Privacy policy
CESTEK A/S processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Danish Data Protection Act.
On this page, you can read how we process personal data in relation to:
- customers and customer representatives
- business partners and suppliers
- potential customers (B2B leads)
- recruitment
- use of our website
Who is the data controller?
CESTEK A/S is the data controller for the processing of your personal data.
CESTEK A/S
VAT no.: DK32830439
Bogensevej 9
DK - 4200 Slagelse
📧 info@cestek.dk
📞 +45 30 49 90 50
Which personal data do we process?
We primarily process ordinary personal data, including:
- Name, job title and company
- Email address and phone number
- Information related to quotations, orders and projects
- Communication via email, phone and contact forms
- Information provided in connection with recruitment (CV and application)
- Technical information from use of our website (e.g., IP address and cookies)
As a general rule, CESTEK does not process sensitive personal data.
What do we use the information for?
We process personal data for the following purposes:
Customers and business partners
- handling quotations, orders and projects
- project management, documentation and quality assurance
- invoicing and administration
Marketing (B2B)
- contacting potential customers
- newsletters and business-related communication
- CRM and sales follow-up
Recruitment
- processing applications and dialogue in connection with vacant positions
Website
- operation, security and improving the user experience
Legal basis for processing
We process your personal data on the following basis:
- Performance of a contract (GDPR Art. 6(1)(b))
- Legal obligation, e.g., bookkeeping legislation (Art. 6(1)(c))
- Legitimate interest, e.g., business development and B2B marketing (Art. 6(1)(f))
- Consent, where required (e.g., cookies)
Data processors and systems
CESTEK uses external IT systems and suppliers that process personal data on our behalf. We have entered into data processing agreements where relevant.
Examples of systems:
- Microsoft 365 (email, documents and collaboration)
- HubSpot (CRM and marketing)
- WordPress (website and contact forms)
- Minuba (project and case management)
As a general rule, information is processed within the EU/EEA or in accordance with the GDPR rules on third countries.
Disclosure of personal data
We only disclose personal data when necessary, e.g., to:
- business partners in connection with projects
- auditor, bank or public authorities
- IT suppliers as part of operations and support
We never sell personal data to third parties.
How long do we retain your information?
We retain personal data for as long as necessary:
- customer relationship: up to 5–10 years in accordance with applicable legislation
- marketing data: until you object or unsubscribe
- recruitment data: as a general rule deleted no later than 6 months after the recruitment process has been completed
Your rights
Under the GDPR, you have the right to:
- access to your personal data
- rectification of incorrect information
- erasure in certain cases
- restriction of or objection to processing
- data portability, where relevant
Enquiries may be sent to info@cestek.dk.
You can also lodge a complaint with the Danish Data Protection Agency:
👉 www.datatilsynet.dk
Changes to the privacy policy
We continuously update this privacy policy if there are changes to our processing of personal data.
Last updated: 2026-03-30
