1. Terms & Conditions

2. Privacy policy

2.1 For end-users

2.2 For website visitors

3. Cookies statement

4. Accessibility statement

Data Privacy Policy

Last updated: 2024-09-25

Version 1.0

This Data Privacy Policy outlines how Princh A/S and its subsidiaries (hereinafter referred to as “Princh,” “we,” “us,” or “our”) collect, process, disclose, and safeguard personal data in connection with the services provided. Whether you are utilizing our products, browsing our website, or conducting transactions with us, we are committed to protecting your privacy and ensuring your data is handled with the utmost care and in full compliance with applicable legal requirements.

1. Contact information

If you have any questions regarding this Privacy Policy or how we process your data, please contact us at:

For UK Users:

Pursuant to Article 27 of the UK GDPR, Princh has appointed a UK Data Representative:

  • Representative: GDPR Rep
  • Address: 3rd Floor, 86-90 Paul Street, London EC2A 4NE
  • Email: info@gdprep.org

For Swiss Users:

In accordance with Articles 14 and 15 of the Swiss nFADP, Princh has appointed a Swiss Data Representative:

  • Representative: GDPR Rep
  • Address: Andreaspark, Hagenholzstrasse 56, 7th Floor, Zurich 8050
  • Email: info@gdprep.org

2. Data Collection Practices and Methods

2.1. We collect personal data through various channels, including:

  • 2.1.1. Princh Services: When engaging with Princh’s services, such as printing, scanning, or copying across platforms (web, mobile, or public computers), we collect document-related data and payment details.
  • 2.1.2. Website Visitors: We gather information regarding your browsing activity (e.g., pages visited, cookies) and voluntary submissions (e.g., contact forms, newsletter sign-ups).

2.2. All payment data is securely processed by third-party payment providers, and documents uploaded for printing are stored for a limited period (24 hours) to fulfill the requested service.

2.3. In the course of operating our services, Princh collects ingress logs for all traffic to our systems. These logs include source IP addresses and are collected directly from our load balancer. The purpose of collecting these logs is to facilitate IP-based traffic filtering for Distributed Denial of Service (DDOS) protection and to enable enhanced analysis in the event of network-related errors.
Ingress logs are securely stored in our logging system for a period of 90 days, after which they are automatically deleted in accordance with our data retention policies. This data is processed solely for network security and diagnostic purposes, and access is restricted to authorized personnel.

3. Categories of Personal Data Processed

The personal data we collect is dependent on your usage of our services and includes the following categories:

  • Contact Information: Name, email address, company, job title, country, and language (collected through voluntary forms or interactions).
  • Payment Information: Payment card details (limited to the last 4 digits and transaction date) stored for compliance with accounting regulations.
  • Document: Files uploaded for printing, scanning, or copying are encrypted, and stored for 24 hours before automatic deletion.
  • Browsing Data: IP addresses, browser types, device details, and usage patterns collected through cookies and other web tracking technologies.

4. Legal Grounds for Data Processing Activities

We process your personal data on the following legal grounds:

  • Legitimate Interest: Processing is necessary to improve our services, provide customer support, and ensure data security.
  • Performance of a Contract: Personal data is processed to fulfill the terms of service you engage in, including print and payment services.

5. Purposes for Personal Data Usage

Princh utilizes personal data for the following purposes:

  • Provision of printing, scanning, and copying services.
  • Secure processing of payments.
  • Service improvements and product development.
  • Compliance with legal obligations, such as financial record-keeping.
  • Personalizing the website and product recommendations based on your behaviour and preferences.

6. Data Disclosure to Third-Party Service Providers

We do not sell or trade your personal data. However, based on how you use our services, to facilitate our operations, we may disclose data to third-party service providers, including:

  • Infrastructure Providers: AWS and MongoDB Atlas, who manage our cloud infrastructure and databases.
  • Supporting Services: Lunaweb GMBH (file conversion services), 84Codes CloudAMQP (message brokering services).
  • Payment Processors: Adyen, Bambora AB, and Quickpay, who process payment transactions securely.
  • Website Services: Unoeuro (web hosting), HubSpot (CRM and marketing), Plausible (privacy-focused analytics), and Cookietbot (cookie consent management).

All third-party providers are contractually obligated to protect your data and comply with applicable privacy regulations, including GDPR, UK GDPR, and nFADP.

7. Measures for Ensuring Data Security and Integrity

We implement industry-standard security measures to protect your personal information. All data transmissions are encrypted at rest, and we ensure that documents uploaded for printing are encrypted.

8. Data Retention and Disposal Policy

  • Document Content: Files uploaded are stored for 24 hours, after which they are automatically deleted.
  • Payment Information: Stored for five years + current year to comply with Danish law.
  • Contact Information: Retained as long as necessary to provide services and fulfill legal obligations.

9. Data Subject Rights and Procedures for Exercising Them

You are entitled to:

  1. Access: Request a copy of the personal data we hold about you.
  2. Rectification: Correct any inaccurate information.
  3. Erasure: Under certain conditions, request the deletion of your data.
  4. Restriction of Processing: Request limitations on data processing in specific circumstances.
  5. Data Portability: Receive your personal data in a structured format for transfer to another controller.

To exercise any of these rights, please contact us at privacy@princh.com. We may require verification of your identity for security purposes.

10. Protection of Children’s Personal Data

We do not knowingly collect personal data from children under 13. If you believe a minor has used our services and provided personal information, please contact us immediately, and we will take appropriate steps to remove the data.

11. Conflict of Policies

11.1. In the event of any inconsistency or conflict between this Data Privacy Policy and i) the Princh Website Privacy Policy, or ii) the Princh User Privacy Policy, the provisions of this Data Privacy Policy shall prevail and take precedence. Both the Princh Website Privacy Policy and the Princh User Privacy Policy are considered complementary to this policy and do not exclude its applicability.

11.2. In the case of any conflict between this Data Privacy Policy and the Princh End-User Terms and Conditions, the Terms and Conditions shall govern and supersede this policy to the extent of such conflict.

12. Governing Law

12.1. This Data Privacy Policy shall be governed by and construed in all respects in accordance with the Laws of Denmark, and submitted to the jurisdiction of the Court in Aarhus, Denmark.