We are the data controller for the processing of personal data that we process about our customers and partners. You can find our contact details below.
Karla ApS
Niels Hemmingsens Gade 20B, 1153 Copenhagen K, Denmark
CVR-no: 43786911
Our company is not required to have an external DPO, but if you have any questions regarding the processing of your personal data, you can contact us at compliance@getkarla.ai
As data controller pursuant to the GDPR, we carry out the following processing activities.
Our website uses cookies. We use cookies to personalize our content and ads, to provide social media features and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. Our partners may combine this data with other information that you have provided to them or that they have collected from your use of their services.
If you have questions about our website or would like to hear more about our services, you can contact us via:
- e-mail: ms@getkarla.ai
- phone: +45 42 42 00 55
- contact form: here
Through these channels, we will process your personal data so that we can engage in a dialogue with you, e.g. answer questions about our services. We only process the information that you provide to us in connection with our communication.
We will typically process the following ordinary personal data: name, email address, country & city of residence, IP-address, product usage
Our legal basis for processing this personal data is Article 6(1)(f) of the GDPR (legitimate interests)
We delete our communication with you once it becomes clear whether or not you wish to use our services. Should a particular situation arise that requires us to retain your personal data for a longer period, this may be the case.
We need to communicate with our customers to ensure that our services are delivered correctly. In this context, we may process information such as name, email address, company website URL, services, specific agreements, payment information and similar.
Our legal basis for processing this personal data is Article 6(1)(b) of the GDPR (performance of a contract)
Once the service has been delivered and any outstanding matters have been concluded, we will delete the personal data shortly thereafter.
We have a newsletter that is voluntary to subscribe to, and you can always unsubscribe again.
The purpose of the newsletter is to send subscribers emails with new information from the company, which may include new content on the website and announcements about our services.
We will only send you emails if you have given your active consent.
Our legal basis for processing your personal data (i.e. your email address) in connection with the newsletter is Article 6(1)(a) of the GDPR (consent).
We will process your personal data for as long as you remain subscribed to the newsletter. When you unsubscribe, we will also stop sending it to you. If we have not sent you a newsletter within 1 year, your consent will lapse due to our inactivity.
Upon unsubscribing from the newsletter, we will retain your former consent for 2 years after it was last used, due to limitation requirements pursuant to the Danish Consumer Ombudsman's spam guidance, section 11.3.
We are required to retain all accounting records pursuant to the Danish Bookkeeping Act. This means that we retain invoices and similar records for accounting purposes. These may contain ordinary personal data such as name, address and description of services.
Our legal basis for processing personal data for bookkeeping purposes is Article 6(1)(c) of the GDPR (legal obligation).
We retain this information for a minimum of 5 years after the end of the current financial year.
We welcome job applications with a view to assessing whether they match a recruitment need in our company.
If you send us your job application, our legal basis for processing your personal data is Article 6(1)(f) of the GDPR (legitimate interests).
If you have sent an unsolicited application, HR will immediately assess whether your application is relevant and will subsequently delete your data if there is no match.
If you have applied for an advertised position, we will dispose of your application in the event that you are not hired, and promptly after the right candidate has been found.
If you enter a recruitment process and/or are hired, we will provide you with separate information about how we process your personal data in that context.
Few can handle everything on their own, and the same applies to us. We therefore have partners and use suppliers, some of whom may be data processors.
External suppliers may, for example, provide systems to organise our work, services, consultancy, IT hosting or marketing.
- Google Cloud - Cloud hosting and infrastructure
- Microsoft Azure - Cloud hosting and infrastructure
- OpenAI - LLM for products
- Zendesk - Customer support and ticketing
- HubSpot - CRM System
- Dinero - Accounting and bookkeeping
- Slack - Internal communication
- Google Workspace - Internal communication and collaboration
- Cookiebot - Cookie consent management
It is our responsibility to ensure that your personal data is processed properly. We therefore impose strict requirements on our partners, and our partners must guarantee that your personal data is protected
We therefore enter into agreements with companies (data processors) that handle personal data on our behalf in order to enhance the security of your personal data.
We do not disclose your personal data to third parties.
We do not carry out profiling or automated decision-making.
As a general rule, we use data processors within the EU/EEA, or processors that store data within the EU/EEA.
In some cases this is not possible, and data processors outside the EU/EEA may be used, provided they can offer appropriate protection for your personal data.
We keep the processing of personal data secure by implementing appropriate technical and organisational measures.
We have conducted risk assessments of our processing of personal data and have subsequently implemented appropriate technical and organisational measures to enhance processing security.
One of our most important measures is keeping our employees up to date on the GDPR through ongoing awareness training and by reviewing our GDPR procedures with employees.
Under the GDPR, you have a number of rights in relation to our processing of information about you.
If you wish to exercise your rights, please contact us at support@getkarla.ai so that we can assist you
You have the right to access the information we process about you, as well as a number of additional details.
You have the right to have inaccurate information about you corrected.
In certain cases, you have the right to have information about you deleted before the time of our ordinary general deletion.
In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to restriction, we may in the future only process the data, apart from storage, with your consent, or for the establishment, exercise or defence of legal claims, or for the protection of a person or important public interests.
In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You may also object to the processing of your data for direct marketing purposes.
In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have your personal data transferred from one data controller to another without hindrance.
In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have your personal data transferred from one data controller to another without hindrance.
You can read more about your rights in the Danish Data Protection Agency's guidance on the rights of data subjects at www.datatilsynet.dk.
Where our processing of your personal data is based on your consent, you have the right to withdraw your consent.
You have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) if you are dissatisfied with the way we process your personal data. You can find the contact details of the Danish Data Protection Agency at www.datatilsynet.dk.
We generally encourage you to read more about the GDPR so that you are up to date on the rules.