Privacy Policy

Last updated: March 19, 2026

1. Introduction

Supermonday ("we", "our", or "us") operates the supermonday.io website and the Supermonday marketing dashboard platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our Service.

We are committed to protecting your personal data in compliance with the General Data Protection Regulation (GDPR) and applicable Danish data protection legislation.

2. Data Controller

The data controller responsible for your personal data is:

Supermonday
Email: [email protected]

3. Information We Collect

3.1 Information you provide directly

  • Account registration details (name, email address, company name)
  • Payment and billing information
  • Communications with our support team
  • Any information you choose to provide when contacting us

3.2 Information collected through integrations

When you connect third-party services to Supermonday, we access and process data from those platforms on your behalf. This may include:

  • Meta (Facebook/Instagram Ads): Ad account data, campaign performance metrics, spend data, audience insights
  • Google Ads: Campaign data, keyword performance, spend, conversions
  • Microsoft Business Central: Financial data, sales orders, revenue metrics
  • Klaviyo: Email marketing metrics, campaign performance, subscriber data
  • Other integrations: Relevant marketing and business performance data as applicable

We process this data solely to provide the Service to you. We do not sell or share this data with third parties for their own marketing purposes.

3.3 Information collected automatically

  • Log data (IP address, browser type, pages visited, access times)
  • Device information (device type, operating system)
  • Cookies and similar tracking technologies

4. How We Use Your Information

We use the collected information to:

  • Provide, operate, and maintain the Service
  • Process your transactions and manage your account
  • Aggregate and display marketing data from connected platforms in your dashboard
  • Send you service-related communications (updates, security alerts, support)
  • Improve and develop our Service
  • Comply with legal obligations

5. Legal Basis for Processing

We process your personal data based on:

  • Contract performance: Processing necessary to provide the Service you've signed up for
  • Legitimate interests: Improving our Service, preventing fraud, ensuring security
  • Legal obligations: Compliance with applicable laws and regulations
  • Consent: Where you have given explicit consent (e.g., marketing communications)

6. Data Sharing and Transfers

We may share your data with:

  • Service providers: Hosting, analytics, payment processing, and customer support tools that help us operate the Service
  • Legal requirements: When required by law, court order, or governmental authority

Some of our service providers may be located outside the EU/EEA. In such cases, we ensure adequate protection through Standard Contractual Clauses (SCCs) or other approved transfer mechanisms.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. When you delete your account, we will delete or anonymize your data within 90 days, unless we are required to retain it for legal or regulatory purposes.

Marketing data pulled from third-party integrations is stored only for the duration of your active subscription and is deleted upon account termination.

8. Your Rights (GDPR)

Under the GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Request restriction of processing
  • Portability: Request your data in a portable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

9. Cookies

We use essential cookies to ensure the Service functions properly. We may also use analytics cookies to understand how visitors interact with our website. You can manage cookie preferences through your browser settings.

10. Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS), encrypted storage, access controls, and regular security assessments. However, no method of transmission or storage is 100% secure.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the revised policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]

You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) at datatilsynet.dk.