deleted or anonymized after 5 years
• Newsletter: Email addresses are deleted upon unsubscribing
• Communication: Emails and correspondence are stored for up to 5 years.

10. Your rights

According to the General Data Protection Regulation, you have the following rights:

• Right of access: You have the right to obtain information about what information we process about you.
• Right to rectification: You have the right to have inaccurate information corrected.
• Right to erasure: Under certain conditions, you have the right to have your information deleted.
• Right to restriction: You have the right to restrict the processing of your information.
• Right to data portability: You have the right to receive your information in a structured, commonly used, and machine-readable format.
• Right to object: You have the right to object to processing based on legitimate interests.
• Right to withdraw consent: You have the right to withdraw any consent you have given at any time.

To exercise your rights, please contact us at fondsadministrator@fondensologstrand.dk. We will process your request within 30 days.

11. Data security

The Fund protects your information through technical and organizational measures:

• Encryption of data during transmission (SSL/TLS)
• Access control and authentication
• Regular security updates
• Data backup and recovery procedures
• Employee training in data protection

12. Complaint to the Data Protection Authority

If you are dissatisfied with our processing of your personal data, you have the right to lodge a complaint with the Danish Data Protection Agency:

Danish Data Protection Agency
Carl Jacobsens Vej 35
2500 Valby
Phone: 33 18 32 00
Email: dt@datatilsynet.dk
Website: www.datatilsynet.dk

13. Data breaches

If a data breach is suspected, the Fund will follow the procedure set out in Article 33 of the GDPR and report the breach to the Danish Data Protection Agency within 72 hours. If the breach poses a high risk to the rights and freedoms of the data subjects, we will also inform the individuals concerned.

14. Treatment list

The Fund keeps a record of processing activities in accordance with Article 30 of the GDPR. The record contains information about the purpose, categories of data subjects, recipients, storage periods, and technical/organizational security measures.

15. Updates to the Privacy Policy

This privacy policy is updated regularly to reflect changes in our processing activities or legislation. The latest version will always be available on our website.

Significant changes will be communicated to affected individuals where possible and appropriate.

Last updated: November 14, 2025