This Privacy Policy explains what personal data we collect, why we collect it, how we handle it, and how we protect, store, export, and delete it. It applies to all users of the DigiOps platform — a digital service designed to support operational management, standardization, and compliance documentation.
The data controller for the processing described in this policy is:
If your organization has its own DigiOps account, your organization is the data controller for the personal data entered into the platform. DigiOps acts as data processor on their behalf, as described in our Data Processing Agreement.
Personal data refers to any information that can be used to identify an individual. The types of data DigiOps processes may include:
We do not intentionally process sensitive personal data (GDPR Article 9) and will never ask you to provide such information. If sensitive data is entered into the platform by a user or their organization, the responsibility lies with the data controller.
We collect personal data through the following channels:
See our Cookie Policy for details on cookies and tracking technologies.
We process your data for the following purposes:
We process your data based on the following legal grounds under GDPR Article 6(1):
We may share your data with the following categories of recipients:
All sub-processors are bound by data processing agreements that meet GDPR requirements. We do not sell personal data to third parties.
All platform data is stored and processed within the EU. Our hosting partner AzeHosting operates at Hetzner data centers in Falkenstein, Germany. Hetzner is ISO/IEC 27001 certified.
When you use AI-assisted features, the text you submit is sent to OpenAI, L.L.C. (United States) for the sole purpose of generating a response. The transfer takes place under the EU-US Data Privacy Framework. AI-assisted features can be disabled for your organization in the company settings.
If any other transfer outside the EU/EEA is ever necessary, it will only take place with adequate safeguards in accordance with GDPR Chapter V, such as Standard Contractual Clauses (SCC) or an adequacy decision by the European Commission.
We retain personal data only as long as necessary for the purposes described in this policy:
After the retention period, data is either permanently deleted or anonymized so that it can no longer be linked to an individual.
Under GDPR, you have the following rights regarding your personal data:
To exercise any of these rights, contact us at contact@digiops.eu. We will respond within 30 days.
If you believe your data protection rights have been violated, you have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet), www.datatilsynet.dk.
We use cookies and similar technologies to operate the platform, analyze usage, and provide relevant content. You can manage your cookie preferences at any time through our Cookie Policy.
Marketing emails are only sent with your explicit consent and include an unsubscribe link in every message.
We may update this Privacy Policy from time to time. The latest version will always be available on our website.
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us: