Privacy Policy for The Sol og Strand Foundation by Margit and Kjeld

1. Introduction and Scope

This privacy policy describes how The Sol og Strand Foundation by Margit and Kjeld (“the Foundation”, “we”, “us”, “our”) processes personal data.

The policy applies to you if you create a user profile in the application system, submit an application for support, receive our newsletter, participate in surveys, or otherwise communicate with the Foundation.

The purpose is to give you a clear overview of what information we collect, for what purposes, what legal basis we use, who we may share information with, how long we store it, and what rights you have.

2. Data Controller and Contact Information

Data Controller:

The Sol og Strand Foundation by Margit and Kjeld
CVR no.: 40 47 58 69
Ilsigvej 21
9492 Blokhus
Email: fondsadministrator@fondensologstrand.dk

The Foundation is the data controller for the processing of personal data and ensures that information is processed lawfully, securely, and in accordance with the General Data Protection Regulation (GDPR).

3. Processing of Personal Data in Connection with User Profile Creation

Information We Collect

When you create a user profile in the foundation’s application system to apply for grants, we collect and register the following information:

Business Information:

• Organization/company
• CVR number
• P number
• Department (if relevant)
• Address, postal code, city, and country

Contact Person Information:

• First name and last name
• Title
• Email address
• Phone number

Purpose and Legal Basis

The purpose of the processing is to create and manage user profiles, enable submission of applications, and ensure proper communication between the Foundation and the applicant.

Legal Basis:

• Creation and maintenance of profile is based on your consent (GDPR Article 6(1)(a))
• Administration and operation of the system is based on legitimate interests (GDPR Article 6(1)(f))

Storage

Profiles are automatically deleted after 2 years of inactivity. You can delete your profile manually at any time.

4. Processing of Personal Data in Connection with Applications

When you complete and submit an application for support, the Foundation processes the information you provide in the application form.

Information We Collect

General Information:

• Organization type
• Previous support
• Project title, short description, and attached files
• Detailed project description
• Project timeline and documentation

Finance and Payment:

• Applied amount
• Total budget and self-financing
• Uploaded budget files
• Information about support from other foundations
• Bank information (registration no. and account no.)
• Information about payment via NemKonto

Purpose and Legal Basis

Purpose:

• To process and evaluate the application
• Communicate with the applicant
• Disburse funds
• Document grants
• Fulfill accounting and legal obligations

Legal Basis:

• Article 6(1)(f) – Legitimate interests (processing applications and administration of grants)
• Article 6(1)(c) – Legal obligation (bookkeeping and tax obligations)
• Article 6(1)(b) – Performance of a contract (when granting)

Important: The Foundation does not collect CPR numbers.

5. Consent Declaration

When creating a user profile and submitting an application, you give consent to the following:

Consent can be withdrawn at any time by contacting: fondsadministrator@fondensologstrand.dk

6. Newsletters

When subscribing to our newsletter, your email address and possibly name are registered. Mailings are handled via Agillic.

Purpose: To send news, information, and invitations to events.

Legal Basis: Consent pursuant to GDPR Article 6(1)(a).

Storage: Your email address is stored until you unsubscribe from the newsletter. You can unsubscribe at any time via the link at the bottom of each newsletter email.

7. Surveys and Evaluations

The Foundation distributes surveys via AG Analytics to collect experiences and documentation from grant recipients.

Purpose: To improve the foundation’s activities, document the effect of the support, and fulfill reporting requirements.

Legal Basis: Legitimate interests pursuant to GDPR Article 6(1)(f).

Storage: Survey responses are stored for 5 years after project completion and are then anonymized.

8. Recipients and Data Processors

We only share information with technical suppliers that support our systems. All suppliers act as data processors and only process information on our behalf and according to our instructions.

Our data processors include:

• Amazon Web Services (AWS) – hosting and technical operation
• Agillic A/S – newsletter and communication
• Typeform S.L. – form data and surveys
• AG Analytics – surveys and evaluations
• Cookie Information A/S – handling of cookie banner and consents

All data processors are subject to data processing agreements that ensure they meet the same data protection requirements as us.

Data Transfers to Third Countries

Some of our providers (e.g., Amazon Web Services) may transfer data to the USA or other countries outside the EU/EEA. These transfers are secured through the EU Commission’s Standard Contractual Clauses or certification under the EU-US Data Privacy Framework.

9. Storage and Deletion

We do not store personal data longer than necessary to fulfill the purposes of the processing:

• Applications: Stored for 5 years after project completion to fulfill accounting and legal requirements
• User profiles: Deleted after 2 years of inactivity
• Surveys: Deleted or anonymized after 5 years
• Newsletter: Email addresses deleted upon unsubscription
• Communication: Emails and correspondence stored for up to 5 years

10. Your Rights

According to the General Data Protection Regulation, you have the following rights:

• Right of access: You have the right to obtain information about what information we process about you
• Right to rectification: You have the right to have inaccurate information corrected
• Right to erasure: You have the right under certain conditions to have your information deleted
• Right to restriction: You have the right to have the processing of your information restricted
• Right to data portability: You have the right to receive your information in a structured, commonly used, and machine-readable format
• Right to object: You have the right to object to processing based on legitimate interests
• Right to withdraw consent: You have the right at any time to withdraw a given consent

To exercise your rights, you can contact us at fondsadministrator@fondensologstrand.dk. We will process your request within 30 days.

11. Data Security

The Foundation protects your information through technical and organizational measures:

• Encryption of data during transmission (SSL/TLS)
• Access control and authentication
• Regular security updates
• Data backup and recovery procedures
• Employee training in data protection

12. Complaint to the Danish Data Protection Agency

If you are dissatisfied with our processing of your personal data, you have the right to lodge a complaint with the Danish Data Protection Agency:

Danish Data Protection Agency
Carl Jacobsens Vej 35
2500 Valby
Phone: 33 18 32 00
Email: dt@datatilsynet.dk
Website: www.datatilsynet.dk

13. Data Breach

In case of suspected data breach, the Foundation follows the procedure in GDPR Article 33 and reports the breach to the Danish Data Protection Agency within 72 hours. If the breach entails a high risk to the rights and freedoms of the data subjects, we will also inform the affected persons.

14. Record of Processing Activities

The Foundation maintains a record of processing activities in accordance with GDPR Article 30. The record contains information about purposes, categories of data subjects, recipients, storage periods, and technical/organizational security measures.

15. Updates to the Privacy Policy

This privacy policy is updated continuously to reflect changes in our processing activities or legislation. The latest version will always be available on our website.

Significant changes will be communicated to affected persons where possible and relevant.

Last updated: November 14, 2025