Privacy Policy
Last updated: 7 July 2026
Your data at a glance
We collect only what we need to provide our SaaS service, keep it secure in your chosen region, and give you full control. Here’s what matters most:
What we collect: Account details, IP addresses for functionality, and support communications.
Why: To provide your service, manage your account, and keep systems secure.
Where: In the Azure EU regions, plus additional data in the regions you configure during onboarding (EU, US, or Canada).
How long: Application data is deleted 90 days after cancellation; contact information is kept 5 years for accounting.
Your rights: Access, correct, delete, or export your data at any time.
1. Who we are
Data Controller
Just Software, Automatikvej 1, 3., 2860 Søborg, Denmark.
Email: mail@just-software.com
Data protection contact
Email: security@just-software.com
2. What personal data we use
Account & service data
Contact information: name, email, and company name.
Account access: username and encrypted password.
Service usage: IP addresses, access logs, and session data.
Analytics data: service performance, feature usage, and error tracking for observability.
Support: messages sent through our HeroDesk system.
We don’t collect
Payment details (handled by Azure Marketplace).
Data from third parties for marketing purposes.
3. Why we process your data
Purpose | Legal reason | Data used |
|---|---|---|
Provide your SaaS service | Contract with you | Account details, usage data |
Account management | Contract with you | Contact info, credentials |
Website analytics | Your consent (via our cookie banner) | Cookie identifiers, website usage data |
Service improvement & observability | Our legitimate interest in service quality | Error logs, performance metrics |
Customer support | Contract with you | Support communications |
System security & logs | Our legitimate interest in security | IP addresses, access logs |
Legal obligations | Required by law | Contact info for accounting (5 years) |
Our legitimate interests: we use IP addresses and logs to protect against security threats and ensure service availability. We analyse service performance and usage patterns to improve functionality and fix issues. We balance this against your privacy rights and only keep what is necessary. Website analytics that rely on cookies are used only where you have given consent (see section 8).
4. Who we share data with
We only share your data with these service providers:
Microsoft Azure: cloud hosting (in your chosen region).
TwentyCRM: customer relationship management.
HeroDesk: support system (365-day retention).
Google Analytics: website analytics (GA4), used only with your consent.
All providers use standard contractual clauses and appropriate security measures.
5. Where your data goes
Your choice of region
You select where your application data is stored and processed:
Available regions: EU, United States, Canada.
Data stays: in your chosen region for processing.
No unexpected transfers: your data doesn’t leave your region.
Service provider transfers
Some providers may process data outside the EU:
Microsoft Azure: EU/EEA data residency; any transfers to the US rely on the EU-US Data Privacy Framework and Standard Contractual Clauses.
Google Analytics: transfers to the US rely on the EU-US Data Privacy Framework and Standard Contractual Clauses.
Others: Standard Contractual Clauses where needed.
6. How long we keep data
Data type | Retention period | Why |
|---|---|---|
Application data | Deleted 90 days after cancellation | Service termination |
Contact information | 5 years after cancellation | Danish accounting law |
Analytics data | 24 months, or until service termination | Service improvement and observability |
Support messages | 365 days (auto-deleted) | Customer service |
Security logs | As needed for security | Legitimate security interests |
7. Your rights
You have these rights regarding your personal data:
Access — get a copy of your data.
Correct — fix inaccurate information.
Delete — request deletion of your data. We’ll delete what we’re not legally required to keep. Information we need to meet Danish accounting and audit obligations is retained for the statutory period (see section 6) and deleted once that period ends.
Restrict — limit how we use your data.
Export — get your data in a usable format.
Object — stop processing based on legitimate interests.
Withdraw consent — where we rely on your consent.
To use your rights: email security@just-software.com.
Response time: within 1 month (this may extend to 2 months for complex requests).
8. Cookies and similar technologies
Our website uses a small number of cookies. We manage these through a consent banner: strictly necessary cookies that remember your consent choices are set automatically, and analytics cookies are set only if you accept them. You can change or withdraw your choice at any time through the cookie settings on our site.
We currently use:
Strictly necessary —CookieScriptConsent, which stores your cookie consent preferences so the banner works correctly.
Analytics (Google Analytics 4) —_ga and _ga_JV20MK4KVJ, which help us understand how visitors use the site so we can improve it. GA4 does not store your IP address.
For a current, detailed list of every cookie — its provider, purpose, and lifetime — see our cookie report. It is scanned regularly and reflects the cookies actually in use.
9. Security and automated processing
Data security
We protect your data with:
Encryption in transit and at rest.
Access controls and authentication.
Regular security monitoring.
Secure Azure infrastructure.
We constantly monitor the security landscape to ensure our systems are continously kept secure.
10. Children’s data
Our service isn’t intended for anyone under 16. If we learn we’ve collected data from someone under 16 without proper consent, we’ll delete it.
11. Complaints
If you’re unhappy with how we handle your data, you can complain to:
Datatilsynet (Denmark)
Website: www.datatilsynet.dk
Email: dt@datatilsynet.dk
Address: Borgergade 28, 5., 1300 Copenhagen K
EU residents: you may also contact your local data protection authority.
12. Changes to this policy
We may update this policy and will:
Post changes on this page.
Update the “Last updated” date.
Changes take effect when posted.
13. Contact us
General questions: mail@just-software.com
Data protection: security@just-software.com
Just Software, Automatikvej 1, 3., 2860 Søborg, Denmark.