Legal

Privacy Policy

Last updated: January 2026. This policy explains how MindNet collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR).

1. Who we are

MindNet ApS ("MindNet", "we", "us", "our") is the data controller responsible for the personal data collected through this website and through our therapy services.

MindNet ApS

CVR: 46 55 37 99

Copenhagen, Denmark

info@mindnet.dk

2. What personal data we collect

We collect personal data only when you actively provide it to us, or when it is technically necessary to deliver our services. We do not collect data we do not need.

When you contact us or enquire

  • · Name, email address, phone number
  • · The content of your message or enquiry
  • · Information you voluntarily share about your situation or needs

When you register for a therapy group

  • · Name, date of birth, email address, phone number
  • · Health-related information you provide (group topic, background, relevant history)
  • · Payment information (processed via a third-party payment provider — we do not store card details)

When you visit our website

  • · Language preference (stored as a cookie)

When you apply for a position

  • · Name, email address, phone number
  • · CV, professional background, and supporting materials you submit

3. How we use your data

We use your personal data only for the purposes for which it was collected:

  • To respond to your enquiries and provide information about our services
  • To administer your participation in a therapy group, including invoicing and scheduling
  • To carry out clinical record-keeping in line with our professional and legal obligations as psychologists
  • To process job applications
  • To improve our website through anonymised analytics (only with consent)
  • To comply with legal obligations, including tax and accounting requirements

We do not use your data for marketing, profiling, or automated decision-making, and we do not sell your data to any third party.

5. Sensitive (special category) data

Information about your mental health, psychological wellbeing, or therapeutic needs is classified as special category data under GDPR Article 9. We process this data only with your explicit consent, which you provide when you register for a group or engage in a clinical relationship with us.

This data is treated with the highest standard of confidentiality. It is accessible only to the psychologist or therapist working directly with your group, and is never shared with third parties except where we are legally required to do so (for example, where there is a serious and immediate risk of harm).

All our therapists are bound by professional confidentiality obligations under Danish law and the ethical guidelines of their professional bodies.

6. Who we share your data with

We do not sell, rent, or trade your personal data. We share no data with 3rd party:

Payment processing

We use a third-party payment provider to process invoices securely. They act as a data processor under a data processing agreement and do not use your data for any other purpose.

IT and hosting infrastructure

Our website is hosted on servers within the European Economic Area (EEA). Any third-party tools we use are subject to data processing agreements.

Legal authorities

We may disclose data to public authorities when required by law or where there is an urgent risk to the safety of you or others.

7. How long we keep your data

We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by law.

Data type Retention period
Clinical records (therapy participation)5 years after last contact (Danish professional standard)
Accounting and invoicing records5 years (Danish Bookkeeping Act)
General enquiry correspondence2 years from last contact
Job applications (unsuccessful)6 months after the process concludes
Website analytics data26 months (Umami default)
Language preference cookie365 days

8. Your rights under GDPR

As a data subject, you have the following rights. To exercise any of them, contact us at info@mindnet.dk. We will respond within 30 days.

Right of access

You can request a copy of all personal data we hold about you.

Right to rectification

You can ask us to correct inaccurate or incomplete data.

Right to erasure

You can ask us to delete your data where we no longer have a lawful basis to hold it.

Right to restriction

You can ask us to limit how we process your data in certain circumstances.

Right to portability

You can request your data in a structured, machine-readable format where technically feasible.

Right to object

You can object to processing based on legitimate interests or for direct marketing purposes.

Right to withdraw consent

Where processing is based on your consent, you may withdraw it at any time. This does not affect the lawfulness of processing carried out before withdrawal.

9. Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, destruction, or alteration. These include encrypted data transmission (HTTPS), access controls, and regular security reviews.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Danish Data Protection Agency (Datatilsynet) within 72 hours, and you directly where required.

10. Cookies

We use a small number of cookies on this website. For full details of which cookies we use, why, and how to manage them, please see our Cookie Policy.

11. Children

Our services are intended for adults aged 18 and over. We do not knowingly collect personal data from children under 18. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. The date at the top of this page indicates when it was last revised. Where changes are significant, we will notify you by email if we hold your contact details.

13. Contact us & how to complain

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

MindNet ApS

Copenhagen, Denmark

info@mindnet.dk

If you are not satisfied with our response, you have the right to lodge a complaint with the Danish Data Protection Agency:

Datatilsynet

Carl Jacobsens Vej 35, 2500 Valby

www.datatilsynet.dk

+45 33 19 32 00

Questions about your data?

We are happy to answer any questions you have about how we use your personal data. Just get in touch.

info@mindnet.dk