Privacy Policy

1. Data Controller

We are responsible for the processing of your personal data.

• Company Name: Mario HQ
• CVR Number: 40281339
• Address: Rådhusstræde 15, 1466 København K, Denmark
• Contact Email: mario@marioscian.com

2. The Data We Collect

We collect and process the following information about you:

2.1. Information You Provide Us

• Identity Data: First name, last name, and company details (if applicable).
• Contact Data: Email address, billing address, and country.
• Transaction Data: Details about payments to and from you and other details of products you have purchased.

Note: We do not store your full credit card information. Payment transactions are handled by secure third-party payment processors (e.g., Stripe).

2.2. Information Collected Automatically

• Technical Data: Internet protocol (IP) address, browser type and version, time zone setting and location, and operating system.
• Usage Data: Information about how you use our website and course platform (e.g., progress in the course).

Some of this data is collected through cookies and similar technologies. Please refer to Section 7 (Cookies) for more details on what cookies we use and how.

3. Purpose and Legal Basis

We process your data for the following purposes:

3.1. To Deliver the Service (Contractual Necessity)

• To create your account and grant access to the course.
• To process your payment and deliver invoices.
• To provide customer support and answer your questions.

3.2. To Comply with Legal Obligations (Legal Obligation)

• Bookkeeping: Under the Danish Bookkeeping Act (Bogføringsloven), we are required to store accounting records (including your invoices and transaction data) for 5 years from the end of the financial year.
• Tax/VAT: To calculate and report VAT correctly to Skattestyrelsen.

3.3. Marketing (Consent or Legitimate Interest)

• To send you newsletters, updates, or offers related to our courses. You can unsubscribe from these at any time via the link in the email.

4. Sharing of Your Data

We do not sell your personal data. We only share data with trusted third parties who assist us in operating our business (“Data Processors”), such as:

• Payment Processors (e.g., Stripe) to handle secure payments.
• Hosting Providers to host the course platform and website.
• Email Services to send you course updates and newsletters.

All third parties are contractually obliged to keep your data confidential and only process it according to our instructions.

5. International Data Transfers

Some of our third-party service providers (e.g., Stripe, email services, hosting providers) may process or store your data outside the European Economic Area (EEA). Where this occurs, we ensure your data is protected by appropriate safeguards, including:

• The European Commission's Standard Contractual Clauses (SCCs).
• Transfers to countries that have received an adequacy decision from the European Commission.

If you would like more information about the specific safeguards in place, please contact us at mario@marioscian.com.

6. Data Retention

6.1. Customer Data

We retain your data for as long as you have an active account or course access. If your account is inactive and no legal retention requirement applies, we will delete or anonymize your data within a reasonable period.

6.2. Financial Records

Invoices and transaction data are stored for 5 years plus the current financial year, as strictly required by the Danish Bookkeeping Act (Bogføringsloven). After this period, data is deleted or anonymized.

7. Cookies

7.1. Necessary Cookies

We use strictly necessary cookies to ensure the core functionality of our checkout and course platform (e.g., keeping you logged in, processing payments). These cookies do not require your consent as they are essential for the service to operate.

7.2. Analytics and Non-Essential Cookies

If we use any analytics, performance, or marketing cookies (e.g., to understand how visitors use our site), we will request your explicit consent before placing them, in accordance with Danish cookie regulations (bekendtgørelse om krav til information og samtykke ved lagring af eller adgang til oplysninger i slutbrugeres terminaludstyr). You may withdraw your consent at any time through our cookie settings.

8. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

• Right to Access: You can request a copy of the data we hold about you.
• Right to Rectification: You can ask us to correct incorrect or incomplete information.
• Right to Erasure (“Right to be Forgotten”): You can ask us to delete your data, provided we are not legally required to keep it (e.g., for bookkeeping purposes).
• Right to Restrict Processing: You can request that we limit the processing of your data in certain circumstances (e.g., while a dispute about accuracy is being resolved).
• Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format, and have it transmitted to another controller where technically feasible.
• Right to Object: You can object to the processing of your data for direct marketing at any time. You may also object to processing based on legitimate interest, in which case we will assess whether our grounds override your rights.

To exercise any of these rights, please contact us at mario@marioscian.com. We will respond to your request within 30 days.

9. Complaints

If you are unhappy with how we handle your data, please contact us first at mario@marioscian.com so we can try to resolve the issue.

You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet):

• Website: datatilsynet.dk
• Email: dt@datatilsynet.dk

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will notify you via email or through a notice on our website. The “Last Updated” date at the top of this policy indicates when it was last revised.