Privacy Policy
Effective Date: 01.21.2026
Last Updated: 01.21.2026
This Privacy Policy explains how DuusAI (legal entity: HCD PAS) (“DuusAI,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information when you visit our website duusai.com, contact us, or use our services.
We provide AI automation and agent-building services, chatbots, analytics, and marketing/lead generation solutions primarily for business clients (B2B).
1. Who We Are (Data Controller)
Legal Entity: HCD APS
Brand Name: DuusAI
Address: Næsdbyvej 5, 4171 Glumsø, Denmark
Website: duusai.com
Privacy Lead / Contact Person: Noah Wichmann Duus
Privacy Contact Email: [email protected]
Alternative Contact Email: [email protected]
2. Scope of This Privacy Policy
This Privacy Policy applies to:
Visitors of our website
Prospective customers who contact us
Customers and business contacts using our services
Users whose data may be processed through our AI automations (as part of providing services to a business client)
3. Information We Collect
We collect personal information in the following ways:
A) Information You Provide Directly
This may include:
Name
Email address
Phone number
Company name and role/title
Billing and payment-related information
Messages you send to us (forms, email, chat, support)
Files you upload or share with us (such as PDFs, documents, spreadsheets)
B) AI & Service-Related Data
When we provide AI automation services, we may process:
User prompts / chat inputs
Conversation history
AI outputs generated for you
Files provided for processing (documents, spreadsheets, etc.)
Feedback (e.g., corrections, approvals, thumbs up/down)
Training/evaluation datasets (only when applicable and permitted)
C) Automatically Collected Data (Website & Technical Data)
When you visit our website, we may automatically collect:
IP address
Device and browser information
Approximate location
Log data (timestamps, pages visited, referral URLs)
Cookies and similar tracking technologies
Analytics identifiers
4. Cookies and Tracking Technologies
We use cookies and similar technologies to support website functionality and business operations, including lead-related tracking (“lead scraping”), analytics, and performance.
We use Cookiebot to manage cookie consent. You can update your cookie preferences at any time through our cookie banner or cookie settings.
5. How We Use Your Information
We use personal information for the following purposes:
A) Providing and Operating Our Services
Deliver AI automations, agents, chatbots, and analytics solutions
Set up and manage client accounts
Process inputs and files needed to perform services
Provide customer support and troubleshooting
B) Sales and Business Communication
Respond to inquiries
Send proposals and service-related communications
Manage business relationships
C) Marketing
Send marketing emails (where permitted by law)
Share service updates, offers, or relevant content
You can opt out at any time (see “Your Rights and Choices”).
D) Improving Our Services and Systems
Improve internal workflows and service delivery
Debug, test, and improve automations and AI systems
(see “AI Processing and Model Training”)
E) Security and Compliance
Maintain security, prevent fraud, and monitor for misuse
Comply with legal obligations and enforce agreements
6. Legal Bases for Processing (GDPR / UK GDPR)
Where GDPR or UK GDPR applies, we process personal data under one or more legal bases, including:
Performance of a contract (to provide requested services)
Legitimate interests (e.g., business operations, security, service improvement)
Consent (e.g., marketing emails where required, and AI training opt-in where applicable)
Legal obligation (e.g., accounting or regulatory requirements)
7. AI Processing and Model Training
DuusAI provides AI-based automations and may use third-party AI providers to generate outputs.
A) AI Inputs and Outputs
When you use our services, we may process:
Prompts, messages, and instructions
Uploaded files and data sources
Outputs produced by AI systems
B) Training and Improvement
We may use certain data to improve our AI systems only with explicit opt-in where required or appropriate.
We do not use customer data for AI training unless you (or the relevant client) explicitly opt in.
C) Automated Decision-Making
We do not use automated decision-making that produces legal or similarly significant effects (such as hiring decisions, credit decisions, or eligibility determinations).
8. How We Share Your Information
We do not sell personal information.
We may share personal information only as needed for business operations, including:
A) Service Providers (Processors / Sub-Processors)
We may share data with trusted vendors that help us run our services, including:
Cloudflare (security and performance)
GoHighLevel (hosting/CRM/support/workflows)
Google Workspace (email and business operations)
Stripe and Lemon Squeezy (payments)
n8n and BuildMyAgent (automation tools)
Firebase (database/services)
AI providers such as OpenAI, Claude (Anthropic), Gemini (Google)
These providers may process data on our behalf under contractual obligations.
B) Business Partners
We may share limited information with business partners when necessary to deliver services.
C) Legal Requirements
We may disclose information if required by law, legal process, or to protect rights, safety, and security.
9. International Data Transfers
DuusAI is based in Denmark, but we may work with customers in the US and UK and may use vendors that process data in other countries.
Where required under GDPR/UK GDPR, we will use appropriate safeguards (such as contractual protections) to protect international transfers.
10. Data Retention
We retain personal information:
For as long as needed to provide services
To comply with legal, accounting, or contractual obligations
To resolve disputes and enforce agreements
AI Data Retention
We may retain AI-related data (such as prompts, files, or outputs) only for debugging and improvement purposes, and only as necessary for those purposes.
11. Security Measures
We take reasonable technical and organizational measures to protect personal information, including:
Encryption in transit (HTTPS/TLS)
Encryption at rest (where applicable)
Access controls and least-privilege access
Multi-factor authentication (MFA)
Logging and monitoring
Secure backups
Vendor/security review practices where relevant
No system is 100% secure, but we work to protect your information and reduce risks.
12. Your Rights and Choices
Depending on your location, you may have rights regarding your personal information.
A) GDPR / UK GDPR Rights
If you are in the EU/EEA or UK, you may have the right to:
Access your personal data
Correct inaccurate data
Request deletion
Restrict processing
Object to processing
Data portability
Withdraw consent (where processing is based on consent)
B) US Privacy Rights (Including California)
Where applicable, you may have rights to:
Know what personal information is collected
Request deletion
Opt out of certain data uses (where applicable)
C) Opt-Out Options
You can opt out of:
Marketing emails (via unsubscribe links or by contacting us)
AI training (if applicable and offered)
D) Response Time
We aim to respond to verified requests within 30 days.
To submit a request, contact us at: [email protected]
13. Children’s Privacy
Our services are intended for users aged 13 and above. We do not knowingly collect personal information from children under 13.
If you believe a child has provided us personal data, please contact us and we will delete it where required.
14. “Do Not Sell” Statement (CCPA/CPRA)
We do not sell personal information.
We provide AI automations and services, and we use personal data only as necessary to operate and deliver those services.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised “Last Updated” date.
If changes are significant, we may provide additional notice where required by law.
16. Contact Us
If you have questions or concerns about this Privacy Policy or your personal information, contact:
Noah Wichmann Duus
DuusAI (HCD PAS)
Address: Næsdbyvej 5, 4171 Glumsø, Denmark
Email: [email protected]
Alternative Email: [email protected]