Last updated: April 2026

Storm Consulting ApS (“Storm”, “we”, “us”) respects your privacy and processes personal data in accordance with the GDPR and the Danish Data Protection Act.

Who is responsible (data controller)
Storm Consulting ApS is the data controller for the processing described here.

What data we process
When you interact with us on LinkedIn or share your details with us, we may process:
• Name, job title, company, and LinkedIn profile information (as available on LinkedIn)
• Contact details you provide (e.g., email, phone)
• Communication history (e.g., messages, meeting notes, correspondence)
• Newsletter preferences and engagement (if you subscribe)

Cookies and Website Tracking:
We use cookies and similar technologies to ensure our website functions correctly and to analyze how visitors interact with our content. This includes:
• Functional cookies: Necessary for Squarespace to host the site securely.
• Analytics and Marketing cookies: We use HubSpot and Squarespace Analytics to track website traffic, lead generation, and engagement with our service offerings.
• You can manage your preferences or withdraw consent via the cookie banner on our website.

Why we process your data
We process personal data to:
• Respond to inquiries and communicate with you
• Maintain and manage professional relationships
• Share relevant insights, invitations, and updates (including newsletters where applicable)
• Keep an internal record of our interactions in our CRM
• Evaluate potential business partnerships and analyze website engagement

Legal basis
We typically process personal data based on legitimate interests (GDPR Art. 6(1)(f)) to manage relationships and run our business. Where required, we send newsletters based on consent (GDPR Art. 6(1)(a)) and you can unsubscribe at any time.

Where we store it (systems and processors)
We store relevant information in our CRM and business tools, including:
• HubSpot (CRM)
• Microsoft 365 (email and collaboration)
These providers act as our data processors under data processing agreements.

International transfers
Our setup is intended to use EU data centres where available. However, some providers (including HubSpot and Microsoft) may involve processing or support access outside the EU/EEA in certain situations. Where this happens, we rely on appropriate safeguards (e.g., EU Standard Contractual Clauses) in line with GDPR requirements.

How long we keep your data
We keep personal data for up to 5 years from our last interaction with you, unless a longer retention period is required by law or needed to establish, exercise, or defend legal claims.

Your rights
You can request to:
• Access the personal data we hold about you
• Correct inaccurate information
• Delete your data (where applicable)
• Restrict or object to certain processing (including direct marketing)
• Withdraw consent at any time (where processing is based on consent)

Contact
To exercise your rights, contact: tst@stormconsulting.dk

If you believe our processing is not compliant, you can lodge a complaint with the Danish Data Protection Agency (Datatilsynet).