Privacy Policy

Your privacy is of utmost importance to us at Phases, and we are committed to safeguarding your data and ensuring compliance with the General Data Protection Regulation (GDPR).

This Privacy Policy outlines what information we collect, why we collect it, how we use it, and the measures we take to protect it.

Purpose of Data Collection & Lawful Basis

We collect your information to enhance your user experience, provide relevant content and services, keep you informed about new opportunities, improve search results based on your data, and track recruitment activities for potential candidates or clients.

We process your personal data lawfully, relying on different legal bases such as your consent, contract performance, or legitimate interests, as required under GDPR.

Data Controller and Data Processor

Your personal data is processed by the Phases at Melby Enghavevej 64, 3370, Melby, Denmark.

We may provide access to your data to third-party data processors for specific purposes outlined by us. We work with third-party data processors to assist in providing our services. These processors handle your data as required and are bound by data processing agreements to ensure GDPR compliance.

Here the data processors are mentioned below:

  • Phases Innovations
  • Citrix Podio
Data Protection Officer

Phases have appointed a Data Protection Officer (DPO), and everyone is always free to contact our DPO with any queries regarding the processing of your personal data. You can always contact our DPO at [email protected]

Data Subject Rights

You have certain rights under the GDPR, including the right to access, rectify, erase, object to processing, data portability, and restrict processing. If you wish to exercise any of these rights, please contact our DPO.

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the appropriate supervisory authority.


We use cookies and tracking technologies on our website to enhance your browsing experience. Please see our Cookie Policy for more details on the types of cookies we use and how you can manage your preferences.

Data Security & Retention

We take data security seriously and have implemented measures to protect your data from unauthorized access, disclosure, alteration, or destruction.

We will retain your personal data only as long as necessary to fulfill the purposes for which it was collected, in accordance with our retention policy.

Updates to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices. You will be notified of any material changes.

If you have any questions or concerns about this Privacy Policy, please contact our Data Protection Officer. Thank you for trusting us with your data.

General Principles
  • Processing should be done lawfully, fairly and in a transparent manner. Particularly, for lawful processing – at least one of the prescribed requirements under GDPR are to be met, such as where the Data Subject has consented to the processing; or processing is necessary for the performance of a contract to which the Data Subject is a party; or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority, etc.
  • Personal Data should be collected for specified, explicit and legitimate purposes and not further processed if incompatible with those purposes (except where specifically permitted under GDPR), and it should be adequate, accurate, relevant and limited to what is necessary for relation to the purposes for which they are processed.
  • Personal Data should be kept in a form which permits the identification of data subjects for no longer than is necessary.
Laws & Regulations to be followed in GDPR

The GDPR provides appropriate rights to the users about the protection of their personal data. These rights are based on the legal articles stated below,

Article 6 of GDPR states that processing of the user’s personal data is lawful only when the individual gives consent to the processing of the personal data for a specific purpose.

Recital 58 of the GDPR requires you to provide the users with details about how their personal data is going to be put in use. This is also called the principle of transparency.

Recital 85 of the GDPR centers around the security of data. It states on protecting data to prevent a data breach and responding quickly and appropriately in the event of a data breach are requirements of this regulation.

Personal data breach

If a data breach occurs, we'll promptly inform the supervisory authority (within 72 hours) and affected individuals if there's a risk to their rights and freedoms.

We'll document all breaches, including the details and actions taken. As a processor, we'll immediately notify the controller once aware of any data breach.

Retention Policy

We will be storing personal data if it serves and fulfills the purpose as mentioned.

Personal data obtained in connection with the business operation will be deleted according to either Phases' internal policy or according to the agreed-upon terms with our suppliers within the purpose of the use of our data.