Friendly Fire privacy policy


FriendlyFire – Privacy notice

 Updated 2nd of January 2019.



This privacy notice sets out how FriendlyFire IVS (FriendlyFire) uses and protects any personal information that you give FriendlyFire IVS when you use this website.

FriendlyFire is committed to ensuring that your privacy is protected. If we ask you to rovide certain information by which you can be identified when using this website, it will only be used in accordance with this privacy notice.

The use of some website services we provide is not possible without the provision of certain personal data. If you wish to use certain services via our website, processing on further personal data could become necessary.

If the processing of personal data is necessary, and there is no statutory basis for such processing, we will obtain your explicit consent.

Personal data processing shall always be according to the General Data Protection Regulation (GDPR), and in accordance with any EU-specific legislation applicable to FriendlyFire.

In this privacy notice, Friendly Fire is informing the general public why we collect and process personal data and about your (the ‘data subject’) rights in regard to the collection and processing of personal data.


FriendlyFire’s data protection notice is based upon terms used in the General Data Protection Regulation (GDPR) Article 4. For ease of understanding, the following terms apply.


Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. 

Personal data

Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data subject

Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.


Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of processing

Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.


Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.


Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Name and address of the controller

The controller is:

FriendlyFire IVS

Prinsessegade 1

1422 Copenhagen K, DK

Tel: TBA



Name and address of the data protection officer

The data protection officer of the controller is:

FriendlyFire IVS

Prinsessegade 1

1422 Copenhagen K


Tel: TBA



You may contact our data protection officer directly with any enquiries relating to FriendlyFire’s data protection policies.

Name and address of the lead supervisory authority

The lead supervisory authority overseeing the controller is:

The Danish Data Protection Agency (Datatilsynet) (DDPA)

28, 5.

1300 København K

Tel: +45 33 19 32 00




A cookie is a small file which asks permission to be placed on your computer’s hard drive.
Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site.

Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website to tailor it to customer needs. We only use this information for statistical analysis purposes.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Reasons for processing personal information

The following is a general description of how FriendlyFire and its data controller processes personal information.  To
understand how your own personal information is processed, you may need to refer to any personal communications you have received from FriendlyFire processes personal information to provide software, training and consultancy services, to promote our services, to maintain our records and our accounts.

We collect information from the following sources

  • Data subject directly – i.e. information entered into website forms
  • Data subject indirectly – i.e. information obtained from browsing the site, e.g. IP address, browser version, operating system
  • Social media – i.e. Facebook, LinkedIn, Twitter, Google+ and YouTube

We process the following information

  • Personaldetails
  • Business activities of a person whose personal information is being processed
  • Services provided
  • Transactional financial details

We process personal information about

  • Customers
  • Suppliers
  • Employees
  • Enquirers and complainants
  • Advisers

 Sometimes we need to share the personal information that we process with the individual and other organisations.

Where this occurs, FriendlyFire is required to comply with the General Data Protection Regulation (GDPR) and applicable elements of the Privacy and Electronic Communications Regulation (PECR).

Examples of the types of organisations we may need to share personal information with include

  • Financial organisations
  • Educators
  • Suppliers and service providers

The rights of the data subject

The GDPR grants EU citizens data subject rights. These rights are summarised below. To assert any of these rights, you may contact FriendlyFire’s data protection officer, or any other FriendlyFire employee at any time.

Right of confirmation

Each data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed.

Right of access

Each data subject has the right to obtain from the controller, free information about his or her personal data stored at any time and a copy of this information.

Additionally, a data subject has the right to obtain information as to whether personal data are transferred to a third country or to an international organisation. If this is the case, the data subject has the right to be informed of the appropriate safeguards relating to the transfer.

Right to rectification

Each data subject has the right to obtain from the controller, without undue delay, the rectification of inaccurate personal information relating to him or her.
Depending upon the purposes of the processing, the data subject has the right to have incomplete personal information completed, including by means of providing a supplementary statement.

Right to erasure

Each data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay. The controller is obligated to erase personal data without undue delay where one of the statutory grounds applies, providing the processing is not necessary.

Right to restriction of processing

Each data subject has the right to obtain from the controller restriction of processing where a statutory reason applies.

Right to data portability

Each data subject has the right to receive personal data concerning him or her, provided to a controller, in a structured, commonly used and machine-readable format.

Right to object

Each data subject has the right to object, on grounds relating to him or her particular situation, at any time to the processing of their personal data.

Automated decision making

Each data subject has the right not to be subject to a decision based solely on automated processing, including processing.

Right to withdraw consent

Where consent forms the basis for processing, data subjects have the right to withdraw his or her consent to the processing of their personal data at any time. Data subjects can withdraw consent by contacting the data protection officer or any other FriendlyFire employee to withdraw consent.

Right to complain to the supervisory authority

Every data subject has the right to lodge a complaint with a supervisory authority, if he or she considers that the processing of personal data relating to him or her infringes the GDPR.

Contact details for the lead supervisory authority are listed above in this privacy notice.

The legal basis for processing

The legal basis for processing is

  • Where the data subject has given consent to the processing of their personal data for one or more specific purposes
  • Processing is necessary for the performance of a contract to which the data subject is a party, or at the request of the data subject prior to entering into a contract
  • Processing is necessary for a legal obligation to with the controller is subject
  • Processing is necessary to protect the vital interest of the data subject, or of another natural person
  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
  • Processing is necessary for the purposes of legitimate interests pursued by the controller or by a third party, except where those interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, especially where the data subject is a child

The legitimate interests pursued by the controller

Where the processing of personal data is based on FriendlyFire’s legitimate interest, it is to conduct its business for the benefit of its employees and shareholders.

Security of processing

FriendlyFire is committed to ensuring that your personal information is secure. To prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect on-line.

However, absolute security cannot be guaranteed. If you have a particular concern about a particular method of data transmission, contact the controller. We will take reasonable steps to provide an alternative method.

International transfers

Sometimes, it may be necessary to transfer personal information overseas. Such transfers may be to what the GDPR calls ‘third countries’. Any transfers made will be made with full compliance to the GDPR and in accordance with the EU specific legislation applicable to FriendlyFire.

Personal data retention periods

The criteria used to determine the retention period of the personal data is the statutory retention period within the Member State. After the expiration of that period, personal data will be securely deleted, providing it is no longer necessary for the fulfilment of the contract, the initiation of a contract, or required for legal proceedings.

Contractual obligations of the data subject to provide personal data

The provision of personal data is partly required by law or can result from
contractual requirements.

For example, a data subject is obliged to provide FriendlyFire with personal data when we sign a contract with him or her. The consequence of failing to provide the personal data is that the contract with the data subject cannot be concluded.

Automated decision making and profiling

FriendlyFire does not process personal data for automated decision-making or profiling purposes.

Data protection notification for training services

The controller has integrated the components of several third-party services onto FriendlyFire’s website.

These services are;

Facebook Pixel

Facebook HQ, Menlo Park, CA.

Facebook Inc. Menlo Park, CA.

United States of America

Further information and applicable data protection provisions of the service are available at

Google Analytics Tools

Amphitheatre Parkway Mountain View,

CA 94043

United States

Google Inc.

Further information and applicable data protection provisions of the service are available at

Mailchimp Email Tools

T675 Ponce de Leon Ave NE Suite 5000

The Rocket Science Group, 675 Ponce de Leon Ave NE Suite 5000

Atlanta, GA 30308 USA

Further information and applicable data protection provisions of the service are available at


You may not transfer any of your rights under this privacy notice to any other person. FriendlyFire may transfer our rights under this privacy notice where we reasonably believe that your rights will not be affected.

If any court or competent authority determines that any provision of this privacy notice (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted. The validity and enforceability of the other provisions of this privacy notice will not be affected.

Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.

This notice will be governed by and interpreted according to the law of England and Wales.
All disputes arising under the notice will be subject to the exclusive jurisdiction of the English and Welsh courts.

Changes to this privacy notice

This notice was last updated on May 24th, 2018. FriendlyFire may change this policy by updating this page to reflect legislative changes or changes to our privacy practices.

However, FriendlyFire will not use your personal data in new ways without your consent.

©2019 – Mathias Munk Ulrich & Carl Johan Hanberg – All rights reserved