Last updated: 8 April 2026
This privacy policy describes how Repax ApS ("Repax", "we", "us" or "our") collects, uses and discloses your personal information when you visit or use our services or otherwise communicate with us in connection with repax.io (collectively, the "Services"). For the purposes of this privacy policy, "you" and "your" refer to you as a user of the Services, whether you are a customer, website visitor, or another person whose information we have collected under this privacy policy.
Please read this privacy policy carefully.
We may update this privacy policy from time to time, including to reflect changes in our practices or for other operational, legal or regulatory reasons. We will publish the revised privacy policy on the website, update the "Last updated" date, and take all other steps required by applicable law.
Repax ApS is the data controller for personal data processed in connection with visitors to our website, individuals who contact us or request a demo, subscribers to our newsletter or marketing communications, and users of the Repax platform.
Repax ApS:
VAT: DK45692167
Nørregade 33, 3. sal, 1165 Copenhagen, Denmark
Email: hello@repax.io
Website: www.repax.io
If you have questions about how we handle your personal data, or wish to exercise any of your rights, please contact us at hello@repax.io. We will respond within 30 days.
In order to provide the Services, we collect personal information from a variety of sources as described below. The information we collect varies depending on how you interact with us.
In addition to the specific uses listed below, we may use information we collect to communicate with you, provide or improve the Services, comply with applicable legal obligations, enforce any applicable terms of service, and protect or defend the Services, our rights, and the rights of our users or others.
Information you send directly to us through our Services may include:
Contact information, including your name, address, phone number and email address. Account details, including your username, password and other information used for account security purposes. Order and billing details, including your company name, billing address, VAT number and payment confirmation. Customer support information, including the content of any communications you send to us through the Services.
Some features of the Services may require you to provide us with certain information. You may choose not to provide this information, but doing so may prevent you from using or accessing those features.
We may automatically collect certain information about your interaction with the Services ("Usage Data"). To do this, we may use cookies, pixels and similar technologies. Usage Data may include information about how you access and use our website and your account, including device information, browsing information, information about your network connection, your IP address and other information relating to your interaction with the Services.
We may obtain information about you from third parties, including suppliers and service providers who collect information on our behalf, such as companies that support our site and services, and payment processors who collect payment information in order to process payments and fulfil orders. When you visit our website, open or click on emails we send you, or interact with our services, we or third parties we work with may automatically collect certain information using online tracking technologies such as pixels, web beacons and cookies.
All information we receive from third parties will be processed in accordance with this privacy policy.
We use your personal information to provide the Services, including to process payments, manage your account, send notifications relating to your account or transactions, and fulfil any other contractual obligations to you. The legal basis for this is the performance of a contract with you under GDPR Art. 6(1)(b).
We may use your personal information for marketing and promotional communications by email or other channels. If you are a resident of the European Economic Area (EEA), the legal basis for this is our legitimate interest in promoting our services under GDPR Art. 6(1)(f), or your consent where required.
We use your personal information to detect, investigate or take action regarding possible fraudulent, illegal or malicious activity, and to keep the platform secure. The legal basis for this is our legitimate interest in keeping our services safe under GDPR Art. 6(1)(f).
We use your personal information to provide customer support and improve our services. The legal basis for this is our legitimate interest in being responsive to you and maintaining our business relationship under GDPR Art. 6(1)(f).
We process personal data where necessary to comply with legal obligations, including financial record-keeping requirements under Danish law. The legal basis for this is GDPR Art. 6(1)(c).
We do not make decisions about you based solely on automated processing that produce legal or similarly significant effects.
Like many websites, we use cookies on our website. We use cookies to enhance and improve our website and services, to remember your actions and preferences, to run analytics, and to better understand how users interact with the Services.
We may also allow third-party service providers to use cookies on our website to better tailor services and advertising on our website and other platforms.
Most browsers automatically accept cookies by default, but you can choose to remove or reject cookies through your browser settings. Removing or blocking cookies may affect your user experience and may cause some features or functionality to not work correctly.
When you first visit our website, you will be presented with a cookie consent banner allowing you to accept all, reject non-essential, or customise your preferences. You may update your preferences at any time via the cookie settings link in the footer of our website. If you visit our website with the Global Privacy Control (GPC) opt-out signal enabled, we will treat this as a request to opt out of non-essential data collection for the browser and device you are using.
Our cookie practices comply with the Danish Executive Order on Cookies and the EU ePrivacy Directive.
In certain circumstances, we may disclose your personal information to third parties for purposes related to the performance of contracts, legitimate business purposes, or other reasons in accordance with this privacy policy. Such circumstances may include:
We do not sell, rent or trade your personal information to third parties for their own marketing or commercial purposes.
We do not use or disclose sensitive personal information for purposes beyond those described in this privacy policy without your consent.
We are based in Denmark and primarily process data within the EEA. Some of our service providers are based outside the EEA, including in the United States.
Where personal data is transferred to a country that does not benefit from an EU adequacy decision, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) as adopted by the European Commission, and Transfer Impact Assessments where required.
You may request a copy of the relevant transfer mechanisms by contacting us at hello@repax.io.
Our website may contain links to websites or other platforms operated by third parties. We do not guarantee and are not responsible for the privacy practices or security of such websites. We recommend reviewing the privacy policies of any third-party sites you visit. Our inclusion of such links does not constitute an endorsement of the content on those platforms or their operators.
The Services are not intended for use by children under the age of 18, and we do not knowingly collect personal information from children. If you are the parent or guardian of a child who has provided us with personal information, please contact us at hello@repax.io and we will delete that information.
Please note that no security measures are perfect or impenetrable, and we cannot guarantee complete security. Information you transmit to us may not be secure while in transit. We recommend that you do not use unsecured channels to send us sensitive or confidential information.
We implement appropriate technical and organisational measures to protect personal data, including encryption of data in transit and at rest, role-based access controls, regular security reviews, and documented incident response procedures.
How long we retain your personal information depends on various factors, including whether we need it to maintain your account, provide the Services, comply with legal obligations, resolve disputes, or enforce applicable agreements. Retention periods are as follows:
Following termination of a Repax subscription, all customer-uploaded platform data is available for export for 30 days, after which it is permanently deleted.
Depending on where you live, you may have some or all of the rights listed below in relation to your personal information. These rights are not absolute and may only apply in certain circumstances. In some cases we may reject your request as permitted by law.
Right to access: You may request access to the personal information we hold about you, including details of how we use and share it.
Right to rectification: You may request that we correct inaccurate or incomplete personal information we hold about you.
Right to erasure: You may request that we delete personal information we hold about you where it is no longer necessary, where you have withdrawn consent, or where there is no other lawful basis for processing.
Right to restriction: You may ask us to pause or restrict our processing of your personal information in certain circumstances.
Right to data portability: Where processing is based on consent or contract, you may request a copy of your personal information in a structured, machine-readable format, and request that it be transferred to a third party where technically feasible.
Right to object: You may object to processing based on legitimate interests. You have an absolute right to object to your personal information being used for direct marketing at any time.
Right to withdraw consent: Where we rely on consent to process your personal information, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.
Right to appeal: If we refuse to act on your request, you may have the right to appeal that decision by responding directly to our refusal communication.
Management of communication preferences: You may opt out of marketing emails at any time by using the unsubscribe link in any such email. If you opt out, we may still send you non-promotional communications such as account or transaction notifications.
We will not discriminate against you for exercising any of these rights. We may need to verify your identity before fulfilling a request. You may also appoint an authorised agent to make requests on your behalf, in which case we require proof of that authorisation and may verify your identity directly with you.
To exercise any of these rights, please contact us at hello@repax.io. We will respond within 30 days as required by applicable law.
If you have complaints about how we process your personal information, please contact us at hello@repax.io. If you are not satisfied with our response, you may lodge a complaint with your local data protection authority.
For users in Denmark, the competent supervisory authority is Datatilsynet, reachable at www.datatilsynet.dk, by phone at +45 33 19 32 00, or by email at dt@datatilsynet.dk.
For users in other EEA countries, a full list of data protection supervisory authorities is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en.
If you have any questions about our privacy practices or this privacy policy, or if you would like to exercise any of the rights available to you, please contact us at:
Adress: Nørregade 33, 3. sal, 1165 Copenhagen, Denmark
Email: hello@repax.io
Website: www.repax.io