Deprecated: Function WP_Dependencies->add_data() was called with an argument that is deprecated since version 6.9.0! IE conditional comments are ignored by all supported browsers. in /customers/4/a/6/clvjik98v/webroots/www/wp-includes/functions.php on line 6131 Privacy Policy -

Have A Visit Privacy Policy

Last Updated: August 2, 2025

Welcome to Have A Visit! We value your privacy and are committed to protecting your personal data. This Privacy Policy explains who we are, what information we collect about you, how we use and share it, and your rights in relation to that data. It is written in accordance with the EU General Data Protection Regulation (GDPR) and Danish data protection law. We’ve tried to write this policy in a clear and user-friendly way. Please read it carefully to understand how we handle your information. If you have any questions, you can always contact us at the details provided below.

Who We Are

Data Controller: The organization responsible for your personal data is Have A Visit ApS (“Have A Visit”, “we”, “us”, or “our”). Have A Visit ApS is a company registered in Denmark (CVR 45365174), with a registered address at Nyborgvej 416, 5881 Skårup Fyn, Denmark. We operate the Have A Visit platform, which facilitates home visits/exchanges and related services.

Contact Information: If you have any questions or requests regarding your personal data, you can contact us by email at privacy@haveavisit.com. You can also write to us at our postal address above. We take privacy inquiries seriously and will respond as soon as possible (generally within one month, as required by GDPR).

Where This Privacy Policy Applies

This Privacy Policy applies to the Have A Visit website, mobile application, and any related services, features, or content we offer (collectively, the “Service”). It applies to you whether you use Have A Visit as a guest, a host, or any other user role.

Please note this policy does not apply to third-party websites, services, or applications that you might access through our Service (for example, if we link to a partner or you navigate to Facebook for login). Those third-party services are governed by their own privacy policies, not this one. We are not responsible for the privacy practices of sites or apps that we do not own or control.

Our Service is available to users across the EU and worldwide. We provide consistent privacy protections to all users. Important: You must be at least 18 years old to use Have A Visit. Our Service is not directed to children, and we do not knowingly collect personal data from anyone under 18. If we learn that a user under 18 has provided personal information, we will delete it.

Data We Collect

We only collect personal data that we need for specific, stated purposes. We do not collect any sensitive personal data (special categories under GDPR, such as racial or ethnic origin, political opinions, religious beliefs, health information, or sexual orientation). Please do not provide this type of information on our platform.

The personal data we collect falls into a few broad categories:

  1. Information You Provide Directly

These are details you give us when using Have A Visit, for example:

  • Account Information: When you sign up, we ask for basic information to create your account. This includes your name, email address, and a password. We might also ask for your phone number or address, especially if required for hosting or verifying your identity.
  • Profile Details: You may choose to add more information to your profile, such as a profile picture, biography, language preferences, interests, and information about your home or the kind of visits you are looking for. This information is voluntary, and you control what you share on your profile.
  • Communication and Content: If you communicate with us or other users, we collect the information you submit. For example, when you fill out forms on our site (such as a contact form or profile setup form), respond to surveys, or communicate via messaging features with other members (for arranging a visit or home exchange), we collect those messages and any information you include. This also includes any reviews or feedback you provide.
  • Transaction Information: If our Service involves any payments (for example, paying a membership fee or processing a booking payment), our payment processor will collect information needed to process the transaction. This may include your payment card details or bank account (which are handled securely by an external payment provider on our behalf), and details of the transaction (date, amount, billing address). Note: Have A Visit itself does not store any of your financial information; payments are handled by accredited third-party payment processors compliant with PCI-DSS security standards.
  1. Information We Collect Automatically

When you use Have A Visit, we automatically collect some data about your device and how you use the Service. This helps us operate and secure our platform and improve your experience. This information includes:

  • Usage Data: Details of your use of our Service, such as the pages or screens you view, the features you use (e.g. searching for hosts/guests, sending messages), the dates and times of your visits, and how you interact with content. For example, we may log when you log in and what actions you take on the site or app.
  • Device and Technical Data: Information about the device and software you use to access our Service. This might include your IP address, browser type and version, device type (e.g. iPhone vs. Android phone, or PC), operating system, language preference, time zone, and unique device identifiers or advertising IDs. If you use our mobile app, we might also collect mobile network information and the app version.

Location Information: We do not track your precise GPS location without your permission. However, we may infer a general location (e.g. city or country) from your IP address to tailor content (such as showing you relevant homes or users nearby) and for fraud prevention. If you choose to share location or enable location-based features, we will collect that with your consent (you can always disable location sharing via your device settings).

  1. Information from Third Parties

Sometimes we obtain information about you from other sources, including:

  • Social Media Login Data: If you choose to sign up or log in via a third-party account (for example, using Facebook Login), we receive information from that third-party with your consent. Typically, Facebook may share your name, email, and public profile information with us, which we use to create or log in to your Have A Visit account. We will request only the data needed for registration. (Facebook may ask for your permission before sharing such info with us, and you can control this via your Facebook privacy settings.)
  • Third-Party Partners: If we run promotions or partnerships, we might receive info from partner companies about you (e.g. if you redeemed a Have A Visit voucher through a partner). We will inform you at the time of collection what data we are receiving.
  • Publicly Available Data: We generally do not collect data from public databases about users. All personal data we process is usually obtained directly from you or via the above-mentioned sources.

We will use any information from third parties in accordance with this Privacy Policy and any additional restrictions imposed by the source of the data.

How We Use Your Data (Purposes and Legal Bases)

We use your personal data only for specified, legitimate purposes, and we must have a legal basis under GDPR for each use. Under GDPR, the main legal bases we rely on are: (a) to perform a contract with you or take steps at your request before entering a contract (GDPR Article 6(1)(b)), (b) to comply with a legal obligation (Article 6(1)(c)), (c) for our legitimate interests (Article 6(1)(f)) – provided those are not overridden by your interests or fundamental rights, and (d)your consent (Article 6(1)(a)) where you have actively given it (for example, for optional uses like marketing).

Below, we explain the purposes for which we process personal data and the legal basis for each. To make it clear which processing is necessary (for the service or by law/legitimate interest) and which is based on consent, we’ve organized this into two tables:

  1. Processing Necessary for Service or by Law (No Consent Required)

These are activities for which we do not ask for your consent because they are essential to fulfill our contract with you, to comply with law, or because we (or a third party) have a legitimate interest that is not outweighed by your rights. If you do not provide this data or allow this processing, you may not be able to use the Service.

Data (Category)

Purpose of Processing

Legal Basis

Account Data (e.g. name, email, login credentials)

To create and maintain your account; to identify you as a user; to allow you to log in and use the Service.

Contractual necessity (Art. 6(1)(b) GDPR) – We need this info to provide the core Service to you.

Profile Information (including any information you add to your profile or listings)

To display your profile to other users as part of the Service (e.g. so hosts and guests can find and connect with each other); to personalize your experience (e.g. showing you relevant matches or content).

Contractual necessity – This is part of the service you request. You choose what info to include in your profile.

Contact Information (email, phone)

To communicate with you about service-related matters: sending confirmation emails, notifications (like messages from other users, updates on bookings or visits), changes to terms or policies, or customer service responses.

Contractual necessity – We must be able to contact you to perform our services (e.g. send confirmations). In some cases, also Legitimate interest (Art. 6(1)(f)) to ensure effective communication.


Transaction & Payment Data (if applicable)

To process payments or transactions you make (such as membership fees or booking payments); to provide receipts/invoices; to detect and prevent fraud.

Contractual necessity – Process your requested transactions. Also Legitimate interest in fraud prevention and Legal obligation (Art. 6(1)(c)) for financial record-keeping and compliance with tax/accounting laws.

Usage Data and Device Data (logs of your activity, IP address, device info)

To operate and secure the Service: e.g. to monitor user accounts for security, prevent spam or abusive behavior, keep the platform safe, debug and fix errors, and ensure the website/app works on your device. Also to analyze usage to improve our services (but in a non-identifying or aggregated way wherever possible).

Legitimate interests – It’s in our interest (and yours) to ensure the security and proper functioning of our Service. For improvement analytics, we rely on legitimate interest with minimal privacy impact (aggregated data).

Communication Content (messages, support inquiries)

To deliver your messages to other users and facilitate communication (for example, sending your visit request message to a host). Also, to assist you when you contact customer support and to resolve any disputes between users. We may review communications if needed for misuse investigations or support.

Contractual necessity – Enabling messaging is part of the service. Legitimate interest – To support you and maintain a safe community (e.g. investigating reports of misconduct).

Legal Compliance Data (any data necessary to comply with laws)

To meet our legal obligations, such as retaining certain transaction records for tax/regulatory compliance, or responding to lawful requests by authorities.

Legal obligation – We process data as required by Danish/EU law (Art. 6(1)(c)). For example, bookkeeping laws require us to keep transaction data for a certain period.

Aggregated or Anonymized Data (non-personal)

To generate insights about how our Service is used, to develop new features or services, and for business analytics. (This data can no longer identify you.)

Not applicable (not personal data) – Once data is anonymized, GDPR no longer applies. We do this in line with our legitimate interest in improving our services.



B. Processing Based on Your Consent (Optional)

For any processing that is not strictly necessary, we will ask for your consent. This includes things like marketing communications and certain analytics or personalization features. You have a genuine choice here – if you do not consent, your core use of the Service won’t be affected. And if you do consent, you can withdraw it at any time (see “Your Rights” below).

Data (Category)

Purpose of Processing

Legal Basis

Email address (and name, if provided) for marketing

To send you promotional emails or newsletters about Have A Visit, such as updates about new features, special offers, or tips for using the service. (We only send these if you opt-in, for example by checking a sign-up box or subscribing in your profile settings.)

Consent (Art. 6(1)(a)) – You will be asked to explicitly consent (e.g. by ticking a box). You can unsubscribe at any time via the link in our emails or through your account settings.
     

Meta SDK event data (in-app events, device info, IP address)

To measure marketing campaign performance, improve ad targeting, and understand how users interact with the app for marketing purposes. This includes sharing certain in-app events (like sign-ups or purchases) with Meta (Facebook) to deliver more relevant ads to you and similar audiences.

Consent (Art. 6(1)(a)) – We use Meta SDK for marketing if you explicitly consent (e.g. via the app’s consent banner or settings). You can withdraw your consent at any time via your account settings or device settings.

Precise Location Data (if ever requested via your device)

If we ask for and you grant permission to use your precise location (GPS), for instance to show nearby opportunities or to verify your location for a visit, we would use it solely for that feature.

Consent – We would ask through the app or browser for your permission. You can decline or revoke via your device settings, and we will not collect GPS data without your agreement. (Note: Currently, Have A Visit does not use precise GPS tracking by default.)

Any other use of your data that is not covered by the above and not strictly necessary

If in the future we want to process your data for a new purpose that requires consent (for example, publishing a user testimonial with your name and photo on our website), we will ask for your permission specifically for that.

Consent – We will explain the purpose and you have the choice to agree or not. If you agree, you can always change your mind later.

Withdrawal of Consent: If you have given consent for any optional processing, you have the right to withdraw that consent at any time. Withdrawing consent will not affect the legality of what we did with your data before you withdrew, but it means we will stop the specific processing going forward. For example, if you unsubscribe from marketing emails, we will stop sending them. (See “Your Rights” for how to manage or withdraw consent.)

How We Collect Data (Sources)

We collect personal data from three main sources: (1) directly from you (when you provide it through our forms or interactions), (2) automatically (through your use of our Service via cookies, logs, and SDKs as described), and (3) from third parties (like Facebook if you use Facebook Login, or from our payment processor for transaction confirmations). We have detailed these under “Data We Collect” above.

To recap briefly:

  • Directly from You: e.g. info you enter during sign-up, profile editing, or communications.
  • Automatically: e.g. info collected by system logs, cookies on our site (with consent for non-essential ones), and mobile app analytics if allowed.
  • Third Parties: e.g. Facebook providing your data with your consent for login, or an email referral from a friend if they invited you (in which case we use that data only for the intended purpose).

Whenever we collect data, we will inform you whether the provision is mandatory or optional. Required fields (for contract/performance) will be indicated as such (and if you don’t provide that, we might not be able to provide the service). Optional fields you can choose not to fill in or you can remove later.

How We Share Your Information

We treat your personal data with care and confidentiality. We do not sell your personal data to third parties. However, in order to run our Service and fulfill the purposes described above, we do need to share information with certain third parties. Here we explain who those third parties are, and why we share data with them:

  1. Sharing with Other Users
  • Public Profile and Listings: Some of your information will be xisible to other registered users of Have A Visit, since the service involves connecting guests and hosts. For example, if you are a host, the details you include in your home listing (such as your first name, host profile photo, general location of your home (e.g. city or neighborhood but not your exact address until a booking is confirmed), and description) will be visible to users browsing the platform. Likewise, if you are a guest, information on your profile (like your first name, profile photo, and biography) will be visible to hosts when you request a visit. We never display your contact information (email, phone, exact home address) publicly on the site – those are only shared with another user when necessary to facilitate a confirmed visit (for example, once a host accepts your exchange or visit, we might share the address to enable travel arrangements, but this happens in a controlled way through the platform).
  • Messaging: If you send messages or requests through our Service to another user, that content is obviously shared with the recipient. We facilitate the communication, but do not read or use your messages for any purpose except as needed for safety or support (see above “Communication Content” in the usage table). Users involved in a communication will see each other’s names and any other info you choose to share in the message.

Please be mindful that any information you share on your public profile or via messages can be seen by the intended recipients. Always refrain from sharing sensitive personal details publicly.

  1. Service Providers and Partners

We use trusted third-party companies to help us operate and improve Have A Visit. These third parties only process your data on our behalf and under our instructions (they are “data processors” under GDPR, bound by contracts to protect your information). Key service providers and partners include:

  • Hosting and IT Infrastructure: We host our website and database on secure servers. We use a cloud provider called AWS, this provider stores and processes data needed to keep our Service running.

Payment Information (Apple)

If you choose to subscribe to a paid plan on Have A Visit, all payments are handled through Apple App Store (iOS). This means that we do not collect or store your payment information directly. Instead, your subscription and payment details are processed securely by Apple, depending on your device.

We receive limited information from Apple/Google to confirm whether a payment has been completed (e.g. confirmation of active subscription status), but we do not see your credit card number or billing details.

All personal and financial data processed by Apple is subject to their own privacy policies and terms of service, which you agree to when making a purchase through their platforms:

If you wish to manage, modify, or cancel your subscription, this must be done via your device’s Apple ID settings (iOS). We cannot modify subscriptions or billing cycles on your behalf.

If you request a refund, this must also be handled directly through the Apple App Store, in accordance with their respective refund policies.

  • Other Vendors: We may use other specialized vendors for services like sending text message verifications, running surveys, or providing live chat support. For each, we limit the personal data shared to what’s necessary. All vendors are bound by confidentiality and data protection agreements.

Subscription Management (RevenueCat)
We use a service called RevenueCat to manage in-app subscriptions and purchases. RevenueCat acts as a technical layer between Have A Visit and the app stores (Apple App Store), helping us securely validate and manage user subscriptions.

RevenueCat does not process your full payment details (such as your credit card number); those are handled directly by Apple. However, RevenueCat does process subscription-related information, such as:

  • Your user ID and app store ID
  • Details of your subscription (e.g. plan type, status, renewal dates)
  • Transaction metadata (e.g. purchase confirmations from Apple)

This information is necessary for us to know whether you have an active subscription and to provide you with the services you’ve paid for. RevenueCat acts as a data processor and only processes data on our behalf and under our instructions.

You can read more in RevenueCat’s own Privacy Policy here: https://www.revenuecat.com/privacy

  1. Business Transfers and Affiliates

Have A Visit is currently a single company. We are not part of a larger corporate group, so we do not share your data with affiliates in the way some larger companies do. If in the future we have parent or subsidiary companies, we will update this policy to reflect any intra-group data sharing, and ensure it’s done in compliance with the law.

In the event that our business expands, merges, or is acquired, user data may be transferred to the new owners or partners as part of that deal. For example, if Have A Visit is involved in a merger, acquisition, or sale of assets, or if we bring in an investor that changes control of the company, your personal data could be one of the transferred assets. If that happens, we will ensure your data remains subject to protections consistent with this policy, and we will notify you (for example, by email or a notice on our site) of any such change in ownership or control of your personal information, along with any choices you may have.

  1. Legal Disclosures

We may disclose your information to third parties (such as government authorities, courts, or law enforcement) if required by law or strictly necessary for: (i) complying with a legal process (like a court order or subpoena), (ii) responding to verified requests relating to criminal investigations or alleged illegal activity, (iii) enforcing our Terms of Service or other agreements, (iv) protecting the rights, property, or safety of Have A Visit, our users, or the public. In all such cases, we will only provide the information that is required and will do so in accordance with applicable data protection laws. Whenever possible and legally permissible, we will inform you if we have to share your data with authorities.

  1. Aggregate or De-identified Information

We may share aggregated information that does not identify you (for example, statistics about how many visits occur in certain cities, or percentage of users who use certain features) with partners or the public. This information contains no personal data and is purely for informational or research purposes.

Important: Apart from the scenarios above, we will not share your personal data with third parties unless you have given consent. If we ever want to share your information for something like new marketing partnerships, we will seek your permission.

Cross-Border Data Transfers

We are based in Denmark, and whenever feasible we store and process your data within the European Union/European Economic Area (EU/EEA). However, some of our third-party service providers are located outside the EU/EEA, or may store data outside the EU. In particular, the United States is a country where some of our providers (like Mailchimp and Meta/Facebook) are based or have servers. This means your personal data may be transferred to or accessed from countries outside the EU that do not have the same level of data protection laws as in the EU.

Whenever we transfer your data outside the EU/EEA, we take legally required steps to ensure appropriate safeguardsprotect your information:

  • Standard Contractual Clauses (SCCs): For transfers to the U.S. and other countries not deemed “adequate” by the EU, we rely on European Commission-approved Standard Contractual Clauses in our contracts with those service providers. These clauses oblige the recipient to protect your data according to EU standards. For example, our agreements with Mailchimp and any U.S.-based cloud providers include SCCs.
  • Additional Measures: We also assess whether additional technical or organizational measures are needed on a case-by-case basis (such as encryption in transit and at rest, or providers adopting supplemental privacy measures) to ensure transferred data is secure.
  • Potential Future Frameworks: We keep an eye on developments like the EU-U.S. Data Privacy Framework. If a provider is certified under an approved framework or an adequacy decision is in place for a country, we may rely on that as well. (At the time of this policy’s last update, the primary mechanisms are SCCs.)
  • Your Consent in Some Cases: In the rare case we would need to transfer data without the above safeguards, we would do so only with your explicit consent or another valid legal derogation under Article 49 GDPR. However, our general practice is to use the safeguards noted above.

Note: Transfers to Facebook/Meta: Meta Platforms, which provides Facebook and Instagram, has complex data transfers. Facebook Ireland handles EU user data, but data may still flow to the U.S. for processing. Meta has committed to SCCs and other compliance measures. By consenting to our use of Facebook tools (Pixel/SDK) or by using Facebook login, you acknowledge that your data will be transferred as needed to provide those functionalities.

If you would like more information about our cross-border data transfer safeguards, feel free to contact us. We can provide copies of the relevant contractual clauses or point you to further documentation, subject to confidentiality.

Data Retention – How Long We Store Your Data

We keep your personal data only for as long as necessary to fulfill the purposes outlined in this policy, and to comply with our legal obligations. After that, we will either securely delete or anonymize your data. The exact retention periods depend on the type of data and the purpose of processing. Below are our general retention practices:

  • Account and Profile Data: We retain your account information and profile details for as long as you maintain an active account with us. If you decide to delete your account (or request us to delete it), or if your account has been inactive for an extended period (typically 2 years), we will delete or anonymize your personal data associated with your profile. Note: After you delete your account, there may be a short delay in removing all data from our systems (we may keep backups for a brief period, e.g. 30 days, which are then securely erased). Also, if you participated in a home exchange or visit, we may retain a record of that transaction (e.g. the fact that a visit occurred) for legitimate purposes like fraud prevention or keeping trust records, but such record will no longer be linked to your identity in a way that can identify you (it would be anonymized).
  • Communications: If you contact customer support or otherwise communicate with us, we may retain those communications and our responses for a period of time to ensure we have a history of your requests and to improve our support services. Typically, support emails or chat logs are kept for 1-2 years after resolution, unless a longer retention is needed for legal reasons (e.g. evidence of an issue).
  • User Messages: Messages you exchange with other users on Have A Visit are stored as long as your account is active (so that you and the recipients can access the conversation). If you delete your account, we generally delete your copy of the messages from our system. However, the users you communicated with may still retain their copies of the messages in their own accounts. We do not purge messages from their inbox just because your account is gone (similar to email). Also, if needed for investigations into fraud or abuse, we might retain certain message records for a longer period in a secure manner, but will only do so if strictly necessary.
  • Marketing Data: If you have consented to receive marketing emails (newsletter), we will retain your email address for that purpose until you unsubscribe or withdraw consent. If you unsubscribe, we will remove you from the mailing list immediately and stop sending you emails. We may, however, keep a record of your email on a suppression list to ensure we honor your opt-out (to make sure we don’t accidentally send you emails again) – this is a legitimate interest and also a legal requirement under e-privacy rules. That suppression record will be kept as long as we maintain marketing lists.
  • Analytics Data: Data collected via cookies and similar technologies for analytics/advertising is typically stored as per the tool’s standard retention or until you clear your cookies or withdraw consent. For example, if we use Google Analytics, the data may be retained in Google’s systems for 14 months (a common default) or as configured. For Facebook Pixel, the information sent to Facebook is subject to Facebook’s retention policies (Facebook generally stores website custom audience data for a certain period, often up to 180 days for matching ad audiences, unless refreshed). We do not personally identify users from analytics data in our own databases; we look at aggregated trends. Any raw analytics data we hold (e.g. in server logs) is typically rotated or deleted within 12 months or sooner.
  • Logs and Security Data: Our server logs, which include IP addresses and device information, are generally kept for a short period, typically 90 days, for security monitoring and troubleshooting, unless we need to retain them longer to investigate a specific security incident. In case of detecting malicious activity, relevant log excerpts might be kept until the issue is resolved.
  • Backup Storage: We maintain backups of our database for disaster recovery. These backups are encrypted and retained for a limited time (usually no more than 30-60 days). After the retention period, backups are overwritten or deleted. Thus, even after data is deleted from our live systems, it may persist in backups for that period, but will be removed afterward.
  • Legal Holds: If we are involved in a legal dispute or receive a legal request that requires us to retain data (e.g. a litigation hold, government investigation), we will retain the data as long as needed to resolve the issue. This override normal retention schedules, but applies only to the specific data involved and only for the duration required by the legal matter.

After the applicable retention period has ended, we will either delete your personal data or irreversibly anonymize it (so it can no longer be associated with you).

Please note that even after deletion, due to the way internet caching or other users’ actions work, some content you have shared (for example, a message you sent to someone or a review you gave) might remain visible to others if it was already copied or stored by them. However, your personal profile information will be removed from our platform according to the above schedule.

Your Rights

Under the GDPR and Danish law, you have a number of important rights regarding your personal data. We respect and uphold these rights. You can exercise them by contacting us at privacy@haveavisit.com. We may need to verify your identity to process certain requests, to ensure we don’t disclose data to the wrong person. We will respond to your request as soon as possible, and in any event within one month (which can be extended by two further months for complex requests – but we’ll inform you if that’s the case). Your key rights include:

  • Right of Access: You have the right to obtain a copy of the personal data we hold about you, as well as information on how we process it (this information is what this Privacy Policy provides, but you can also ask for more detail or a copy of your data). This is commonly known as a “data subject access request.”
  • Right to Rectification: If any of your personal data is inaccurate or incomplete, you have the right to have it corrected or updated. You can correct most basic profile information yourself by logging into your account. For any other corrections, just let us know and we’ll fix it.
  • Right to Erasure: You have the right to request deletion of your personal data in certain circumstances. This is also known as the “right to be forgotten.” You can delete your Have A Visit account at any time through your account settings, which will remove your profile information. We will comply with deletion requests provided we do not have a compelling reason to keep the data (e.g. a legal obligation or overriding legitimate interest – see Data Retention above for examples of when we might need to keep data). If we have shared your data with third parties, we will inform them of the deletion where feasible.
  • Right to Restrict Processing: You can ask us to suspend or limit the processing of your personal data in certain situations. For example, if you contest the accuracy of your data, you can request we restrict processing until the accuracy is verified. Or if you object to processing (see below) and we are considering that objection.
  • Right to Object: You have the right to object to our processing of your data when we do so under a legitimate interest basis, including profiling based on our legitimate interests. If you object, we must stop the processing unless we have compelling legitimate grounds that override your rights or if we need to continue processing for legal claims. Important: You have an absolute right to object to your personal data being used for direct marketing purposes at any time. This means if you object or opt-out, we will stop sending you marketing communications and, if applicable, stop any profiling related to such direct marketing.
  • Right to Withdraw Consent: If we are processing any of your data based on your consent (see the table above for cases like marketing emails or certain cookies), you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing done before you withdrew, but once consent is withdrawn, we will cease the related processing. You can withdraw consent by, for example, unchecking the relevant box in your profile settings (for marketing), using the cookie settings tool on our website (for analytics/advertising cookies), clicking “unsubscribe” in an email, or contacting us.
  • Right to Data Portability: For data that you have provided to us and that we process by automated means based on your consent or for performance of a contract, you have the right to request a copy in a structured, commonly used, machine-readable format (for example, a CSV file). You also have the right to ask that we transmit that data to another service provider if technically feasible. This right primarily applies to data you actively provided (e.g. your profile info) and data generated from your use of the service under contract (e.g. your usage history). If you request it, we will provide a portable file of such data.
  • Right not to be subject to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing (including profiling) that significantly affects you legally or similarly. Currently, Have A Visit does not make any such automated decisions. Any important decisions (such as account suspension for policy violations) involve human review. If this changes, we will inform you and ensure your rights in this area.
  • Right to Lodge a Complaint: If you believe we have not complied with your data protection rights or our obligations, you have the right to file a complaint with a supervisory authority. Have A Visit is under the jurisdiction of the Danish Data Protection Authority (Datatilsynet). You can find their contact details below in the “Contact & Complaints” section. We encourage you to contact us first so we can address your concerns directly, but you are free to reach out to the DPA at any time.

You will not be discriminated against or charged a fee for exercising your rights. In general, our service is built to let you manage your own data to a large extent (e.g. editing profile, deleting account, adjusting preferences), but we are here to help with any requests or questions.

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant authorities (like the Danish Data Protection Authority) as required by law, and will take all steps necessary to mitigate the impact.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make changes, we will change the “Last Updated” date at the top of this policy.

If the changes are significant, we will provide a more prominent notice (for example, by email notification to registered users or by placing a notice on our website/app). We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

If we propose to use your personal data for a new purpose that is not covered by this policy, we will notify you (and, if required, seek your consent) before starting that processing.

By continuing to use the Service after those changes become effective, you acknowledge the updated policy. If you do not agree with any changes to the Privacy Policy, you should stop using our Service and you may delete your account at any time.

We do not currently maintain a separate Cookie Policy document; all relevant information is included in this Privacy Policy.

Currently, Have A Visit does not make any such automated decisions. If in the future we introduce features involving automated decision-making (e.g. algorithm-based match suggestions), we will ensure transparency and provide you with the appropriate rights under Article 22 GDPR.

Contact Information & Complaints

Your feedback and questions about privacy are important to us. If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

Have A Visit ApS
Attn: Privacy Team
Address: Nyborgvej 416, 5881 Skårup Fyn, Denmark
Email: privacy@haveavisit.com
(You can also reach us at support@haveavisit.com)

We will do our best to address and resolve any issues you bring to our attention.

If you feel that we have not adequately addressed your concerns or that we are violating your data protection rights, you have the right to lodge a complaint with the Danish Data Protection Authority (Datatilsynet) or your local supervisory authority in the EU. The Danish DPA’s contact details are:

  • Datatilsynet (Danish Data Protection Authority)
    Carl Jacobsens Vej 35, 2500 Valby, Denmark
    Phone: +45 33 19 32 00
    Email: dt@datatilsynet.dk
    Website: www.datatilsynet.dk

Datatilsynet can provide guidance and will handle your complaint independently.

However, we sincerely hope we can resolve any issue together before it reaches that stage. Thank you for trusting Have A Visit with your personal data – we are committed to keeping that trust.

End of Privacy Policy

Please print or save a copy of this Privacy Policy for your records. It is also available on our app & website at any time. By using Have A Visit, you acknowledge that you have read and understood this policy. We appreciate you taking the time to do so and for being a part of the Have A Visit community!