Draft notice
This Privacy Policy is a working draft for JobBase. It must be reviewed by qualified Danish counsel before JobBase v1.0. It is intended to meet transparency expectations under the EU General Data Protection Regulation (GDPR) and Danish supplementary rules.
Who is responsible
The data controller for personal data processed in connection with JobBase is Krata Systems (CVR 46473507), Bogfinkevej 4, 3650 Ølstykke, Denmark.
For customer or employee data you upload into JobBase, you are typically the controller and Krata Systems processes that data on your instructions as a processor.
What we collect
Account data: name, email, authentication identifiers, organisation membership, and preferences (including language).
Business data you enter: company profile, customers, jobs, inventory, invoices, messages, attachments, and audit or activity logs generated by use of the service.
Technical data: device/browser information, IP address, and operational logs needed for security, support, and reliability (including via hosting and email providers).
Why we process data and legal bases
We process data to provide and secure JobBase, authenticate users, communicate about the service, improve reliability, and comply with law.
Typical GDPR bases include contract (Art. 6(1)(b)), legitimate interests such as security and product improvement (Art. 6(1)(f)), and consent where required (Art. 6(1)(a)), for example for optional marketing if offered.
Sharing and subprocessors
We use trusted infrastructure providers to run JobBase, including hosting (e.g. Vercel), database and authentication (e.g. Supabase), and transactional email (e.g. Resend). These providers process data under contractual safeguards.
We do not sell personal data. We may disclose data when required by law or to protect rights, safety, and security.
Retention
We retain account and business data while your organisation uses JobBase and for a reasonable period afterward to support export, billing, disputes, and legal obligations.
Logs and security records may be kept for shorter or longer periods depending on operational and legal needs.
Your rights
Under GDPR you may have rights of access, rectification, erasure, restriction, portability, and objection, subject to conditions in law.
You may lodge a complaint with the Danish Data Protection Agency (Datatilsynet) at datatilsynet.dk.
Contact us using the details below to exercise rights relating to data Krata Systems controls as controller.
International transfers
Some subprocessors may process data outside the EU/EEA (for example in the United States). Where required, we rely on appropriate safeguards such as Standard Contractual Clauses and supplementary measures.
Contact
Krata Systems, Bogfinkevej 4, 3650 Ølstykke, Denmark.
Phone: +45 40 89 00 44 (17:00–19:00, Europe/Copenhagen).