Privacy Policy
Aisel Health ApS
Danneskiold-Samsøes Allé 41, Ground floor
1434 Copenhagen
Denmark
Company registration number: 44863332
(the ”Organization”)
This is version 2 last updated the 08.05.2025
Table of Contents
1. Introduction
2. Types of personal data processed
3. Purposes of processing the personal data
4. Legal basis for processing personal data
5. Disclosure and transfer of personal data
6. Erasure and retention of personal data
7. Data subject rights
8. Changes to this Policy
9. Contact
1. Introduction
1.1 This Policy describes how Aisel Health ApS (“we”, “us” or “our”), when acting as a controller, collects and processes your personal data relating to purchase of services, memberships, products, or use of our website.
1.2 The Policy is prepared to comply with the GDPR (2016/679 of 27 April 2016) and rules on information to be provided to data subjects.
2. Types of personal data processed
2.1 We process personal data when necessary and in accordance with law.
This may include:
- IP addresses
- Telephone number
- Email
- Name
2.2 If you work with one of our customers, we may also process communication history and CRM data relating to the commercial relationship.
2.3 Only when strictly relevant and necessary, we may process special categories of personal data (sensitive data), including: health information (health status, illness, diagnosis, etc.)
2.4 Sensitive personal data are processed for: Healthcare service delivery (AI-driven support for psychiatric consultations, pre-consultation data collection, automated reporting)
- Regulatory compliance (documentation of patient consent, GDPR obligations)
- Quality improvement and reporting (analysis of anonymised data to improve AI algorithms)
- Security and integrity of health data (logging, secure storage, auditing)
- Research & development (aggregated anonymised health data).
2.5 If more personal data are collected than described, this Policy will be updated.
3. Purposes of processing the personal data
3.1 We will only process your personal data if we have a legitimate purpose and in that case in accordance with the rules of the GDPR. The personal data we collect about youi s processed for the following purposes:
a) To deliver products or services.
b) To provide service messages and information.
c) To store personal data to comply with applicable legislation requirements such as bookkeeping acts.
d) To provide support and service messages, including responding to questions and complaints and sending updates about our products and services.
e) To send newsletters and direct marketing (such as e-mails, MMS', direct messageson social media, etc.)
f) To send newsletters by e-mail.
g) To improve our products, services, or website.
h) To facilitate a sales process.
i) To administrate a customer or membership club.
j) To prevent fraudulent behavior or misuse of our products, services and website, including the processing of personal data for the purpose of legal actions.
k) To respond to inquiries or complaints.
4. Legal basis for processing personal data
4.1 We only process your personal data when we have a legal basis to do so in accordance with the GDPR. Depending on the specific circumstances, the processing of personal data is done on the following legal basis:
a) The processing is necessary for the performance of a contract to which the data subject is a party in accordance with GDPR, Article 6(1)(b), the first indent.
b) The processing is necessary in order to take steps at the request of the datasubject prior to entering into a contract in accordance with GDPR, Article 6(1)(b),last indent.
c) The processing is necessary to comply with applicable legislation in accordance with GDPR, Article 6(1)(c).
d) The processing is necessary for the purposes of the legitimate interests where such interests are not overridden by the interests or fundamental rights andfreedoms of the data subject which require protection of personal data inaccordance with GDPR, Article 6(1)(f).
e) The legal basis for the processing of such personal data is consent, in accordance with GDPR, Article 6(1)(a).
You can withdraw your consent at any time by contacting us via the contact details provided at the end of this Policy. If you with draw your consent, the personal data processed will be deleted, unless it must be processed in order to comply with legal obligations.
4.2 When it is strictly relevant and necessary, sensitive personal data (the “special categories of personal data”) listed in the GDPR, Article 9(1), may be processed. In suchcase the processing will only take place when permitted by the GDPR, Article 9(2) toArticle 9(4), including but not limited to the following instances:a) Your explicit consent in accordance with the GDPR, Article 9(2)(a).
5. Disclosure and transfer of personal data
5.1 We only transfer personal data to other entities when it is legally permitted or required.
5.2 We transfer personal data to the following recipients from the EU/EEA:
a) Processors
b) Suppliers
5.3 From time to time we use external entities as suppliers to assist us in delivering our services. The external suppliers will not receive or process personal data unless applicable law allows for such transfer and processing.Where the external parties are acting in the role of processors, the processing is always based on a data processing agreement in accordance with the requirements under GDPR.Where the external parties are acting in the role of controllers, the processing of personal data is based on such external parties’ data privacy policy and the relevantlegal bases which the external parties are obligated to inform about unless theapplicable legislation allows otherwise.
5.4 We do not transfer personal data to countries or international organisations outside the EU/EEA unless it is necessary on your specific request.
6. Erasure and retention of personal data
6.1 We ensure that the personal data is deleted when it is no longer necessary for the processing purposes described above. However, we retain your personal data to the extent that we are legally obligated, as is the case with for example accounting and bookkeeping materials and records. If you have any questions about our retention of your personal data, you may contact us by using the email mentioned in the last section of this Policy.
7. Data subject rights
7.1 As a data subject under GDPR, you have a number of rights.
7.1.1 You have the right to request access to the personal data we process about you, the purposes we process the personal data, and whether we disclose or transferyour personal data to others.
7.1.2 You have the right to have incorrect information rectified.
7.1.3 You have the right to have certain personal data deleted.
7.1.4 You may have the right to restriction of our processing of your personal data.You may have the right to object to our processing of your personal data based on reasons and circumstances that pertain to your particular situation.
7.1.5 You have the right not to be subject to a decision based solely on automated means, without human interference unless the decision
(1) is necessary for entering into, or performance of a contract between you and the Organization,(2) is authorised by law, or
(3) is based on your explicit consent.
7.1.6 If the processing of your personal data is based on your consent, you are entitled to withdraw such consent at any time. Withdrawal of your consent will not affect the lawfulness of the processing carried out prior to your withdrawal.
7.1.7 You are entitled to receive personal data which you have provided to us in a structured, commonly used, and machine-readable format (data portability).
7.1.8 You are entitled to receive personal data which you have provided to us in astructured, commonly used, and machine-readable format (data portability).
7.1.9 You can always lodge a complaint with the data protection authority.
7.2 Your rights may be subject to conditions or restrictions. Accordingly, there is nocertainty that you will be entitled to for example data portability in the specific situation; it will depend on the circumstances of the processing.
7.3 More information about data subject rights can be found in the guidelines of the national data protection authorities.
7.4 Please use the contact details below if you want to use your rights.
7.5 We try to meet your wishes about our processing of personal data, but you can always file a complaint to the data protection authorities.
8. Changes to this Policy
8.1 We reserve the right to update and amend this Policy. If we do, we correct the date and the version at the top of this Policy. If we make significant changes, we will provide notification by way of a visible notice, for example on our website or by direct message.
9. Contact
9.1 You may contact us at the below specified email if you:
a) disagree with our processing or consider our processing of your personal data infringeson the law,
b) have questions or comments to this Policy, or
c) want toinvoke one or more of your rights as a data subject described in this Policy.
If you have questions or comments to this Policy or if you would like to invoke one or more data subject rights, please contact us at info@aisel.co
Danneskiold-Samsøes Allé 41, Ground floor
1434 Copenhagen
Denmark
Company registration number: 44863332
(the ”Organization”)
This is version 2 last updated the 08.05.2025
Table of Contents
1. Introduction
2. Types of personal data processed
3. Purposes of processing the personal data
4. Legal basis for processing personal data
5. Disclosure and transfer of personal data
6. Erasure and retention of personal data
7. Data subject rights
8. Changes to this Policy
9. Contact
1. Introduction
1.1 This Policy describes how Aisel Health ApS (“we”, “us” or “our”), when acting as a controller, collects and processes your personal data relating to purchase of services, memberships, products, or use of our website.
1.2 The Policy is prepared to comply with the GDPR (2016/679 of 27 April 2016) and rules on information to be provided to data subjects.
2. Types of personal data processed
2.1 We process personal data when necessary and in accordance with law.
This may include:
- IP addresses
- Telephone number
- Name
2.2 If you work with one of our customers, we may also process communication history and CRM data relating to the commercial relationship.
2.3 Only when strictly relevant and necessary, we may process special categories of personal data (sensitive data), including: health information (health status, illness, diagnosis, etc.)
2.4 Sensitive personal data are processed for: Healthcare service delivery (AI-driven support for psychiatric consultations, pre-consultation data collection, automated reporting)
- Regulatory compliance (documentation of patient consent, GDPR obligations)
- Quality improvement and reporting (analysis of anonymised data to improve AI algorithms)
- Security and integrity of health data (logging, secure storage, auditing)
- Research & development (aggregated anonymised health data).
2.5 If more personal data are collected than described, this Policy will be updated.
3. Purposes of processing the personal data
3.1 We will only process your personal data if we have a legitimate purpose and in that case in accordance with the rules of the GDPR. The personal data we collect about youi s processed for the following purposes:
a) To deliver products or services.
b) To provide service messages and information.
c) To store personal data to comply with applicable legislation requirements such as bookkeeping acts.
d) To provide support and service messages, including responding to questions and complaints and sending updates about our products and services.
e) To send newsletters and direct marketing (such as e-mails, MMS', direct messageson social media, etc.)
f) To send newsletters by e-mail.
g) To improve our products, services, or website.
h) To facilitate a sales process.
i) To administrate a customer or membership club.
j) To prevent fraudulent behavior or misuse of our products, services and website, including the processing of personal data for the purpose of legal actions.
k) To respond to inquiries or complaints.
4. Legal basis for processing personal data
4.1 We only process your personal data when we have a legal basis to do so in accordance with the GDPR. Depending on the specific circumstances, the processing of personal data is done on the following legal basis:
a) The processing is necessary for the performance of a contract to which the data subject is a party in accordance with GDPR, Article 6(1)(b), the first indent.
b) The processing is necessary in order to take steps at the request of the datasubject prior to entering into a contract in accordance with GDPR, Article 6(1)(b),last indent.
c) The processing is necessary to comply with applicable legislation in accordance with GDPR, Article 6(1)(c).
d) The processing is necessary for the purposes of the legitimate interests where such interests are not overridden by the interests or fundamental rights andfreedoms of the data subject which require protection of personal data inaccordance with GDPR, Article 6(1)(f).
e) The legal basis for the processing of such personal data is consent, in accordance with GDPR, Article 6(1)(a).
You can withdraw your consent at any time by contacting us via the contact details provided at the end of this Policy. If you with draw your consent, the personal data processed will be deleted, unless it must be processed in order to comply with legal obligations.
4.2 When it is strictly relevant and necessary, sensitive personal data (the “special categories of personal data”) listed in the GDPR, Article 9(1), may be processed. In suchcase the processing will only take place when permitted by the GDPR, Article 9(2) toArticle 9(4), including but not limited to the following instances:a) Your explicit consent in accordance with the GDPR, Article 9(2)(a).
5. Disclosure and transfer of personal data
5.1 We only transfer personal data to other entities when it is legally permitted or required.
5.2 We transfer personal data to the following recipients from the EU/EEA:
a) Processors
b) Suppliers
5.3 From time to time we use external entities as suppliers to assist us in delivering our services. The external suppliers will not receive or process personal data unless applicable law allows for such transfer and processing.Where the external parties are acting in the role of processors, the processing is always based on a data processing agreement in accordance with the requirements under GDPR.Where the external parties are acting in the role of controllers, the processing of personal data is based on such external parties’ data privacy policy and the relevantlegal bases which the external parties are obligated to inform about unless theapplicable legislation allows otherwise.
5.4 We do not transfer personal data to countries or international organisations outside the EU/EEA unless it is necessary on your specific request.
6. Erasure and retention of personal data
6.1 We ensure that the personal data is deleted when it is no longer necessary for the processing purposes described above. However, we retain your personal data to the extent that we are legally obligated, as is the case with for example accounting and bookkeeping materials and records. If you have any questions about our retention of your personal data, you may contact us by using the email mentioned in the last section of this Policy.
7. Data subject rights
7.1 As a data subject under GDPR, you have a number of rights.
7.1.1 You have the right to request access to the personal data we process about you, the purposes we process the personal data, and whether we disclose or transferyour personal data to others.
7.1.2 You have the right to have incorrect information rectified.
7.1.3 You have the right to have certain personal data deleted.
7.1.4 You may have the right to restriction of our processing of your personal data.You may have the right to object to our processing of your personal data based on reasons and circumstances that pertain to your particular situation.
7.1.5 You have the right not to be subject to a decision based solely on automated means, without human interference unless the decision
(1) is necessary for entering into, or performance of a contract between you and the Organization,(2) is authorised by law, or
(3) is based on your explicit consent.
7.1.6 If the processing of your personal data is based on your consent, you are entitled to withdraw such consent at any time. Withdrawal of your consent will not affect the lawfulness of the processing carried out prior to your withdrawal.
7.1.7 You are entitled to receive personal data which you have provided to us in a structured, commonly used, and machine-readable format (data portability).
7.1.8 You are entitled to receive personal data which you have provided to us in astructured, commonly used, and machine-readable format (data portability).
7.1.9 You can always lodge a complaint with the data protection authority.
7.2 Your rights may be subject to conditions or restrictions. Accordingly, there is nocertainty that you will be entitled to for example data portability in the specific situation; it will depend on the circumstances of the processing.
7.3 More information about data subject rights can be found in the guidelines of the national data protection authorities.
7.4 Please use the contact details below if you want to use your rights.
7.5 We try to meet your wishes about our processing of personal data, but you can always file a complaint to the data protection authorities.
8. Changes to this Policy
8.1 We reserve the right to update and amend this Policy. If we do, we correct the date and the version at the top of this Policy. If we make significant changes, we will provide notification by way of a visible notice, for example on our website or by direct message.
9. Contact
9.1 You may contact us at the below specified email if you:
a) disagree with our processing or consider our processing of your personal data infringeson the law,
b) have questions or comments to this Policy, or
c) want toinvoke one or more of your rights as a data subject described in this Policy.
If you have questions or comments to this Policy or if you would like to invoke one or more data subject rights, please contact us at info@aisel.co