Privacy Policy

Last updated: 13.04.2026

1. Introduction

This Privacy Policy explains how Trifork A/S processes personal data in connection with the MyConsent platform.

MyConsent is a platform that helps organizations manage media assets, tag people appearing in those assets, request and document consent, and maintain records of consent decisions over time.

2. Data Controller

For the operation of the MyConsent platform itself, Trifork A/S is the data controller for the personal data described in this Privacy Policy.

Trifork A/S
Gdanskgade 2, 2150 Nordhavn
Denmark
CVR: 20921897
Email: support@myconsent.dk

3. Controller and Processor Roles on the Platform

MyConsent is used by companies and organizations that upload assets, invite users, tag people, and send consent requests.

  • For platform administration, account management, security, support, and service operations, Trifork A/S acts as data controller.
  • For customer-managed content and workflows, such as uploaded media, tagged users, consent requests, consent responses, and internal team administration, the relevant customer organization will typically act as its own data controller, and Trifork A/S will generally act as a data processor on that organization’s behalf.

If you receive a consent request from an organization using MyConsent, that organization may be separately responsible for its own processing of your personal data.

4. Personal Data We Process

Depending on how MyConsent is used, we may process the following categories of personal data:

  • Account and profile data, such as name, email address, username, role, and profile picture
  • Organization and team membership data, such as the company you belong to and your access role
  • Consent workflow data, such as consent requests, consent responses, consent history, timestamps, selected purposes, media types, exceptions, and related audit information
  • Media-related data, such as uploaded files, file names, folders, projects, tags, and references to people connected to an asset
  • Communication data, such as invitation emails, password reset emails, account signup invitations, and operational email delivery records
  • Technical and security data, such as IP address, session information, authentication tokens, timestamps, and system activity logs
  • Support and operational data, such as messages sent to us and information needed to troubleshoot service issues

Uploaded assets may contain personal data, including images or videos of identifiable individuals.

5. How We Collect Personal Data

We collect personal data:

  • Directly from you when you create an account, respond to a consent request, update your profile, contact support, or otherwise use the platform
  • From customer organizations using MyConsent, for example when they invite you to a team, upload media containing you, tag you on an asset, or send you a consent request
  • Automatically through the platform when you log in, use authenticated sessions, upload files, or interact with workflows and security features

6. Purposes and Legal Bases

  • To provide and administer the service, including account creation, login, password reset, invitations, organization membership, and access management. Legal basis: GDPR Article 6(1)(b) and, where relevant for business customers, Article 6(1)(f).
  • To operate consent workflows, including sending consent requests, recording responses, documenting history, and showing consent status in relation to media. Legal basis: GDPR Article 6(1)(b), Article 6(1)(c), and/or Article 6(1)(f).
  • To host and organize media assets. Legal basis: GDPR Article 6(1)(b) and/or Article 6(1)(f).
  • To maintain security, prevent misuse, investigate incidents, and preserve audit trails. Legal basis: GDPR Article 6(1)(f).
  • To provide customer support. Legal basis: GDPR Article 6(1)(b) and Article 6(1)(f).
  • To comply with legal obligations. Legal basis: GDPR Article 6(1)(c).
  • To improve service features. Legal basis: GDPR Article 6(1)(f).

7. Consent Records and Audit Trail

  • Who sent a consent request
  • Who received it
  • Which asset, purpose, or media type the request related to
  • Whether the request was approved, declined, revoked, or marked as an exception
  • When the action took place
  • Related technical metadata

8. Semantic Search and Media Processing

MyConsent may process uploaded images to generate thumbnails, resized previews, and semantic-search related metadata.

9. Sharing of Personal Data

  • The customer organization using MyConsent
  • Hosting, infrastructure, storage, email, security, and support providers
  • Authorities or regulators where required

10. International Transfers

Where personal data is transferred outside the EU/EEA, appropriate safeguards will be used.

11. Retention

  • Account data retained while active
  • Consent records retained longer if needed
  • Security logs retained for limited periods
  • Deleted account data may be anonymized or retained if required

12. Your Rights

  • Access your personal data
  • Correct inaccurate data
  • Request erasure
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent
  • Lodge a complaint

Contact: support@myconsent.dk

13. Cookies and Similar Technologies

MyConsent uses essential technical mechanisms required for operation.

14. Security

We use appropriate technical and organizational security measures.

15. Children

MyConsent is not intended for independent use by children.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

17. Contact and Complaints

Trifork A/S
Gdanskgade 2, 2150 Nordhavn
Denmark
CVR: 20921897
Email: support@myconsent.dk