Privacy Policy

Effective Date: June 7, 2025

This Privacy Policy explains how Opskr.dk ("we", "us", "our") collects, uses, and protects the personal information of its users ("you", "your"). We are committed to processing your data responsibly and in accordance with the General Data Protection Regulation (GDPR).

1. Who We Are

Opskr.dk is operated by private individual Eli Jakobsen and hosted by Hetzner Online GmbH in Germany. For privacy-related inquiries, please contact: privacy@opskr.dk.

2. What We Collect

• Account Information: Name, email address, and password. Passwords are stored in a hashed and salted format using industry-standard algorithms.
• Subscription Metadata: Subscription status, plan name, renewal date, cancellation status, and whether auto-renewal is active. Payment processing, billing, invoicing, and tax compliance are delegated to Paddle.
• Technical Data: Browser user-agent, IP address, server logs, and similar technical information needed for security, troubleshooting, fraud prevention, and service operation.
• Essential Cookies and Local Storage: We use strictly necessary cookies and similar technologies for login, session state, security, language, theme, calendar preferences, and other functionality required to provide the website.
• Paddle Payment Provider: When you choose to subscribe or make a payment, we may ask for your permission to load Paddle, our payment provider. Paddle may set cookies or access information on your device for payment processing, subscription management, fraud prevention, tax compliance, invoicing, and related payment services. Paddle is only loaded when needed for subscription or payment functionality.

3. Cookies and Similar Technologies

During normal website use, we only use strictly necessary cookies and similar technologies. These are used to provide core website functionality, including authentication, account sessions, security, language preferences, theme preferences, and calendar preferences.

We do not use non-essential cookies for analytics, advertising, or marketing during normal website use.

When you choose to access subscription or payment functionality, we may ask for your permission to load Paddle. Paddle may set cookies or access information on your device to process payments, manage subscriptions, prevent fraud, issue invoices, calculate taxes, and provide related payment services. If you do not allow Paddle to load, you can continue using the non-payment parts of the website, but subscription and payment functionality may not be available.

4. Why We Process Your Data

• To register and manage your user account
• To authenticate users and maintain secure account sessions
• To remember functional preferences such as language, theme, and calendar settings
• To enable access to subscription-only features
• To manage subscription status and related account permissions
• To protect the service against abuse, fraud, and unauthorized access
• To maintain, troubleshoot, and improve the reliability of the website

All payment processing, billing, invoicing, tax calculation, and payment-related compliance are handled by Paddle, our Merchant of Record. We do not directly collect or store payment card details.

5. Legal Basis for Processing

We rely on the following legal bases:

• Contract: To create and manage your account, provide access to the service, manage subscriptions, and deliver subscription-only functionality.
• Legitimate Interest: For service security, fraud prevention, troubleshooting, server logging, and maintaining the reliable operation of the website.
• Consent: Where consent is legally required, such as before loading optional third-party services that may set cookies or access information on your device. This includes loading Paddle where consent is requested before subscription or payment functionality is used.
• Legal Obligation: Where processing is necessary to comply with applicable accounting, tax, regulatory, or legal requirements. Payment-related legal obligations are generally handled by Paddle as Merchant of Record.

6. Third-Party Services

• Paddle.com: Paddle acts as Merchant of Record for all payments. Paddle may collect and process payment details, billing details, tax information, invoice information, subscription information, IP address, and fraud prevention data. Paddle may also set cookies or access information on your device when payment or subscription functionality is used. See Paddle's privacy policy: https://paddle.com/legal/privacy.
• Hetzner Online GmbH: Hetzner hosts our servers located in Germany. Our Data Processing Agreement (DPA) with Hetzner can be found here: https://www.hetzner.com/AV/DPA_en.pdf.

7. Your Rights

Under GDPR, you have the right to:

• Access the personal data we hold about you
• Rectify incorrect or incomplete data
• Request deletion of your data, subject to applicable legal retention requirements
• Withdraw consent at any time where processing is based on consent
• Object to processing based on legitimate interests
• Request restriction of processing in certain circumstances
• Request a copy of your data in a machine-readable format
• File a complaint with your local Data Protection Authority

To exercise these rights, email: privacy@opskr.dk.

8. Withdrawing Paddle Consent

If you have allowed Paddle to load, you may withdraw or reset this preference by clearing your browser cookies for Opskr.dk or by contacting us at privacy@opskr.dk. Withdrawing this preference does not affect the lawfulness of processing that occurred before withdrawal.

If you withdraw or decline permission to load Paddle, subscription and payment functionality may not be available.

9. Data Retention

We retain your user account information for as long as your account is active or as long as needed to provide the service. Upon request, your account and associated personal data can be deleted, unless we are required or permitted to retain certain information for legal, security, accounting, dispute resolution, or fraud prevention purposes.

Subscription metadata is retained while your account is active and for as long as reasonably necessary to manage access, resolve disputes, document subscription status, and comply with applicable legal obligations. We do not store payment card details ourselves.

10. Security

We implement encryption, password hashing, access control, secure session management, and HTTPS to protect your data. Nevertheless, no platform can guarantee 100% security.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in legal, technical, or business developments. Updated versions will be posted here with a new effective date.