Privacy Policy — Strategy is Tangible

Last updated: February 2026

1. Data Controller

The data controller for this website is:

Strategy To All ApS (trading as MakeMyStrategy)
Strandvejen 58, 1
2900 Hellerup, Denmark
CVR: 40453164
Email: sama@makemystrategy.com

Strategy To All ApS is registered with the Danish Business Authority (Erhvervsstyrelsen) and is subject to Danish law.

2. What personal data we collect

This website (strategyistangible.com) is an informational book website. We collect the absolute minimum of personal data necessary for operating the site:

2.1 Data we do NOT collect

We do not use any tracking cookies, marketing cookies, analytics services (such as Google Analytics), social media tracking pixels, or advertising technologies. We do not collect your IP address for tracking purposes, nor do we use any form of user profiling.

2.2 Essential technical data

When you visit our website, our web server may temporarily process standard technical data such as your IP address, browser type, operating system and referrer URL. This data is processed solely for the purpose of delivering the website content to your browser and for maintaining the security and integrity of our systems. This data is not stored beyond what is technically necessary and is not used for any other purpose.

Legal basis: Article 6(1)(f) GDPR — legitimate interest in providing a functional and secure website.

2.3 Contact data

If you contact us by email (e.g. for bulk orders or enquiries), we will process the personal data you provide, such as your name, email address and the content of your message. This data is used solely to respond to your enquiry.

Legal basis: Article 6(1)(b) GDPR — performance of a contract or pre-contractual measures, or Article 6(1)(f) GDPR — legitimate interest in responding to enquiries.

2.4 External links

This website contains links to external services such as Amazon, Lulu, Bol.com, Orell Füssli, ElevenReader and LinkedIn. When you click on these links, you leave our website and are subject to the privacy policies of the respective service providers. We are not responsible for the data processing practices of these third parties.

3. Cookies

This website uses only one strictly essential cookie:

Cookie	Purpose	Duration	Type
`cookies_accepted`	Stores your cookie consent preference	Persistent (localStorage)	Essential / Functional

We do not use any analytics, marketing, tracking or third-party cookies. In accordance with the Danish Cookie Order (Cookiebekendtgørelsen) and Directive 2009/136/EC, strictly essential cookies do not require prior consent. Nevertheless, we display a cookie notice to inform you transparently.

4. Data sharing and transfers

We do not share, sell, rent or trade your personal data with any third parties for marketing or commercial purposes.

Our website is hosted within the EU/EEA. In the event that any data processing involves transfer to a third country (outside the EU/EEA), we will ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR, such as Standard Contractual Clauses (SCCs) or an adequacy decision by the European Commission.

5. Data retention

Technical server logs are deleted within 30 days. Contact data (emails) are retained only for as long as necessary to complete the enquiry, and are deleted thereafter unless retention is required by law (e.g. Danish Bookkeeping Act, Bogføringsloven, which requires retention of certain business correspondence for 5 years).

6. Your rights under the GDPR

Under the General Data Protection Regulation and the Danish Data Protection Act (Act No. 502 of 23 May 2018, as amended), you have the following rights:

Right of access (Article 15 GDPR): You are entitled to obtain confirmation as to whether your personal data is being processed and, if so, access to the data.
Right to rectification (Article 16 GDPR): You are entitled to have inaccurate data corrected.
Right to erasure (Article 17 GDPR): In certain cases, you are entitled to have your personal data erased.
Right to restriction of processing (Article 18 GDPR): In certain cases, you are entitled to have the processing of your data restricted.
Right to data portability (Article 20 GDPR): In certain cases, you are entitled to receive your personal data in a structured, commonly used, machine-readable format.
Right to object (Article 21 GDPR): You are entitled to object to the processing of your personal data in certain circumstances.

To exercise any of these rights, please contact us at sama@makemystrategy.com.

7. Right to lodge a complaint

If you believe that our processing of your personal data violates the GDPR or the Danish Data Protection Act, you have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet):

Datatilsynet
Carl Jacobsens Vej 35
2500 Valby, Denmark
Phone: +45 33 19 32 00
Email: dt@datatilsynet.dk
Website: www.datatilsynet.dk

8. Data security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with Article 32 of the GDPR. This includes the use of HTTPS/TLS encryption for all data in transit.

9. Children's data

This website is not directed at children. We do not knowingly collect personal data from persons under the age of 13 (the age of digital consent in Denmark pursuant to § 6 of the Danish Data Protection Act). If you are a parent or guardian and believe your child has provided us with personal data, please contact us.

10. Changes to this policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable law. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically.

11. Applicable law and jurisdiction

This privacy policy is governed by Danish law and the GDPR. Any disputes arising from this policy shall be subject to the jurisdiction of the Danish courts.