Accel Comply logo

Get Audit‑Ready in Days, Not Months

Privacy and Cookies Notice

Accel Comply ("we" or "us") is committed to protecting your privacy. We comply with the EU General Data Protection Regulation (GDPR) and Danish data protection laws. This Privacy and Cookies Notice explains how we collect, use, and share your personal data when you use our website or services. Our services are aimed at businesses and individuals in the EU/EEA and are not directed to children, and we do not knowingly collect personal data from anyone under 16 years of age.

Personal data we collect

We only collect personal data that is necessary for the purposes described in this Notice. The types of information we may collect include:Information you provide to us: If you contact us via a form or email or subscribe to our newsletter, we collect the personal details you provide. This typically includes your name, business contact information (such as email address and phone number), and the content of your inquiry or message. (For example, in the future if our site includes a contact form or newsletter signup, the information you enter – like your name, email, company name, and message – will be collected and used to respond to you or send the newsletter.)Website usage data (Analytics): When you visit our website, we use cookies and similar tracking technologies to automatically collect certain data about your device and browsing actions. This may include your IP address, browser type, pages viewed, how long you spend on pages, and referring site. We use Google Analytics (deployed via Google Tag Manager) to gather this usage information, which helps us understand website traffic and improve our content. We do not collect analytics data unless you have given consent through our cookie banner (see "Cookies and Tracking" below).Third-party tool data: If you use interactive features on our site provided by third parties, we will collect the information you submit through those tools. For example, if we integrate a scheduling tool (such as Calendly) for booking meetings, any information you enter to schedule a meeting (like your name, email, and meeting details) will be collected and shared with us via that service. We will use any such information only for the purpose for which you provided it (e.g. arranging the meeting or responding to your request).HubSpot (HubSpot, Inc.): We use HubSpot to collect and store personal data when you voluntarily submit information via forms or sign up for our newsletter, and to track how you interact with our website (if you consent to cookies). This may include your name, business contact information (email address, phone number), company name, your message or enquiry, as well as website usage data (page views, session data, device/browser information). We only collect this data if you consent via our cookie consent banner (see “Cookies and Tracking”). HubSpot acts as a data processor on our behalf, and we remain the data controller.We do not collect any sensitive personal data (such as national identification numbers, health information, or credit card details) via our website. We also do not sell or rent any personal data to third parties. All personal data is collected for specified purposes and processed lawfully in accordance with GDPR.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to ensure the site functions properly and to analyze how users interact with it. A cookie is a small text file placed on your device that helps remember your preferences and activity. When you first visit our site, you will be presented with a cookie consent banner that allows you to accept or decline non-essential cookies (such as analytics cookies).Necessary cookies: These cookies are required for the website to operate (for example, to load core features or remember your cookie preferences). They do not collect personal data and are set based on our legitimate interest in providing a functional website. We do not require consent for necessary cookies.Analytics cookies: We use Google Analytics to collect statistical information about how visitors use our site (e.g. which pages are most visited, what country visitors are in). We also use HubSpot tracking and cookies for CRM, marketing automation and lead-capture functions, subject to your consent. This helps us improve our services and user experience. Google Analytics uses first-party cookies to gather this data. These analytics cookies will only be set if you give consent via the cookie banner. Google Analytics may collect identifiers like your IP address and device information; however, we have configured it in compliance with GDPR (for instance, by honoring consent and [optionally] enabling IP anonymization if applicable). You can always choose not to allow analytics cookies.Google Tag Manager: We manage our cookies and analytics through Google Tag Manager. Google Tag Manager itself does not set cookies or collect personal data on its own. It acts as a container to load other tools (like Google Analytics) only after you have given consent. This means if you decline analytics cookies, Google Tag Manager will prevent the Google Analytics script from running. In this way, we respect your cookie choices.Cookie consent and preferences: Our cookie banner lets you accept or reject different categories of cookies. If you choose "Accept All", you consent to all cookies we use; if you choose to decline or customize, we will only set cookies according to your preferences. You can change your cookie settings at any time. To do so, either click the "Cookie Settings" link or icon on our website (if available) to reopen the consent banner, or adjust your browser settings to delete or block cookies. For more information about cookies and how to manage them, you can also visit AllAboutCookies.org. Please note that if you disable cookies, some features of our site (such as embedded content or video players) may not function properly.We use HubSpot cookies and tracking scripts for marketing automation, lead capture, CRM and newsletter subscription, if and only if you have accepted all cookies via the cookie consent banner.

How we use personal data (purposes and legal basis)

We use the personal data we collect only for clear and legitimate purposes. Under the GDPR, we must also have a legal basis for each use of personal data. This section describes what we do with your data and the legal justification for the processing:Providing information and responding to inquiries: If you contact us (for example, by email or through a contact form), we will use your contact details and message to respond to your request or questions. Legal basis: Legitimate interests – it is in both your and our interest to communicate and address your inquiries; alternatively, it may be necessary for pre-contractual steps at your request (if you inquire about our services with the intention of possibly engaging us).Newsletter and marketing communications: If you subscribe to our newsletter or ask to receive updates, we will use your name and email to send you the requested communications (such as regulatory updates, compliance tips, or news about our services). Legal basis: Consent – we will only send you marketing emails if you have opted-in. You can withdraw your consent at any time by clicking the "unsubscribe" link in our emails or contacting us, and we will stop sending you further newsletters.Website analytics and improvement: We analyze aggregated information about how visitors use our website (via Google Analytics and similar tools) to understand what content is most useful and to improve the website's design and functionality. Legal basis: Consent – we only process analytics data if you have consented to analytics cookies (per ePrivacy rules and GDPR Art. 6(1)(a)). In cases where minimal technical data (like server logs or a necessary cookie) is processed to ensure the site works and is secure, we rely on legitimate interests in maintaining our website (GDPR Art. 6(1)(f)). We ensure any analytics we perform respects your privacy (for example, we look at trends and do not attempt to identify individual visitors).Scheduling meetings or providing services you requested: If you choose to book a meeting or consultation with us through an integrated scheduling tool (e.g. Calendly) or you fill out a form to sign up for an event or service, we will use the information provided to fulfill your request. For example, if you schedule a call, we will use your provided contact details to confirm the appointment and send you reminders. Legal basis: Consent (by voluntarily providing the data and scheduling a meeting, you consent to us using that data for this purpose) and/or performance of a contract or steps pre-contract (GDPR Art. 6(1)(b)) – since scheduling may be the first step in providing our services, processing your data is necessary to take those steps at your request.Site operation and security: We may process some data to operate, troubleshoot, and secure our website. This includes using logs of site activity to detect and prevent fraudulent or malicious activity, keeping backups, and debugging errors. Legal basis: Legitimate interests – we have a legitimate interest in ensuring the security and integrity of our website and services. In some cases, processing may also be necessary to comply with a legal obligation (GDPR Art. 6(1)(c)), for example if we are required by law to retain certain information for law enforcement or regulatory reasons.CRM, lead capture, and marketing communications: If you submit a contact or newsletter sign-up form on our site (via our native contact form or HubSpot), we process your data (name, email, company, any message or business-related info) in order to manage leads, send requested information, or deliver newsletters and marketing updates if you have opted-in. Legal basis: Consent (for marketing/newsletter) and Legitimate interest or pre-contractual for responses or business-inquiry follow-up.We will not use your personal data for purposes that are incompatible with those described above. If we need to process your data for a new purpose, we will update this Notice and, if required, seek your consent or inform you of the new legal basis. We do not use any automated decision-making or profiling that has legal or similarly significant effects on individuals.

Data retention (how long we keep your data)

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, and in accordance with applicable laws. This means:Contact and inquiry data: If you contact us with a question or request, we will retain your personal data for as long as needed to respond and follow up. Typically, we may keep correspondence (emails or form submissions) for up to 12 months after our last interaction, in case further follow-up is needed or to keep records of our communications. After that, we delete or anonymize the data, unless we need to retain it for a longer period for legal reasons (such as ongoing contractual discussions or resolving any disputes).Newsletter subscription data: If you have subscribed to our newsletter or marketing emails, we will keep your contact information on our mailing list until you unsubscribe or ask us to delete it. If you unsubscribe, we will promptly remove you from the active mailing list and will not send further newsletters. (We may however retain proof of your consent and opt-out for a brief period as a record of compliance, and/or keep your email on a suppression list to ensure we honor your opt-out). We regularly review our mailing list and remove contacts that are inactive or where consent is no longer valid.Analytics data: Data collected through Google Analytics and similar tools is retained in accordance with Google's data retention settings that we control. Currently, we have set Google Analytics to retain user-level and event data for 14 months before it is automatically deleted, which is a common retention period to allow year-over-year website performance comparisons. Analytics data may also be stored in aggregate (non-identifiable) form for longer periods for statistical analysis. Any aggregated data will not identify you personally.Calendly/scheduling data: If you schedule a meeting via an online calendar tool on our site, we will retain the meeting details (e.g. your name, email, the meeting date/time) as long as needed to manage that meeting and any related follow-ups. Typically, after the meeting has occurred, we may keep a record of the appointment and any outcomes for our records (for example, notes on what was discussed, or to remember not to re-contact you if requested). If you become a client, scheduling data may be stored with your client records. If not, we will delete or anonymize personal scheduling data periodically (e.g. we might purge past meeting invitee details every 6-12 months). Calendly, as a processor, may also automatically delete your data from their systems after a certain time per their policies.Legal obligations and disputes: In some cases, we may need to retain certain personal data for longer to comply with laws or regulations. For example, if a transaction occurs, accounting or tax laws may require us to keep certain records for a number of years. Additionally, if we are handling a legal dispute or you exercise certain rights, we might need to keep relevant information until the issue is resolved. In all such cases, we will either securely delete or fully anonymize the data once it is no longer needed.When we no longer need personal data, we will ensure it is securely deleted or anonymized (so it can no longer be linked to you). We also continuously review the data we hold and erase or anonymize data that is no longer required.

Third-party services and international data transfers

As part of operating our website and services, we use certain trusted third-party service providers. We only share personal data with these third parties when necessary, and always under appropriate safeguards and contracts. Below are the key third-party tools we use and what that means for your data:Google Analytics and Google Tag Manager (Google LLC): These tools are provided by Google, a company based in the United States. When you consent to analytics cookies, Google Analytics will process some of your personal data (online identifiers and website usage data) on our behalf for analytics purposes. Google may process this data on servers outside the EU (including in the U.S.). We have configured Google Analytics to respect EU privacy standards (including honoring the consent you give or withhold). All data Google processes for us is subject to Google's strict privacy and security controls. We have a Data Processing Agreement with Google to ensure GDPR compliance. Google LLC is certified under the EU-U.S. Data Privacy Framework, which means it commits to protect personal data transferred from the EU to the U.S. in line with EU standards. Additionally, we rely on European Commission Standard Contractual Clauses (SCCs) with Google as needed, providing lawful grounds for international data transfers. In summary, Google may only use the analytics data for our purposes and not for its own; it cannot identify you from the analytics data we collect on our site, and it must safeguard the data per our agreement. (For more details, you can read Google's Privacy Policy and their information on how Google Analytics safeguards data.)Google Fonts: We use Google Fonts on our website to ensure a uniform and professional appearance across different devices. Google Fonts is a service by Google that provides web font files. When you load a page on our site, your browser may download font files from Google's servers (usually located in the U.S. or EU), which means Google will see your device's IP address and certain technical information (like the font request). We do not collect any personal data through Google Fonts, but Google may receive this minimal data as a result of your browser's request. We consider the use of Google Fonts necessary for delivering our website in an aesthetically consistent way, and we rely on legitimate interest as the legal basis for this specific data transfer (GDPR Art. 6(1)(f)). The data involved (an IP address for loading a font) is not used by us for any other purpose. Google is also obliged to handle such data according to their API Terms and Privacy Policy. If you prefer not to have your browser contact Google's font service, you can configure your browser to block web fonts (though doing so might cause the site text to display in a default font).Calendly (Calendly, LLC): We may use Calendly to enable easy scheduling of meetings or calls. Calendly is a third-party scheduling platform based in the United States. If you choose to book a meeting through a Calendly link or embedded calendar on our site, the personal data you provide (such as your name, email, and any meeting details or notes) will be collected by Calendly on our behalf. Calendly will process this information to arrange the appointment and send notifications. Calendly might store your data on servers outside the EU (e.g., in the U.S.). Data transfers: Calendly, LLC is a U.S. company, so any personal data entered into the scheduling form may be transferred to the U.S. We have ensured that appropriate safeguards are in place for such transfers – Calendly's terms include Standard Contractual Clauses for EU data exports, and they have committed to GDPR compliance and protecting user data. In practice, this means your scheduling data is protected by contractual obligations that require Calendly to keep it secure and use it only for providing the service to us. Calendly acts as a "data processor" for us, meaning they only process your data under our instructions. We advise you to avoid entering any sensitive information when scheduling. We will only use the data collected via Calendly for managing the appointment with you.HubSpot, Inc.: We have a Data Processing Agreement with HubSpot. Some of the data processed via HubSpot may be transferred to servers outside the EU/EEA (e.g. United States). Where transfers occur, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs).Other disclosures: We do not share your personal data with any other third parties except in these situations: (1) Service providers who assist us (for example, IT hosting, email service, analytics providers as above). All such providers are bound by contracts that require them to protect your data and use it only for our purposes. (2) Legal or regulatory compliance: if we are required by law to disclose data (for instance, to comply with a court order or a request from law enforcement or regulatory authorities), we may do so after verifying the request and only providing the minimum necessary information. (3) Business transfers: in the unlikely event that our company is involved in a merger, acquisition, or sale of assets, personal data might be transferred to the new owner or partner, but we would ensure continued protection of your data and inform you of any changes.International data transfers: Whenever we transfer or allow access to your personal data outside of the European Union/EEA, we will ensure that adequate safeguards are in place as required by GDPR Chapter V. This means:We primarily store and process data within the EU/EEA whenever possible. However, some of our third-party tools (like the Google and Calendly services described) are based in countries like the United States.For transfers to countries without an EU Commission adequacy decision (such as the U.S. at present), we rely on mechanisms like the European Commission's Standard Contractual Clauses (SCCs), which are legal contracts that oblige the recipient to protect your data to EU standards. All our major vendors (Google, Calendly, etc.) have SCCs in place for EU data.In addition, some providers may rely on additional frameworks. For example, Google LLC is certified under the EU-U.S. Data Privacy Framework, which means it is recognized as providing adequate protection for personal data transferred to the U.S. under that program. This certification, along with contractual clauses, ensures that your data transferred to Google in the U.S. is safeguarded.We also consider other supplementary measures as needed (such as encryption in transit and at rest, and careful review of vendor security practices) to protect your data when it travels overseas.You can contact us if you have questions about our data transfer safeguards or if you would like to obtain a copy of the relevant contractual protections (we can provide excerpts of SCCs if required). Our goal is to ensure your personal information remains secure and protected, no matter where in the world it is processed.

Your rights as a Data Subject

Under the GDPR, you have several important rights regarding your personal data. Accel Comply respects your rights and has processes to help you exercise them. You have the right to:Access your data: You can request confirmation of whether we are processing your personal data, and if so, ask for a copy of the personal data we hold about you. This is commonly known as a Subject Access Request. We will provide you with a copy of your data, along with information about how it's used, in a concise and transparent manner (subject to some exceptions under the law).Rectification: If any of your personal data that we have is incorrect or incomplete, you have the right to have it corrected. For example, if you change your email address or notice we have a misspelled name on file, you can ask us to update it. We strive to keep your data accurate and will rectify any errors promptly.Erasure: You have the right to request deletion of your personal data in certain circumstances – for instance, if the data is no longer necessary for the purposes it was collected, or if you withdraw your consent and we have no other legal basis to keep processing it. This is sometimes called the "right to be forgotten." We will honor valid erasure requests and will also take steps to inform any third parties processing your data on our behalf to delete it as well. Note that in some cases we may not be able to completely delete data due to legal obligations or other overriding reasons (for example, we might need to retain some information to comply with a law or in case of legal claims), but we will inform you if that is the case.Object to processing: You have the right to object to our processing of your personal data when we are doing so on the basis of legitimate interests. If you object, we will review whether our reasons for processing outweigh your privacy rights. If they do not, or if you object to direct marketing, we will cease the processing in question. For example, you can object at any time to our use of your personal data for direct marketing purposes, and if you do, we will stop using your data for that purpose immediately (and you will no longer receive our marketing communications). There is also a right to object to processing for research or statistical purposes in certain cases.Restriction of processing: In certain situations, you can ask us to restrict (temporarily halt) the processing of your personal data. For instance, you might request restriction if you contest the accuracy of the data (while we verify it) or if you want to preserve data for a legal claim but do not want us to otherwise use it. When processing is restricted, we will store your data securely and not use it until the restriction is lifted (except to the extent allowed by you or required for legal reasons).Data portability: For personal data that you provided to us and which we process by automated means on the basis of consent or contract, you have the right to request a copy in a structured, commonly used, machine-readable format (for example, a CSV file). You also have the right to request that we transmit that data to another controller (e.g., to another service provider) where technically feasible. This right mainly applies to data you gave us for services, such as contact information or account data (note: currently we do not operate user accounts or similar on our site, but if you provided such data you can request portability).Withdraw consent: Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time. For example, you can withdraw your consent to marketing emails by unsubscribing, or withdraw consent to analytics cookies by changing your cookie settings. Withdrawal of consent will not affect the lawfulness of any processing that occurred before you withdrew, but it means we will stop the specific activities that were based on consent. There is no penalty or detriment to you for withdrawing consent.Lodge a complaint: If you believe your data protection rights have been violated or that we have not handled your personal information lawfully, you have the right to file a complaint with a supervisory authority (data protection regulator). Accel Comply is a Danish company, so our lead supervisory authority is the Danish Data Protection Agency (Datatilsynet). You can contact Datatilsynet at Carl Jacobsens Vej 35, 2500 Valby, Denmark, phone +45 33 19 32 00, email [email protected]. Alternatively, you may contact the data protection authority in your country of residence. We encourage you to raise any concerns with us first, and we will do our best to address them. However, you always have the right to approach the authorities directly.How to exercise your rights: You can exercise any of your rights by contacting us via email at [email protected]. For security and privacy, we may need to verify your identity before fulfilling certain requests (for example, we might ask for confirmation or additional information to ensure we are modifying or releasing data to the correct person). We will respond to requests as soon as possible, and in any case within the timeframes required by law (generally within 1 month, extendable by another 2 months for complex requests). Exercising your rights is free of charge. If your request is manifestly unfounded or excessive (for example, repetitive requests), we may charge a reasonable fee or refuse to act, but we will explain our reasoning in such cases.We are committed to upholding your rights. If you have any questions about your rights or how to exercise them, please do not hesitate to contact us.

How we protect your data

We understand the importance of data security. Accel Comply has implemented appropriate technical and organizational measures to safeguard personal data against unauthorized access, disclosure, alteration, or destruction. These measures include access controls to limit who in our organization can see your information, the use of encryption and secure protocols for data transfer on our site (you'll notice our website is served over HTTPS), and policies to ensure that personal data is handled confidentially. We also require our third-party service providers to adhere to strict data protection standards. For example, any data transmitted to our analytics or scheduling providers is encrypted in transit, and those providers are vetted for their security certifications and commitments.While we strive to protect your personal data, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. However, we continuously review and enhance our security measures to meet or exceed industry best practices. In the unfortunate event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant authorities as required by law.

Contact us (Data controller details)

Accel Comply is the controller responsible for your personal data processed via this website. If you have any questions or requests regarding this Privacy and Cookies Notice or your personal data, please contact us:Email: [email protected]You can email us at any time, for example to ask about the data we have about you, to update your information, or to exercise any of your data rights as explained above. We have appointed a Data Protection Officer (DPO) who oversees our privacy compliance, and you can reach the DPO at the above email address (please mention your request is privacy-related).Our mailing address (for written inquiries or legal notices) can be received by e-mailing us at [email protected] (Note: If you prefer to send a physical letter, please contact us by email to obtain the current mailing address.)We will respond as promptly as possible to all legitimate inquiries. Your questions and feedback about privacy are welcome.

Updates to this Notice

We may update this Privacy and Cookies Notice from time to time to reflect changes in our practices, legal requirements, or the services we offer. When we make changes, we will revise the "last updated" date at the bottom of this Notice. If the changes are significant, we may also provide a more prominent notice (such as a banner on our site or an email notification, where appropriate). We encourage you to review this Notice periodically to stay informed about how we are protecting your personal data.This Privacy and Cookies Notice is publicly accessible on our website (typically via a "Privacy" or "Cookie Policy" link). By continuing to use our website after any updates take effect, you acknowledge the revised Notice. However, if we seek to use your personal data for a new purpose that requires consent, we will obtain your consent as required.If you have any questions or concerns about changes to this Notice, please contact us using the contact information provided above.

Disclaimer: Accel Comply is not a law firm and does not provide legal advice. All compliance materials are provided as-is to aid your organization’s compliance efforts.