Legal

Privacy Policy

Last updated: February 7, 2026  ·  Terms of Use

Sekorti is operated by Reetro ApS ("we", "us", "our"), a company registered in Denmark under CVR DK41274506. Your privacy matters to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit sekorti.com or use our platform. This policy should be read alongside our Terms of Use. By using Sekorti, you agree to the collection and use of information in accordance with this policy.

Section 01

Information We Collect

We may collect the following categories of information:

Information You Provide

  • Name and email address when you create an account
  • Company name and domain
  • Security and compliance information you upload to your Trust Center
  • Documents, questionnaire responses, and policy information you create or upload
  • Communication data when you contact us via email or support channels
  • Payment information when you subscribe to a paid plan (processed securely by our payment provider)

Information Collected Automatically

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited, time spent, and usage patterns
  • Device identifiers
  • Referring URLs
Section 02

How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve the Sekorti platform
  • To create and manage your account and Trust Center
  • To process security questionnaires and manage trust review workflows
  • To communicate with you about service updates, security notices, and support requests
  • To process payments and manage subscriptions
  • To analyze usage patterns and improve our product
  • To detect, prevent, and address technical issues or security threats
  • To comply with legal obligations

We process your data based on the performance of our contract with you, your consent, our legitimate interests, or legal obligations — depending on the context.

Section 03

How We Share Your Information

We do not sell your personal information. We may share your data in the following limited circumstances:

  • Service providers: Third-party vendors who help us operate the platform (e.g., cloud hosting, email delivery, payment processing). These providers are bound by confidentiality obligations.
  • Trust Center visitors: Information you choose to publish on your public Trust Center is visible to anyone who accesses it. Private Trust Centers are only accessible to authorized recipients.
  • Trust Room participants: Documents and information shared within a Trust Room are accessible only to invited participants.
  • Legal requirements: We may disclose your information if required by law, regulation, or legal process.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction.
Section 04

Data Security

We take the security of your data seriously and implement appropriate technical and organizational measures to protect it, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication requirements
  • Regular security assessments and monitoring
  • Secure cloud infrastructure with reputable providers
  • Incident response procedures

If you suspect any unauthorized access to your account or data, please contact us immediately at [email protected].

Section 05

Data Retention

We retain your data for as long as your account is active or as needed to provide our services. When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal, tax, or regulatory purposes.

Documents and information you upload to Trust Centers, Trust Rooms, or questionnaire responses will be deleted when you remove them or when your account is terminated.

Section 06

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Restriction: Request that we limit how we use your data
  • Portability: Request a copy of your data in a structured, machine-readable format
  • Objection: Object to our processing of your data for certain purposes
  • Withdrawal of consent: Withdraw consent at any time where we rely on consent as the legal basis

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

Section 07

Cookies

Sekorti uses cookies and similar technologies to improve your experience, analyze usage, and provide certain functionality.

Strictly Necessary Cookies

Required for the operation of the platform, including authentication and session management.

Analytics Cookies

Help us understand how visitors interact with our website, allowing us to improve the user experience. We use Google Analytics for this purpose.

Functionality Cookies

Remember your preferences and settings, such as language and display options.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the platform.

Section 08

Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

Section 09

International Data Transfers

Sekorti is based in Copenhagen, Denmark. If you access our platform from outside the European Economic Area (EEA), your data may be transferred to and processed in countries within the EEA. We ensure that appropriate safeguards are in place for any international data transfers in compliance with applicable data protection laws.

Section 10

GDPR Compliance

Sekorti is committed to compliance with the General Data Protection Regulation (GDPR). We act as a data controller for the personal data we collect from you. Where we process data on your behalf (e.g., information stored in your Trust Center), we act as a data processor.

Our legal bases for processing include: performance of a contract, legitimate interests, consent, and compliance with legal obligations.

For questions or complaints regarding data protection, you may contact the Danish Data Protection Agency (Datatilsynet) or your local supervisory authority.

Section 11

CCPA Compliance

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

  • The right to know what personal information we collect, use, disclose, and sell
  • The right to request deletion of your personal information
  • The right to opt-out of the sale of your personal information (we do not sell personal information)
  • The right not to be discriminated against for exercising your CCPA rights

To exercise these rights, contact us at [email protected]. We may verify your identity before fulfilling your request.

Section 12

Children's Privacy

Sekorti is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us and we will take steps to delete it.

Section 13

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically. Your continued use of Sekorti after any changes constitutes acceptance of the updated policy.

Section 14

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

  • Email: [email protected]
  • Company: Reetro ApS (CVR: DK41274506)
  • Location: Copenhagen, Denmark