Privacy Policy

Subscription People ApS ("ConsortiaManager")

Effective date: 20 January 2026

1. Who we are (data controller for this website)

Subscription People ApS ("ConsortiaManager", "we", "us") is the data controller for the processing described in this Privacy Policy when you visit our website, contact us, sign up for marketing, or otherwise interact with us directly.

Contact details:

  • Subscription People ApS
  • Hovedvagtsgade 6, 5 tv, 1103 Copenhagen K, Denmark
  • CVR: DK-34576335
  • Email: info@consortiamanager.com
  • Phone: +45 3061 1551
2. Scope

This Privacy Policy applies to (a) visitors to our website (including marketing pages for Open Journal Finder and Transformative Agreement Manager), (b) prospects and customers who contact us or request a demo, and (c) individuals who receive communications from us about our products and services.

Our software products are used by libraries, institutions, consortia and their staff. Where we process personal data on behalf of a customer within the ConsortiaManager platform (including OJF/TAM), the customer is typically the data controller and we act as a data processor. See section 12 (Processor activities).

3. Personal data we collect

Depending on how you interact with us, we may collect the following categories of personal data:

3.1 Website usage and device data
  • IP address (often truncated or stored in an aggregated form), approximate location, browser type, device identifiers, and technical logs.
  • Pages viewed, clicks, referrer URLs, timestamps, and other usage statistics.
3.2 Contact and business information
  • Name, work email, job title, institution/organization, country, phone number (if provided).
  • Messages and information you submit via forms (e.g., demo requests, support inquiries).
3.3 Customer account and service data (limited)

If you are a customer administrator or user, we may process limited account information needed to provide access and support (e.g., user name, email, role, login metadata). Content and records stored in the platform are generally provided by our customers and processed under the customer contract/Data Processing Agreement (DPA) (see section 12).

3.4 Cookies and similar technologies

We use cookies and similar technologies (e.g., pixels, tags) to operate our website, measure performance, and support advertising. See section 10 (Cookies, analytics and advertising).

4. How we use your personal data (purposes)

We use personal data for the following purposes:

  • Provide and secure our website and services; troubleshoot and prevent abuse.
  • Respond to inquiries and demo requests; manage customer relationships.
  • Provide customer support and communicate service updates.
  • Improve our website, products and documentation.
  • Market our products to organizations and professionals (B2B marketing) where permitted by law.
  • Comply with legal obligations and protect our legal rights.
5. Legal bases for processing (GDPR)

For individuals in the EEA/UK, we rely on the following legal bases under the GDPR/UK GDPR, depending on the context:

  • Contract: to take steps at your request prior to entering into a contract and to perform a contract with you or your organization.
  • Legitimate interests: to run our business, improve our services, ensure security, and conduct B2B marketing to relevant professional contacts (you can object at any time).
  • Consent: for certain cookies/advertising technologies and where we send marketing communications that require consent.
  • Legal obligation: to comply with applicable laws (e.g., accounting, tax, security, sanctions).
6. Sharing and disclosure

We may share personal data with:

  • Service providers (processors) that help us operate our website and business (e.g., hosting, analytics, email delivery, CRM, customer support tooling).
  • Professional advisers (legal, accounting, auditors) where necessary.
  • Authorities, regulators, or law enforcement where required by law.

We do not sell personal data.

7. International transfers

We are based in Denmark. Some of our service providers may process data outside the EEA/UK (for example, in the United States). Where we transfer personal data internationally, we use appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, and supplementary measures as required.

8. Retention

We keep personal data only as long as necessary for the purposes described above. Typical retention periods:

  • Website analytics logs: typically 14-26 months (configurable depending on tool settings).
  • Sales inquiries/demo requests: typically up to 24 months after last interaction, unless we enter into a customer relationship.
  • Customer account data: for the duration of the contract and a limited period thereafter for legal and audit purposes.
  • Accounting records: as required by applicable law.
9. Security

We implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. No method of transmission over the internet is completely secure; however, we work to protect your data using industry-standard safeguards.

10. Cookies, analytics and advertising

We use cookies and similar technologies to (a) operate and secure our website, (b) understand how visitors use our pages, and (c) measure and improve marketing campaigns.

10.1 Google Analytics

If enabled on our website, Google Analytics helps us understand website usage (for example, number of users, session statistics, approximate geolocation, and browser/device information). We configure Analytics to support our reporting needs and to respect your cookie choices where required. You can learn more about how Google Analytics collects and processes data and install the Google Analytics Opt-out Browser Add-on.

10.2 Google Ads / conversion tracking / remarketing

If enabled, we use Google Ads features (such as conversion tracking and/or remarketing) to measure the effectiveness of ads and to show ads to people who have previously visited our website. Third-party vendors, including Google, may use cookies or identifiers to serve ads based on a user's prior visits to this website.

10.3 Your choices

You can control cookies through our cookie preferences tool and through your browser settings. You can also opt out of Google's use of advertising cookies by visiting Google Ads Settings. Where required by law, we will request your consent before setting non-essential cookies.

11. Your rights

Depending on your location and applicable law (including the GDPR/UK GDPR), you may have rights to:

  • Access your personal data and receive a copy.
  • Rectify inaccurate data.
  • Delete your data in certain circumstances.
  • Restrict or object to processing (including an unconditional right to object to direct marketing).
  • Data portability (in certain circumstances).
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with your local data protection authority (for Denmark: Datatilsynet).

To exercise your rights, contact us at info@consortiamanager.com. We may ask you to verify your identity before responding.

You are not required to provide personal data to browse our website. If you choose not to provide information in a contact or demo form, we may not be able to respond or provide the requested service.

We do not use your personal data to make decisions based solely on automated processing (including profiling) that produce legal or similarly significant effects.

12. Processor activities (data processed on behalf of customers)

When a library/consortium (our customer) uses our software (including Open Journal Finder and Transformative Agreement Manager), the customer typically determines what personal data is uploaded or created in the platform and how it is used. In those cases, the customer is the data controller and we act as a data processor under the customer contract and Data Processing Agreement (DPA).

If you are an end user whose data is processed in a customer account and you want to exercise privacy rights, please contact the relevant customer directly. We will assist our customers in fulfilling their obligations as required by law and contract.

13. Updates to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version on our website and change the "Effective date" above.