GDPR Compliance

GDPR Information

Your rights under the General Data Protection Regulation

Last updated: October 19, 2025

1. Overview

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018, throughout the European Union. It gives individuals greater control over their personal data and imposes strict requirements on organizations that process such data.

At The Smartest Email, we are fully committed to GDPR compliance. As a company registered in Denmark (Happenings Group A/S, CVR: 40979956), we adhere to all GDPR requirements and respect your data protection rights.

This page explains your rights under GDPR and how we ensure compliance with these regulations.

2. Your Rights Under GDPR

Under GDPR, you have the following fundamental rights regarding your personal data:

Right to Access

Access all personal data we hold about you

Right to Rectification

Correct inaccurate or incomplete data

Right to Erasure

Request deletion of your personal data

Right to Restrict Processing

Limit how we use your data

Right to Data Portability

Receive your data in a transferable format

Right to Object

Object to certain types of processing

3. Right to Access (Article 15)

You have the right to obtain confirmation as to whether your personal data is being processed, and if so, access to that data and the following information:

  • The purposes of processing
  • The categories of personal data concerned
  • The recipients or categories of recipients to whom data has been disclosed
  • The envisaged period for which data will be stored
  • The existence of your other rights (rectification, erasure, restriction, objection)
  • The right to lodge a complaint with a supervisory authority
  • Information about the source of the data

How to exercise: Contact us at privacy@happenings.dk with a data access request. We will provide a copy of your data within 30 days.

4. Right to Rectification (Article 16)

You have the right to have inaccurate personal data corrected and incomplete data completed. This includes the right to provide supplementary statements to complete incomplete data.

Examples:

  • Correcting misspelled names or addresses
  • Updating outdated contact information
  • Adding missing information to your profile

5. Right to Erasure / "Right to be Forgotten" (Article 17)

You have the right to request deletion of your personal data when:

  • The data is no longer necessary for the purposes for which it was collected
  • You withdraw your consent and there is no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • The data must be erased for compliance with a legal obligation

Note: You can delete your account and all data at any time through the Service settings. All data will be permanently deleted within 30 days.

6. Right to Restrict Processing (Article 18)

You have the right to restrict the processing of your personal data when:

  • You contest the accuracy of the data (restriction applies during verification)
  • Processing is unlawful but you prefer restriction over erasure
  • We no longer need the data but you need it for legal claims
  • You have objected to processing (restriction applies during verification)

When processing is restricted, we may only store the data and process it with your consent or for legal claims.

7. Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format (such as JSON or CSV) and transmit that data to another controller.

This right applies when:

  • Processing is based on consent or contract
  • Processing is carried out by automated means

We provide data export functionality in multiple formats to facilitate portability to other services.

8. Right to Object (Article 21)

You have the right to object to processing of your personal data when:

  • Processing is based on legitimate interests or public interest
  • Processing is for direct marketing purposes (absolute right to object)
  • Processing is for scientific, historical research, or statistical purposes

If you object, we must cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

9. Automated Decision-Making and Profiling (Article 22)

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

Our Approach: While we use AI to categorize and analyze emails, all decisions remain under your control. Our AI provides suggestions, but you always have the final say. No automated decisions are made that legally or significantly affect you.

11. How to Exercise Your Rights

To exercise any of your GDPR rights, you can:

1

Use Service Settings

Many rights can be exercised directly through your account settings (data export, account deletion)

2

Email Us

Contact our Data Protection Officer at privacy@happenings.dk

3

Written Request

Send a letter to: Happenings Group A/S, Klostergade 56B ST., 8000 Aarhus C, Denmark

We will respond to your request within one month. In complex cases, we may extend this by an additional two months, but we will inform you within the first month.

12. Filing Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with a supervisory authority.

Danish Data Protection Agency

Datatilsynet

Carl Jacobsens Vej 35

2500 Valby, Denmark

Email: dt@datatilsynet.dk

Website: www.datatilsynet.dk

You may also contact the supervisory authority in your EU member state of residence or place of work.

13. Contact Information

For any questions about GDPR or to exercise your rights:

Data Controller & Data Protection Officer

Happenings Group A/S

Klostergade 56B, ST.

8000 Aarhus C, Denmark

CVR: 40979956

Privacy Email: privacy@happenings.dk

General Support: support@happenings.dk

Legal: legal@happenings.dk