Privacy policy

Here is an introduction to our privacy policy. 


Risika is one of the approved national credit reporting agencies. Our credit rating business is regulated by the Danish Data Protection Agency. We are also held accountable by various other laws and industry standards as well as your expectations. We are sensitive to your interest in privacy, and we are committed to letting you know what information is being collected, how the information is being used, and in providing you choices in the use of the information.

This privacy policy (“Privacy Policy“) describes how Risika ApS CVR-no. 37677892, located at Kronprinsessegade 26B, 1306 København K (“Risika”) processes your personal data, and what your rights are in relation to Risika’s collection, processing, and retention of your personal data. We have created this privacy policy as we remain firm on fulfilling our obligations in terms of securing personal data.

This website may contain links to other websites operated by third parties. Risika is not accountable for the privacy practices or the contents of such websites operated by third parties.


Risika collects personal data from you in various ways e.g.:

  • When applying for a job;
  • When using our platform;
  • If you approach Risika in order to initiate a business collaboration; or
  • When signing up for our newsletter

The following information may be gathered in relation to the above-mentioned collection of personal data:

  • Name, address, telephone number, email address, birthday;
  • CPR-number; previous job history, professional career, spare time activities
  • Other specific information you may choose to provide us.


Risika limits its collection, storing and processing of personal data to situations where a specific purpose exists, such as being able to process your job application, optimizing your experience on our platform, being able to deliver our newsletter to you, being a responsible business partner, etc.


When Risika as an approved national credit rating agency is processing and disclosing your information in our products and services as data controller, it is necessary if the processing is necessary for Risika or a third party to pursue a legitimate interest exceeding the registrant's interests or fundamental rights and freedoms, cf. Article 6 (1) of the General Data Protection Regulation. The legitimate interests justifying the treatment are to offer creditors who are Risika’s customers access to information for the purpose of assessing an entity's financial soundness and creditworthiness. At the same time, access to the information contributes to avoiding excessive indebtedness and the negative consequences of such excessive indebtedness it may have for the parties concerned.

Risika may process your personal data based on the following legal basis:

  • Your freely given, specific, informed and unambiguous consent to the processing of the personal data regarding you. If sensitive personal data, such as health data, information about your ethnicity, sexuality or genetic data is collected from you, such consent will also be explicit.
  • In order to comply with a legal obligation.
  • In cases where the processing is necessary for research purposes.
  • In order to fulfill or protect a legitimate interest, unless your interests or fundamental rights and freedoms which require protection of your personal data override the interests of Risika. The interests Risika may pursue include the interests in relation to being able to process your job application, being able to deliver our newsletter to you.


Risika may disclose or transfer your personal data to the following recipients:

  • Affiliates of Risika;
  • Suppliers, business partners or other collaborators;
  • Public authorities;

Certain recipients process personal data on behalf of Risika and may only process your personal data in accordance with the instructions given by Risika. These third parties may not process your personal data for their own purposes.

To the extent Risika disclose or transfer your personal data to these third parties who may use your personal data for their own purposes, such disclosure or transfer will only take place if it is in accordance with applicable law or with prior consent obtained from you, where required.


In certain cases, your personal data may be transferred to an affiliate of Risika established outside of EU/EEA, e.g. the United States. Risika ensures that such transfer will be carried out in accordance with the applicable data protection laws. This entails that any party outside of EU/EEA that comes in possession of your personal data must ensure an adequate level of protection, for example, by adhering to the EU-US Privacy Shield or entering into the EU standard contractual clauses with Risika. If you have any inquiries in relation here to, you are welcome to contact Risika – please see the contact information below.


Risika will only store your personal data as long as necessary to fulfill the purpose of the processing of your data. However, special regulations may apply and within certain areas, you may be given the option to an extended time of storage of your personal data. For further information about the special regulation, please contact Risika – please see the contact information below.

Some of your personal data must be stored for accounting purposes or for the defense of legal claims. This personal data will be stored until the expiration of the statutory limitation period which for instance is 5 years for retention of accounting material.


Risika has taken all necessary and adequate steps in order to protect your personal data and ensure your rights as a data subject.

You have certain rights, which are described below. Please note that certain exceptions may apply, e.g. if the processing is necessary for compliance with a legal obligation or for the establishment, exercise or defense of legal claims. If you have any questions to your rights as a data subject, please contact Risika – please see the contact information below.


  • You have the right to request access to the personal data Risika has stored concerning you. Risika must provide you with the following information:
    • the purposes of the processing,
    • the categories of the personal data concerned,
    • the recipients or categories of recipients, including recipients in third countries,
    • the retention period or the criteria for the determination of the retention period,
    • the specific data subject’s rights regarding rectification, erasure or restriction of processing of personal data as well as the right to object to such processing,
    • the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet),
    • where the personal data are not collected from the data subject, any available information as to their source; and,
    • the existence of automated decision-making, including profiling and meaningful information on the logic behind and the envisaged consequences of such processing for the data subject.

Risika must provide a copy of the personal data undergoing processing free of charge and by electronic means if the request has been submitted in a commonly used electronic form.


  • You have the right to rectify inaccurate personal data concerning you, including completion of incomplete personal data.


  • Under certain circumstances, you have the right to erasure; meaning upon your request, Risika must erase the personal data stored concerning you. Please note that the right to erasure is not absolute, thus one of the following conditions must apply:
    • the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed,
    • you withdraw your consent and there is no other legal ground for processing (such as legitimate interests pursued by Risika),
    • you object to the processing and there are no overriding legitimate grounds for the processing,
    • the personal data have been unlawfully processed, or
    • the personal data must be erased for compliance with a legal obligation in accordance with EU or Danish law.


  • If one of the following circumstances applies, you have the right to restrict Risika’s processing of personal data concerning you.
    • the accuracy of the personal data is contested by you – however, only for a period enabling Risika to verify the accuracy of such personal data,
    • the processing is unlawful and you request the restriction of the use of personal data instead of erasure,
    • Risika no longer needs the personal data for the purposes of the processing but the personal data is required by you for the establishment, exercise or defense of claims, for example, as documentation or evidence,
    • you have objected to processing, on grounds related to his or her particular situation, and is pending the verification whether legitimate grounds of Risika override those of the data subject.


  • You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format. Where the processing is based on a consent or a contract and the processing is carried out by automated means format, you have the right to transmit this personal data to a third party without hindrance from Risika.


  • Under certain circumstances, you have the right to object at any time to Risika’s processing of personal data concerning you.


  • When processing your personal data is based on your consent, you may withdraw your consent at any time. Please note that this does not affect Risika’s processing of your personal data prior to the withdrawal of your consent.


If you wish to file a complaint regarding Risika’s processing of your personal data, you can contact Risika. If your complaint is not resolved, please feel free to contact the Danish Data Protection Agency.

Risika A/S

CVR-no. 37 67 78 92
Kronprinsessegade 26B
DK-1306 København K
Tel +45 42 90 57 57

Danish Data Protection Agency (Datatilsynet)

Borgergade 28, 5. DK-1300 København K Telephone number: +45 33 19 32 00 Email address: Website:

Social Media – Privacy Policy


Risika Ltd. (“Risika”, “we”, “our”, “us”) is the data controller together with the social media provider, for the activities that take place on our company site.

This policy explains how we process your information when you visit our company site on social media

You should be aware that social media also process your information about you. You can read about how they process your information, in their privacy policies. In these policies, you can also read about how your information is stored, and whether they are transferred to countries outside of the EU.

Facebook, Instagram, LinkedIn

Purpose of the processing

We use social media to promote our business. In addition, we process information from social media to interact with you, when you ask questions or otherwise gives us reasons to respond to your posts. We do not use information about you from social media for direct marketing or statistics. Remember, that the comments on our social media posts can be seen by other users. You should therefore never share the information which you don’t want to be public.


We store your information until we no longer need them for our processing. We generally delete entries and inquiries after 1 year.

We reserve the right to delete and store comments and enquires with infringing or illegal content, should the information be used in connection with a legal dispute. The information is deleted when the dispute is resolved, at the latest.

Your rights

You can always edit or delete posts you have posted on our company site. To the extent in which you wish to access, delete, or make use of another one of your rights regarding your information on our company site, please use the deletion and editing options available on the social media site, at first. If this does not meet your needs, please contact us here:

If you wish to make a complaint regarding our processing of your data, please contact us at first. If we cannot help, you can file a complaint through the Danish Data Protection Agency:


Lastly, we recommend you to read our policy on Cookies, which can be found here.


This Privacy Policy will be updated on a regular basis and when necessary due to changes in applicable law. The Privacy Policy will always include information on the effective date of the most recent version. To the extent, the changes of the Privacy Policy are regarded as material and significant, you will be expressly informed hereof, for example, on Risika’s website. In certain cases, you may receive a request from Risika to accept the changes prior to their entry into force.


Last updated 24/6-2019