Privacy Policy

Your Data at a Glance

We collect only what we need to provide our SaaS service, keep it secure in your chosen region, and give you full control. Here’s what matters most:

• What we collect: Account details, IP addresses for functionality, support communications

• Why: To provide your service, manage your account, and keep systems secure

• Where: In the Azure EU regions and additional data in regions configured during on-boarding of services (EU, US, or Canada)

• How long: Application data deleted 90 days after cancellation; contact info kept 5 years for accounting

• Your rights: Access, correct, delete, or export your data anytime

1. Who We Are

Data Controller:

• Just Software, Automatikvej 1, 3., 2860 Søborg, Denmark

• Email: mail@just-software.com

Data Protection Officer:

• Email: security@just-software.com

2. What Personal Data We Use

Account & Service Data

• Contact information: Name, email, company name

• Account access: Username, encrypted password

• Service usage: IP addresses, access logs, session data

• Analytics data: Service performance, feature usage, error tracking for observability

• Support: Messages through our HeroDesk system

We Don’t Collect

• Payment details (handled by Azure Marketplace)

• Data from third parties for marketing purposes

3. Why We Process Your Data

PurposeLegal ReasonData UsedProvide your SaaS serviceContract with youAccount details, usage dataAccount managementContract with youContact info, credentialsService improvement & observabilityOur legitimate interest in service qualityAnalytics data, error logs, performance metricsCustomer supportContract with youSupport communicationsSystem security & logsOur legitimate interest in securityIP addresses, access logsLegal obligationsRequired by lawContact info for accounting (5 years)

Our Legitimate Interests: We use IP addresses and logs to protect against security threats and ensure service availability. We analyze service performance and usage patterns to improve functionality and fix issues. We balance this against your privacy rights and only keep what’s necessary.

4. Who We Share Data With

We only share your data with these service providers:

• Microsoft Azure: Cloud hosting (your chosen region)

• TwentyCRM: Customer relationship management

• HeroDesk: Support system (365-day retention)

• Google Analytics: Anonymous website usage (IP anonymized)

All providers use standard contractual clauses and appropriate security measures.

5. Where Your Data Goes

Your Choice of Region

You select where your application data is stored and processed:

• Available regions: EU, United States, Canada

• Data stays: In your chosen region for processing

• No unexpected transfers: Data doesn’t leave your region

Service Provider Transfers

Some providers may process data outside EU:

• Microsoft Azure: EU adequacy decisions + standard contracts

• Google Analytics: EU-US adequacy + standard contracts

• Others: Standard contractual clauses where needed

6. How Long We Keep Data

Data TypeRetention PeriodWhyApplication dataDeleted 90 days after cancellationService terminationContact information5 years after cancellationDanish accounting lawAnalytics data24 months or until service terminationService improvement and observabilitySupport messages365 days (auto-deleted)Customer serviceSecurity logsAs needed for securityLegitimate security interests

7. Your Rights

You have these rights regarding your personal data:

Access – Get a copy of your data

Correct – Fix inaccurate information

Delete – Remove your data (with some legal exceptions)

Restrict – Limit how we use your data

Export – Get your data in a usable format

Object – Stop processing based on legitimate interests

Withdraw consent – Where we rely on your consent

To use your rights: Email security@just-software.com

Response time: Within 1 month (may extend to 2 months for complex requests)

8. Security & Automated Processing

Data Security

We protect your data with:

• Encryption in transit and at rest

• Access controls and authentication

• Regular security monitoring

• Secure Azure infrastructure

While we use strong security measures, no system is 100% secure.

Automated Decisions

We don’t use automated decision-making that significantly affects you. We plan to automate data deletion to meet retention periods.

9. Children’s Data

Our service isn’t intended for anyone under 16. If we learn we’ve collected data from someone under 16 without proper consent, we’ll delete it.

10. Complaints

If you’re unhappy with how we handle your data, you can complain to:

Datatilsynet (Denmark):

• Website: www.datatilsynet.dk

• Email: dt@datatilsynet.dk

• Address: Borgergade 28, 5., 1300 Copenhagen K

EU residents: Contact your local data protection authority.

11. Changes to This Policy

We may update this policy and will:

• Post changes on this page

• Update the “Last updated” date

• Email you about significant changes

Changes take effect when posted.

12. Contact Us

General questions: mail@just-software.com

Data protection: security@just-software.com