Privacy Policy

Last updated: 2026-07-03

1. Data controller

LynBro ApS, CVR 46321499, Rødovre, Denmark ("we") is the data controller for personal data processed on soge.dk and in the Soge API. Contact: info@lynbro.dk.

2. What we process

  • Account: email, password (hashed), optionally phone number and CVR number.
  • Billing: handled by Stripe — we never store card details, only subscription and invoice status.
  • Technical: IP address, browser/User-Agent and request logs for operations, security and quota metering. Logs are kept short-term.

3. Purposes and legal bases

We process data to provide the account, the API and billing (contract, GDPR art. 6(1)(b)); for security and abuse prevention — rate limiting, key/device/IP binding (legitimate interest, art. 6(1)(f)); and for bookkeeping (legal obligation, art. 6(1)(c)).

4. Data from public registries

Site content (vehicles, companies) comes from public registries — the Danish Motor Registry (DMR) and CVR/Virk. Information about persons (e.g. company ownership) is shown as it appears in CVR, which is public by law. Advertising protection (reklamebeskyttelse) is respected. Corrections must be made in the source registry (Virk/Motorregistret); for questions about how data is displayed here, contact us.

5. Recipients

Stripe (payments), hosting and email providers in the EU/EEA. We do not sell personal data.

6. Cookies

We only use essential cookies (session, CSRF protection, language choice). No tracking or marketing cookies.

7. Retention

Account data is kept for as long as the account exists. Invoice data is kept for 5 years (Danish Bookkeeping Act). Technical logs are deleted on a rolling basis.

8. Your rights

You have the right of access, rectification, erasure, restriction, data portability and objection. Write to info@lynbro.dk. You may complain to the Danish DPA, Datatilsynet.