Any questions

We are happy to help!

Question about Gecko Booking?

If you are unsure whether Gecko Booking is right for you, or if you have other questions, we would love to hear from you!

All good!
Please enter your name.
All good!
Please enter your email.
All good!
All good!
Please enter your question.

Fields marked with an * are required


GECKO ApS Privacy Policy

 

This Privacy Policy is prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (the General Data Protection Regulation – GDPR).

GECKO provides online software services to public and private organizations (Customers).

GECKO is located at Silkeborgvej 758, 8220 Aarhus, and is therefore subject to European data protection law, including the GDPR.

This Privacy Policy is available on GECKO’s websites.

Scope and acceptance

- When and in what context does this privacy policy apply?

This Privacy Policy applies to all business processes and to all GECKO websites, www.geckobooking.dk, www.geckoevent.dk and gecko.com, as well as services. Product-specific supplements can be found in our license terms at https://www.geckobooking.com/License-Terms-s605.html

This policy provides information on data processing performed by GECKO, for what purposes and by which means, when GECKO acts as data controller.

It also provides information on data processing carried out by GECKO as data processor on behalf of our customers (the data controller).

Personal data refers to any information that can identify you as an individual, such as an email address, mailing address, or phone number. Processing your personal data is necessary for us to serve our customers. Please refrain from using GECKO’s websites or services if you cannot accept the manner in which we process personal data as described in this Privacy Policy.

What data we process

- What personal data does GECKO process?

GECKO processes personal data about job applicants and contact persons or users of our product who are associated with our Customers. We also process data about potential customers (Leads) who contact us through GECKO’s websites or other channels. Our statements regarding these matters are described under “GECKO as Data Controller”.

We also process data on behalf of our Customers, where the Customer controls the processing. See the section “GECKO as Data Processor” for more.

GECKO as data controller

- How does GECKO process personal data as a data controller?

GECKO complies with its information obligations under GDPR Articles 13 and 14, depending on whether the information is collected directly from the data subject or from a third party.

When GECKO determines the purposes and means of processing your personal data, it acts as the data controller. This includes various situations such as when you apply for a job, act as a representative for a Customer or Lead, or use our product.

Why we process personal data

About customer contacts and service users

To manage our customer relationships and fulfill our obligations, GECKO needs information about you in your role as a customer contact or service user. The purposes of processing this data include:

Executing the sales and contractual processes with Customers
Delivering requested product and service offerings to Customers
Delivering services under agreements with agreements made with you or the Customers
Providing support to users of our products and services
Improving and developing the quality, functionality, and user experience of our products, services, and websites
Detecting, preventing, and limiting security threats, maintenance, and bug fixing
Preventing misuse of our products and services
Processing orders, invoicing, payments, and other financial follow-up
Creating interest profiles to promote relevant products and services

The legal basis for this processing is primarily our legitimate interest, under GDPR Article 6(1)(f), which we believe does not conflict with your privacy rights.

About Leads

GECKO processes personal data about Leads for marketing purposes. To provide targeted and relevant content, GECKO builds an interest profile based on your activity and choices on GECKO’s websites and responses to email marketing. The legal basis is your consent, under GDPR Article 6(1)(a).

About Job Applicants

If you apply for a job with us, we process your personal data to evaluate your potential as a GECKO employee. The legal basis is legitimate interest under GDPR Article 6(1)(f), and we request your consent to retain your application after the position is filled, per Article 6(1)(a).

Automatic data collection tools

GECKO uses various tracking technologies to collect information about your activities on our websites and interactions with us.

Cookies and tracking technologies

Cookies: Cookies are small text files that create a unique identifier for a user. They are sent back to the website and/or third parties. Most browsers accept cookies by default, but you can adjust your settings to refuse them or alert you when cookies are sent.

Tracking Pixels: are scripts that run when a user visits a webpage or opens an email. They often drop a third-party cookie or register that the email was opened.

For more information about cookies and how they work, please visit www.allaboutcookies.org. You can also read more about cookies on GECKO’s cookie policy page at https://www.geckobooking.com/Cookie-policy-s132.html.

Google cookies and technologies

Google Analytics: This cookie allows us to view information about website activities of users, including—but not limited to—page views, traffic sources, and time spent on the website. The information is anonymized and presented as statistics, which means it cannot be traced back to individuals. This helps protect your privacy. By using Google Analytics, we can see which content is popular on our pages, and we strive to provide you with more of what you enjoy reading and viewing.

Google Analytics remarketing: Places cookies on your computer, which means that after you leave our website, Google may show you ads about GECKO that you may be interested in based on your previous activity on our site. This information is not personally identifiable.

Google AdWords: By using Google AdWords, we are able to identify which pages helped lead to form submissions via our contact form. This allows us to make better use of our advertising budget. This information is not personally identifiable.

Google AdWords remarketing: Places cookies on your computer, which means that after you leave our website, Google may show you ads about GECKO that you may be interested in based on your previous activity on our site. This information is not personally identifiable.

You can prevent the data generated by the Google cookie about your use of our sites from being collected and processed by Google in the future by downloading and installing the Google Analytics Opt-out Browser Add-on for your current web browser.  

Meta Cookies

Meta Remarketing: Meta’s tracking pixel places cookies on your computer, which notify Meta that you have visited our website. We then assume that you have an interest in GECKO and the content on this site. When you visit Facebook, you may subsequently be shown information or advertisements with similar content. Please use your privacy settings on Facebook to limit your exposure to this type of marketing.

Vimeo and YouTube Cookies and Embedded Video Content

GECKO uses embedded videos from Vimeo and YouTube on our websites. These platforms may place cookies or use similar tracking technologies on your device when you visit a page containing an embedded video—even if you do not play the video. This may include information such as:

  • Your IP address
  • Browser and device information
  • Which pages you have visited
  • Your interactions with the video player
YouTube is owned by Google, and information about the use of YouTube videos is subject to Google's Privacy Policy

Vimeo is an independent video platform, and their use of cookies and tracking technologies is described Vimeos Privacy Policy.
You can prevent the use of these technologies by disabling third-party cookies in your browser.
 

Profiling and targeted marketing

GECKO uses cookies and similar technologies to build interest profiles based on your actions (e.g. pages visited, forms filled, email interactions). The goal is to tailor our marketing to your preferences. This only occurs with your consent, obtained through our cookie banner.

GECKO does not make decisions based on automated processing or profiling that significantly affects you legally, per GDPR Article 22.
 

What personal data we process

The types of personal data GECKO processes about you may include:
 
Basic contact information, such as name, address, phone number, and email
Employment information, employer, title, position, and professional interests
Feedback, comments, or questions related to GECKO or our products and services
Unique user information, such as login ID, username, password, and security questions
Financial information, such as account number
Web traffic data provided by your web browser, such as browser type, device, IP address, referring website
Email behavior, such as which emails from GECKO you open, when, and how
 
GECKO does not process sensitive personal data as data controller.
 

How we share your personal data

Business partners

GECKO may share your personal data with our partners, provided that it is legitimate from a business perspective and done in accordance with applicable data protection laws. For example, if you purchase a product or service on behalf of your employer that GECKO delivers through one of our partners, GECKO and our partner may share personal data in order to deliver the product or service to the Customer.

Public authorities

The police and other authorities may require GECKO to disclose personal data. In such cases, GECKO will only disclose the information if there is a court order or similar legal mandate requiring us to do so.

Corporate acquisitions

In connection with mergers, acquisitions, or the divestment of all or parts of GECKO’s business, the acquiring entity and its advisors will gain access to the information managed by GECKO. This may, in some cases, include personal data, and in such cases, the external parties will enter into a confidentiality agreement with GECKO.

Your rights

- What rights do you have?

Right to opt out of marketing communication

You have the right to opt out of receiving marketing communication from GECKO by:
 
Unsubscribing from newsletters in the general settings when logged in.
Contacting us in writing via email at info@gecko.dk.
 
Please note that even if you opt out of receiving marketing communications, you may still receive administrative messages from GECKO, such as order confirmations and notifications that are necessary to manage your account or the services provided to our Customers.
 

Fundamental rights

These rights are established in GDPR Articles 15–22, including the right of access (Article 15), rectification (Article 16), erasure (Article 17), restriction of processing (Article 18), data portability (Article 20), and the right to object (Article 21).

You have the right to access your personal data by requesting an overview of the data we hold about you, and you may have a right to data portability. You also have the right to request that GECKO correct any inaccuracies in your personal data. If you have an account with GECKO, this can typically be done in the system as a superuser under the relevant “Settings.”

You also have the right to request the deletion of personal data and to restrict or object to our processing of your personal data in accordance with this Privacy Policy or other service-specific terms.

Please use info@gecko.dk to submit any requests mentioned in this section. Finally, you also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) regarding our processing of your personal data at dt@datatilsynet.dk.

Data security and storage

- How does GECKO secure and store your personal data?

How we secure your personal data

GECKO takes the protection of your personal data seriously and is committed to preventing unauthorized access, disclosure, or other improper processing of personal information. GECKO must ensure the confidentiality of the personal data we process, maintain the integrity of that data, and guarantee its availability in accordance with applicable data protection laws.

As part of our obligations, we implement reasonable and appropriate organizational, technical, and physical procedures and safeguards to protect the data we collect and process—taking into account the type of personal data involved and the risks to you and our Customers in the event of a security breach.

Since the root causes of personal data breaches often stem from internal factors, we believe that building a strong corporate culture—where our employees demonstrate respect for and awareness of data protection—is fundamental to ensuring the lawful handling and protection of your information.

The following safeguards are particularly important in this regard:

Organizational Measures:

  • Ensuring that employees receive appropriate training, comprehensive instructions, and clear guidelines on how to process personal data.

  • Entering into data processing agreements with subcontractors who process data on behalf of GECKO.

  • Ensuring that employees authorized to process personal data have signed confidentiality agreements or are subject to statutory confidentiality obligations.

Technical Measures:

  • Ensuring that only employees with a work-related need have access to personal data.

  • Securing the buildings and systems used for data processing, and using only high-quality hardware and software that is regularly updated.

  • Implementing login and password procedures, setting up and maintaining firewalls and antivirus software, and subjecting the transmission of personal data to strong, maintained encryption.

Physical Measures:

  • Facilities are protected by access control systems.

How long we store your personal data

GECKO only retains your personal data for as long as necessary for the stated purposes, while also considering our need to respond to inquiries, resolve issues, and comply with legal obligations under applicable law.

This means that GECKO may retain your personal data for a reasonable period after your or our Customer’s last interaction with us. When the personal data we have collected is no longer needed, we will delete it. We may continue to process data for statistical purposes, but in such cases, the data will be pseudonymized or anonymized so that it can no longer be linked to an identifiable individual.

GECKO as data processor

- How does GECKO process personal data on behalf of Customers?

GECKO provides software as a service (SaaS), which our customers use to process personal data as part of their own business purposes. In these cases, the customer acts as the data controller, while GECKO acts as the data processor in accordance with GDPR Article 4(8) and Article 28.

GECKO processes personal data solely on behalf of and under instructions from the customer and does not have independent control over the data. The processing is always governed by a data processing agreement that defines the purpose, scope, and security requirements.

Typical types of processing GECKO performs as a data processor may include:

  • Hosting and storing the customer's data
  • Technical operation and support of the solution
  • Accessing data for troubleshooting, maintenance, or customer service purposes
GECKO has implemented appropriate technical and organizational measures in accordance with GDPR Article 32 to ensure the confidentiality, integrity, and availability of personal data processed on behalf of our customers.

As a data processor, GECKO only uses sub-processors approved by the customer and listed in the currently applicable data processing agreement. A list of current sub-processors is available here: https://www.geckobooking.com/Compliance-Gecko-s593.html.
 

Customer and GECKO obligations

When the Customer acts as the data controller, the Customer must, in accordance with applicable data protection legislation, ensure the legal basis for processing personal data. The Customer must also assess and assume responsibility for the risks to which data subjects are exposed through the processing of their personal data. Another important aspect of the Customer’s obligations as a data controller is the duty to provide information to the data subjects.

GECKO is an integral part of the Customer’s obligations as data controller, in the sense that GECKO’s services constitute elements of the processing of personal data for which the Customer must ensure compliance with applicable data protection legislation. When GECKO processes personal data on behalf of its Customers, we must therefore do so in accordance with the applicable data protection laws governing data processors.

IIn short, both the Customer and GECKO are obligated to cooperate in order to ensure the protection of personal data for data subjects. GECKO provides the necessary information to the Customer so that they can act in compliance with the applicable data protection legislation.

Processing of Sensitive Data

GECKO may in some cases process sensitive data on behalf of our customers—for example, information about health or other special needs that data subjects provide themselves in connection with booking or using services through GECKO’s systems.

In such cases, GECKO acts as a data processor and processes this information solely in accordance with the signed data processing agreement (see our standard data processing agreement) and based on instructions from the data controller (the Customer). We implement appropriate technical and organizational security measures to protect the data, including access restrictions, encryption, logging, and role-based access control.

Subcontractors and data transfer

-  To what extent does GECKO use subcontractors?

GECKO uses subprocessors in connection with several of our products and services. An up-to-date list of subprocessors can be found at https://www.geckobooking.com/Compliance-s593.html.

When using subprocessors, GECKO enters into a Data Processing Agreement (DPA) with them to safeguard your personal data rights and to fulfill our obligations toward our Customers.

Changes to this Privacy policy

If we make changes to our Privacy Policy, we will publish the revised version here with an updated revision date. We encourage you to review the Privacy Policy regularly. If we make significant changes to our Privacy Policy that substantially affect our personal data protection practices, we may also notify you in other ways—for example, by sending an email and/or posting on social media—before the changes take effect.

June 10, 2025 – Updated to clarify GECKO’s role as a data processor and to elaborate on the use of cookies, security measures, and subprocessors. No changes to the purpose or scope of processing.

Contact Information

If you have comments or questions regarding our Privacy Policy, unresolved concerns about data protection and data usage, or a potential breach of your personal data protection, please send them to info@gecko.dk.

You may also submit your inquiry in writing to:

GECKO ApS
Silkeborgvej 758
8220 Aarhus
CVR: 29517096

We will treat your request confidentially. A representative will contact you to address your concerns and outline possible solutions. Our goal is to ensure that complaints are resolved in a timely and appropriate manner.