Back to homepage

    Privacy Policy

    How we collect, use and protect your personal data – in plain language.

    1. Data Controller

    The data controller for your personal data is:

    Rumkraft ApS

    CVR: DK36903686

    Læssøesgade 14C, 2200 København N

    E-mail: makemusic@rumkraft.dk

    Phone: +45 29 60 62 51

    2. What Data We Collect

    We collect and process the following categories of personal data:

    • Contact information: Name, email address, phone number (when you sign up for courses, newsletter, open house or contact us).
    • Payment information: Transaction data processed via Stripe. We do not store credit card numbers.
    • Usage data: Anonymous analytics data (page views, device type) via PostHog, only with your consent.
    • Communication data: Messages via Facebook Messenger and Instagram DMs when you contact us through these platforms.
    • Security data: IP addresses logged temporarily for spam prevention and security (legitimate interest).

    3. Legal Basis for Processing

    • Contract (GDPR art. 6(1)(b)): Processing necessary to fulfill course enrollments and orders.
    • Consent (GDPR art. 6(1)(a)): Newsletter subscriptions, analytics cookies, and marketing communications.
    • Legitimate interest (GDPR art. 6(1)(f)): Security logging, spam prevention, and improving our services.

    4. Data Processors & Third Parties

    We use the following data processors to deliver our services:

    • Stripe – Payment processing (USA, EU Standard Contractual Clauses)
    • Supabase – Database and authentication (EU region)
    • PostHog – Analytics, EU-hosted (only with consent)
    • Mautic – Email marketing automation (self-hosted)
    • Meta (Facebook/Instagram) – Social media messaging
    • Bookeo – Course booking system

    5. Data Retention

    • Course enrollment data: Retained for the duration of the course + 5 years (Danish bookkeeping law).
    • Newsletter subscribers: Until you unsubscribe.
    • Open house registrations: 12 months after the event.
    • Security logs (IP addresses): Maximum 30 days.
    • Contact form messages: 24 months.

    6. Cookies

    We use cookies on our website. You can manage your cookie preferences at any time via the cookie settings in the footer.

    • Necessary cookies: Authentication, session management. Always active.
    • Analytics cookies: PostHog for anonymous usage statistics. Requires consent.
    • Marketing cookies: Meta Pixel for ad performance measurement. Requires consent.

    7. Your Rights

    Under GDPR and Danish data protection law (Databeskyttelsesloven), you have the following rights:

    • Right of access – You can request a copy of the data we hold about you.
    • Right to rectification – You can request correction of inaccurate data.
    • Right to erasure – You can request deletion of your personal data.
    • Right to data portability – You can request your data in a machine-readable format.
    • Right to withdraw consent – At any time, without affecting previous processing.
    • Right to lodge a complaint – You can complain to the Danish Data Protection Agency (Datatilsynet).

    8. Request Data Deletion

    You can request deletion of all your personal data by contacting us. We will process your request within 30 days as required by GDPR. Please note that we may need to retain certain data for legal obligations (e.g. bookkeeping).

    Request Data DeletionOnline Deletion Form

    9. Supervisory Authority

    If you are dissatisfied with how we handle your personal data, you can lodge a complaint with:

    Datatilsynet

    Carl Jacobsens Vej 35

    2500 Valby

    www.datatilsynet.dk

    E-mail: dt@datatilsynet.dk

    Contact Us

    Questions about your data or this privacy policy?

    makemusic@rumkraft.dk+45 29 60 62 51

    Last updated: March 2026

    We use cookies. Learn more ·