Privacy policy

CESTEK A/S processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Danish Data Protection Act.

On this page, you can read how we process personal data in relation to:

  • customers and customer representatives
  • business partners and suppliers
  • potential customers (B2B leads)
  • recruitment
  • use of our website

Who is the data controller?

CESTEK A/S is the data controller for the processing of your personal data.

CESTEK A/S
VAT no.: DK32830439
Bogensevej 9
DK - 4200 Slagelse

📧 info@cestek.dk
📞 +45 30 49 90 50


Which personal data do we process?

We primarily process ordinary personal data, including:

  • Name, job title and company
  • Email address and phone number
  • Information related to quotations, orders and projects
  • Communication via email, phone and contact forms
  • Information provided in connection with recruitment (CV and application)
  • Technical information from use of our website (e.g., IP address and cookies)

As a general rule, CESTEK does not process sensitive personal data.


What do we use the information for?

We process personal data for the following purposes:

Customers and business partners

  • handling quotations, orders and projects
  • project management, documentation and quality assurance
  • invoicing and administration

Marketing (B2B)

  • contacting potential customers
  • newsletters and business-related communication
  • CRM and sales follow-up

Recruitment

  • processing applications and dialogue in connection with vacant positions

Website

  • operation, security and improving the user experience

Legal basis for processing

We process your personal data on the following basis:

  • Performance of a contract (GDPR Art. 6(1)(b))
  • Legal obligation, e.g., bookkeeping legislation (Art. 6(1)(c))
  • Legitimate interest, e.g., business development and B2B marketing (Art. 6(1)(f))
  • Consent, where required (e.g., cookies)

Data processors and systems

CESTEK uses external IT systems and suppliers that process personal data on our behalf. We have entered into data processing agreements where relevant.

Examples of systems:

  • Microsoft 365 (email, documents and collaboration)
  • HubSpot (CRM and marketing)
  • WordPress (website and contact forms)
  • Minuba (project and case management)

As a general rule, information is processed within the EU/EEA or in accordance with the GDPR rules on third countries.


Disclosure of personal data

We only disclose personal data when necessary, e.g., to:

  • business partners in connection with projects
  • auditor, bank or public authorities
  • IT suppliers as part of operations and support

We never sell personal data to third parties.


How long do we retain your information?

We retain personal data for as long as necessary:

  • customer relationship: up to 5–10 years in accordance with applicable legislation
  • marketing data: until you object or unsubscribe
  • recruitment data: as a general rule deleted no later than 6 months after the recruitment process has been completed

Your rights

Under the GDPR, you have the right to:

  • access to your personal data
  • rectification of incorrect information
  • erasure in certain cases
  • restriction of or objection to processing
  • data portability, where relevant

Enquiries may be sent to info@cestek.dk.

You can also lodge a complaint with the Danish Data Protection Agency:
👉 www.datatilsynet.dk


Changes to the privacy policy

We continuously update this privacy policy if there are changes to our processing of personal data.

 

Last updated: 2026-03-30