Privacy Policy

Introduction

ObsidianBloom AS ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you visit our website obsidianbloom.world or use our services.

This policy applies to all users of our website and services. By using our website or services, you agree to the collection and use of information in accordance with this policy.

Data Controller Information

ObsidianBloom AS is the data controller responsible for your personal data. Our contact details are:

Data We Collect

We collect and process various types of personal data depending on how you interact with our website and services. The data we collect includes:

Information You Provide Directly

• Contact information (name, email address, phone number)
• Communication preferences and enquiry details
• Information provided in contact forms or consultation requests
• Feedback, reviews, and correspondence with us
• Account information if you register for our services

Information Collected Automatically

• IP address and geographical location
• Browser type, version, and operating system
• Website usage data and navigation patterns
• Pages visited, time spent on pages, and referral sources
• Device information and screen resolution
• Cookies and similar tracking technologies data

How We Use Your Information

We use your personal data for various purposes based on legitimate business interests, contractual necessity, or your consent. Here's how we use your information:

Service Provision

• To provide our financial education and investment guidance services
• To respond to your enquiries and provide customer support
• To process consultation requests and schedule appointments
• To personalise your experience and tailor our services to your needs

Communication

• To send you service-related communications and updates
• To provide educational content and market insights
• To send marketing communications (with your consent)
• To notify you about changes to our services or policies

Website Improvement

• To analyse website usage and improve user experience
• To conduct research and analytics for business development
• To optimise our website performance and functionality
• To detect and prevent fraud or security issues

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Consent: Where you have given clear consent for specific processing activities
• Contract: Where processing is necessary for the performance of a contract with you
• Legal Obligation: Where we need to comply with legal or regulatory requirements
• Legitimate Interests: Where processing is necessary for our legitimate business interests, provided these don't override your rights

Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We may share your data in the following limited circumstances:

• With service providers who assist us in operating our website and providing services
• With analytics providers (such as Google Analytics) to understand website usage
• With advertising platforms (such as Google Ads) for marketing purposes, where you have consented
• When required by law or to protect our legal rights
• In connection with a business transfer or acquisition

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this privacy policy, unless a longer retention period is required by law. Our general retention periods are:

• Contact form data: 3 years from last contact
• Website analytics data: 26 months (Google Analytics default)
• Marketing communications data: Until you unsubscribe or withdraw consent
• Legal and regulatory data: As required by applicable laws
• Customer service records: 5 years for business purposes

Your Rights

Under GDPR and UK data protection laws, you have several rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis

To exercise any of these rights, please contact us at privacy@obsidianbloom.world or +45 38905901.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• SSL encryption for data transmission
• Secure hosting and data storage systems
• Regular security assessments and updates
• Access controls and staff training
• Incident response procedures

International Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) where our service providers are located. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Adequacy decisions by the European Commission
• Standard contractual clauses approved by the European Commission
• Certification schemes and codes of conduct
• Binding corporate rules for multinational companies

Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete such information.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

We encourage you to review this policy periodically to stay informed about how we protect your information.

Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) if you believe we have not handled your personal data in accordance with applicable data protection laws.