Company and legal info.

How we handle your personal data as a supplier or partner (“Partner”) of TSB X ApS, valid from 1 September 2024.

At TSBX, we protect and respect your data and privacy. When you enter into a cooperation agreement with TSB X ApS, we process your personal data as a data controller. A cooperation agreement may include an agreement for the supply of goods, an agreement for the provision of software services, a partnership agreement etc.

This Privacy Notice applies to you as a private individual associated with a company that has or is considering a collaboration with TSBX. You may be an authorized signatory, beneficial owner, director, employee, or a third party associated with our Partners.

The Privacy Notice describes various aspects of how we process your personal data when your company collaborates with us.

1. What is personal data?

Personal data includes all types of information that can be linked to you. When your company collaborates with us, we register contact information and identification details of the contact person and any authorized signatory (if different from the contact person) – all information that, individually or in combination, may be attributable to individuals associated with the company.

2. How do we process your personal data?

At TSBX, we treat your personal data confidentially and comply with the Data Protection Act, the EU General Data Protection Regulation (‘GDPR’), guidelines from the Danish Data Protection Agency, and other relevant legislation.

We collect personal data from you when you, for example, fill out our contact form or provide information upon request in correspondence. Additionally, we obtain information from publicly available sources.

We collect and process general (non-sensitive) personal data:

• Name, address, phone number, email, and possibly a company registration number (CVR) are general personal data that we process.
• Additionally, we may collect sensitive data, including voice and video recordings, in connection with meetings between TSBX and your company.

3. Purposes of processing your personal data and legal basis

We process your personal data for the following purposes:

• Registration as a Partner in our systems, such as contract registry.
• Ongoing administration of our cooperation.
• Termination of cooperation.
• Compliance with applicable laws.

We only request information that is necessary and relevant to fulfill the above purposes.

To process your personal data, we must have a legal basis (it must be legally permitted for us to process the specific data). The relevant legal bases are listed below:

• To comply with contracts and agreements with you (GDPR, Article 6, No. 1, letter b), we need to process your personal data, such as contact information and CVR number (which, for sole proprietorships, is considered personal data). Without your personal data, we cannot offer a cooperation agreement to you.

4. Retention of your personal data

If we enter into a cooperation agreement, we will retain your personal data as long as you remain a Partner to us. If you cease to be a Partner with TSBX, we will retain your personal data for five years plus the current year from the termination date.

If you do not become a Partner, we will retain your personal data for six months from the time the agreement did not materialize.

5. Protection of your personal data

We have implemented various technical and organizational measures to ensure that your personal data is not accidentally or unlawfully deleted, disclosed, accessed by unauthorized persons, or misused.

6. Access to information and other rights

You have the right to access the information we have collected about you and to have incorrect information deleted or corrected. You also have the right to request restrictions on how we process your information and, in certain cases, to object to our processing based on our legitimate interest. In case of an objection, we will assess whether processing can continue or if your objection should be upheld. Finally, you have the right to transfer your information to yourself or another person or company (data portability). You can read more about your rights in the Danish Data Protection Agency’s guidance on the rights of data subjects at www.datatilsynet.dk.

We retain documentation proving that we have either granted or denied your request regarding your rights for two years.

To exercise your rights, please contact us. See contact details below.

7. Disclosure of data (including transfers to third countries)

We use third parties (data processors) for data storage and processing, such as handling and storing your personal data in our IT systems. They process information solely on our behalf and are not permitted to use it for their own purposes.

We only use data processors and/or sub-processors within the EU or in countries that provide adequate protection for your information.

8. Confidentiality

All our employees are bound by confidentiality obligations. This means that information about you, including your personal data, will not be unlawfully disclosed to third parties.

9. Contact

If you have any questions about our processing of your personal data or wish to exercise your rights, please contact us.

10. Data Controller

TSB X ApS, CVR 45008304, Gdanskgade 2, 2150 Nordhavn is responsible for the data we collect.

11. Data Protection Responsible

We have appointed a Data Protection Responsible (“DPR”) who is responsible for ensuring that TSBX complies with the relevant data protection regulation. You can always contact our DPR with inquiries or questions regarding our processing of personal information:

TSB X ApS, Att. Data Protection
Gdanskgade 2, 2150 Nordhavn
Email: databeskyttelse@tsbx.dk

12. Danish Data Protection Agency

If you are dissatisfied with how we process your personal data, you can always file a complaint with the Danish Data Protection Agency. You can find their contact details at www.datatilsynet.dk.

13. Changes

As a Partner with TSB X ApS, you will be notified if we make changes to our data collection and processing practices that affect you. The effective date is stated at the beginning of the document.

Last approval date: 1. September 2025