Privacy policy

We guarantee 100% privacy

This Privacy Policy was last updated on January 17, 2026.

Shaeps (referred to as ‘We’, ‘Us’, or the ‘Company’) wants you to be familiar with this Privacy Policy that describes how we collect, use, and protect your Personal Data when you:

  • Use our website (shaeps.com) and related online services;
  • Interact with us on social media (LinkedIn, Instagram, Facebook, and YouTube);
  • Engage our China market entry consulting services; or
  • Receive emails or other communications from us.

This Privacy Policy should be read together with our Cookie Policy and Data Processing Agreement (where applicable).

Go to Cookie Policy

Personal Data

'Personal Data' is information that identifies you as an individual or
relates to an identifiable individual, including:

  • Name and job title
  • Business postal address
  • Business telephone number
  • Business email address
  • Company name and registration details
  • Payment/invoicing information (where applicable)

We collect and process Personal Data in order to provide our China market entry consulting services, fulfil our contractual obligations, and comply with legal requirements. If you do not provide the requested information, we may not be able to provide you with the requested services.

Collection of Personal Data

We collect Personal Data directly from you when you:

  • Request information about our China market entry services;
  • Enter into a consulting engagement or advisory agreement with us;
  • Subscribe to our newsletter or marketing communications;
  • Contact us via email, phone, or contact forms; or
  • Attend our events or webinars.

We also collect Personal Data from other sources, including:

  • Business contact databases and lead generation services
  • Your employer or colleagues (when they refer you to our services)
  • Social media platforms (e.g. LinkedIn, when you interact with our content)
  • Chinese business partners and government authorities (in connection with market entry projects for which you have engaged us)
  • Public business registers and databases

Use of Personal Data

We and our service providers use Personal Data for the following purposes and on the following legal bases:

Providing the functionality of the Services and fulfilling your requests:

  • We use your Personal Data to operate the Sites and Services, create and manage user accounts, respond to enquiries, fulfil orders or requests, provide customer support, and send you service‑related communications (such as changes to our terms, conditions and policies).
  • Legal basis: Performance of a contract and taking steps at your request prior to entering into a contract (GDPR Article 6(1)(b)), and, where applicable, our legitimate interest in providing and improving our B2B services (Article 6(1)(f)).

Business development and marketing

  • We may use the business contact details of existing and prospective clients and partners to send information about our services, events, and opportunities for entering the Chinese market, as well as to maintain our CRM and lead pipeline.
  • Legal basis: Our legitimate interest in marketing and developing our business towards existing and prospective B2B customers (GDPR Article 6(1)(f)). You can object to marketing communications at any time by clicking the unsubscribe link in our emails or by contacting us.

Analytics and service improvement

  • We use limited analytics and log information to understand how our services are used, to maintain security, to troubleshoot problems and to improve content and functionality. Where cookies or similar technologies are used, this is further described in our Cookie Policy.
  • Legal basis: Our legitimate interest in operating, securing and improving our services (GDPR Article 6(1)(f)), and where required, your consent for non-essential cookies and similar technologies (GDPR Article 6(1)(a)).

Compliance and protection

  • We may process Personal Data in order to comply with legal and regulatory obligations (for example, bookkeeping and tax rules), to establish, exercise or defend legal claims and to cooperate with public and supervisory authorities.
  • Legal basis: Compliance with legal obligations (GDPR Article 6(1)(c)) and our legitimate interests in establishing, exercising or defending legal claims, and in protecting our rights, property and users (GDPR Article 6(1)(f)).

International transfers, including to China

In connection with providing our services, particularly our China market entry consulting, we transfer Personal Data to recipients located outside the EU/EEA:

  • Our Chinese affiliated entity: Shaeps LEEMIAN Management Baoding Co. Ltd., located in Baoding, China; and
  • Selected Chinese business partners who support market-entry projects on a case-by-case basis with your knowledge.

China does not have an adequacy decision from the European Commission. We have therefore implemented the following safeguards:

  • Standard Contractual Clauses (SCCs): We use the EU Commission's SCCs (Commission Implementing Decision (EU) 2021/914) for
    transfers to our Chinese affiliate, and we require our Chinese partners to enter
    into SCCs.
  • Transfer Impact Assessment: We have conducted a Transfer Impact Assessment to evaluate the legal framework in China and ensure that the SCCs remain effective in practice.
  • Supplementary technical measures:

    End-to-end encryption for data in transit;
    Encryption of data at rest;
    Access controls limiting access to data on a need-to-know basis;
    Regular security audits and monitoring;
    Data minimisation (we only transfer data necessary for the specific project).

You may request a copy of the SCCs and a summary of our Transfer Impact Assessment
by contacting us.

Legal basis: Our legitimate interest in organising our operations and using specialised partners to deliver our China market-entry services (GDPR Article 6(1)(f)), combined with appropriate safeguards for international transfers under GDPR Article 46.

Disclosure of Personal Data

We may disclose your Personal Data:

  • To our affiliates, for the purposes described in this Privacy Policy. Shaeps is responsible for managing the jointly used Personal Data;
  • To third-party service providers who offer services such as website hosting, data analysis, payment processing, order fulfilment, IT infrastructure provision, customer service, email delivery and auditing; and
  • To professional advisors (such as lawyers, accountants, and auditors) who
    assist us in providing our services or managing our business operations.

Other uses and disclosures

We may use and disclose your Personal Data when we believe it is necessary or appropriate, particularly when we have a legal obligation or legitimate interest to do so, such as:

  • Comply with applicable laws, including those outside your country of residence;
  • Respond to requests from public and government authorities, including those outside your country of residence;
  • Cooperate with law enforcement;
  • Enforce our terms and conditions;
  • Protect our rights, privacy, safety or property, and/or those of our affiliates, you or others.

If we are involved in a merger, acquisition, reorganization, sale of assets or bankruptcy, your Personal Data may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your Personal Data.

Other information

We use cookies and similar technologies on our sites. For more information about the cookies we use and how to manage them, please refer to our Cookie Policy.

Go to Cookie Policy

Third-party services

This Privacy Policy does not cover third-party websites, services or social media platforms (such as LinkedIn, Facebook, Instagram or YouTube) that we link to, or that you may access through our services. We are not responsible for their privacy practices.

Security

We implement appropriate technical and organisational security measures to
protect your Personal Data, including:

  • Encryption of data in transit;
  • Access controls and authentication mechanisms;
  • Regular security assessments and penetration testing;
  • Employee training on data protection and confidentiality;
  • Secure data centers with physical access controls.

However, no security system is completely secure. If you believe your data
has been compromised, please contact us immediately.

Retention period

We will only retain your Personal Data only for as long as is necessary for the purposes described in this Privacy Policy and in accordance with applicable law. In particular, we apply the following general retention periods:

  • Client and project data (B2B contacts, contracts, correspondence and project files): normally kept for up to five years after the end of the client relationship or the relevant project, in order to document our services, handle any claims and comply with Danish bookkeeping and tax rules.
  • Accounting records (e.g. invoices, payment records and other bookkeeping documents): kept for five years from the end of the financial year to which the records relate, in accordance with the Danish Bookkeeping Act and related tax legislation.
  • Marketing contacts (newsletter subscribers and other B2B prospects): kept for as long as we have an active relationship with you, plus up to two years after the last relevant contact, unless you object to or opt out of marketing communications earlier.
  • Technical logs and security‑related data: normally kept for 6–24 months, depending on the type of log, for security monitoring, troubleshooting and documentation purposes.

Once the retention period has expired, or when the processing is no longer necessary for the relevant purpose, we either delete or anonymise the Personal Data, unless we are required by law to retain it for a longer period or it is necessary to keep it for the establishment, exercise or defence of legal claims.

If you request the deletion of your data or object to processing, we will delete or anonymise your Personal Data unless we are required by law to retain it (for example, for bookkeeping or tax purposes), or it is necessary for the establishment, exercise or defence of legal claims.

Sensitive information

We do not intentionally collect or process sensitive Personal Data such as health
information, biometric data, political opinions, or criminal records.

However, if you are required to provide such information in connection with regulatory
filings or background checks as part of a market entry project, we will only process
it with your explicit consent and in accordance with applicable law.

Please do not send Us sensitive Personal Data unless it is specifically requested for a legitimate business purpose.

Marketing communications

You can unsubscribe from receiving marketing emails at any time by clicking the "unsubscribe" link in any marketing email, or by contacting us at legal@shaeps.com. We will process your opt-out request within five business days.

Please note that if you opt out of marketing communications, we may still send you service-related messages (such as contract updates, invoices, or responses to your enquiries). You cannot opt out of these service communications.

Your data protection rights

Under the GDPR and the Danish Data Protection Act, you have the following rights:

  • Right to access your Personal Data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten") in certain circumstances
  • Right to restriction of processing
  • Right to data portability (receive your data in machine-readable format)
  • Right to object to processing based on legitimate interests or direct marketing
  • Right not to be subject to automated decision-making (including profiling)
  • Right to withdraw consent where processing is based on consent
  • Right to lodge a complaint with a supervisory authority

To exercise any of these rights, please contact us. We will respond to your request within 30 days (which may be extended to 90 days for complex requests). We may need to verify your identity before processing your request.

Please note that we may need to retain certain information for legal or regulatory compliance purposes, for the establishment, exercise or defence of legal claims, or to complete transactions you initiated prior to your request. Some residual information may remain in backup systems, but it will not be actively used.

If you are located in Denmark, you may lodge a complaint with:

Datatilsynet (Danish Data Protection Authority)
Email: dt@datatilsynet.dk
Website: www.datatilsynet.dk

If you are located in another EU/EEA country, you may contact your local
supervisory authority. Find your data protection authority using this link.

Find your data authority

Modifications

We may update this Privacy Policy from time to time. If we make any significant changes, we will notify you by email (if we have your email address) or by posting a notice on our website.

The 'last updated' date at the top indicates when the policy was last revised.
We encourage you to review this policy periodically.

Your continued use of our services after changes are posted constitutes your acceptance of the updated policy.

Governing law

The terms in this Privacy Policy will be governed by the laws of Denmark. Any action or proceedings arising from or relating to these Terms must be brought in the courts of Denmark.

Contact us

If you have any questions or comments about our Privacy Policy or this statement, please contact us using the details below:

Shaeps ApS
Frederiksberg Allé 62, 4 tv
1820 Frederiksberg C
Denmark
CVR no. 35515291
Website: https://shaeps.com
Email: legal@shaeps.com

Contact us
Lodge a complaint here
Back to legal