GDPR Compliance Statement

GDPR Compliance Statement

Effective December 1, 2025
Effective December 1, 2025

Version: 1.00

Version: 1.00

At MuCoDi, we are committed to protecting your personal data and ensuring full compliance with the General Data Protection Regulation (GDPR) for individuals located in the European Union (EU) and European Economic Area (EEA). This GDPR Statement outlines how we collect, process, and safeguard your personal information in accordance with EU law.

At MuCoDi, we are committed to protecting your personal data and ensuring full compliance with the General Data Protection Regulation (GDPR) for individuals located in the European Union (EU) and European Economic Area (EEA). This GDPR Statement outlines how we collect, process, and safeguard your personal information in accordance with EU law.

1. Introduction

1. Introduction

This GDPR section explains your rights, our responsibilities, and the lawful basis on which we process your personal data. It applies to all EU/EEA users who interact with or access our website, platform, or services (“Services”).

By using our Services, you acknowledge that you have read and understood this policy.

This GDPR section explains your rights, our responsibilities, and the lawful basis on which we process your personal data. It applies to all EU/EEA users who interact with or access our website, platform, or services (“Services”).

By using our Services, you acknowledge that you have read and understood this policy.

2. Legal Basis for Processing Personal Data

2. Legal Basis for Processing Personal Data

We only process your personal data when one or more of the following legal grounds apply:

  • Consent: You have clearly agreed to allow us to process your data for a specific purpose.

  • Contractual Necessity: We require your data to deliver the services you’ve requested.

  • Legal Obligation: We must process your information to comply with applicable laws

  • Legitimate Interests: We process your data to improve our services, enhance security, and ensure functionality—without overriding your fundamental rights.

We only process your personal data when one or more of the following legal grounds apply:

  • Consent: You have clearly agreed to allow us to process your data for a specific purpose.

  • Contractual Necessity: We require your data to deliver the services you’ve requested.

  • Legal Obligation: We must process your information to comply with applicable laws

  • Legitimate Interests: We process your data to improve our services, enhance security, and ensure functionality—without overriding your fundamental rights.

3. Your GDPR Rights

3. Your GDPR Rights

If you reside in the EU/EEA, you have the following rights regarding your personal data:

If you reside in the EU/EEA, you have the following rights regarding your personal data:

3.1 Right of Access

3.1 Right of Access

You may request a copy of the personal data we hold about you.

You may request a copy of the personal data we hold about you.

3.2 Right to Rectification

3.2 Right to Rectification

You may request corrections or updates to inaccurate or incomplete information.

You may request corrections or updates to inaccurate or incomplete information.

3.3 Right to Erasure (“Right to Be Forgotten”)

3.3 Right to Erasure (“Right to Be Forgotten”)

You may request deletion of your personal data, subject to legal or operational limitations.

You may request deletion of your personal data, subject to legal or operational limitations.

3.4 Right to Restrict Processing

3.4 Right to Restrict Processing

You may request that we temporarily limit the processing of your personal data.

You may request that we temporarily limit the processing of your personal data.

3.5 Right to Data Portability

3.5 Right to Data Portability

You may request your data in a structured, machine-readable format and transfer it to another controller.

You may request your data in a structured, machine-readable format and transfer it to another controller.

3.6 Right to Object

3.6 Right to Object

You may object to processing activities based on legitimate interests or direct marketing.

You may object to processing activities based on legitimate interests or direct marketing.

3.7 Right to Withdraw Consent

3.7 Right to Withdraw Consent

You may withdraw your consent at any time without affecting prior lawful processing.

You may withdraw your consent at any time without affecting prior lawful processing.

To exercise any of these rights, contact us at:

info@mucodi.co

To exercise any of these rights, contact us at:

info@mucodi.co

4. International Data Transfers

4. International Data Transfers

Your personal data may be transferred and processed outside the EU/EEA. When such transfers occur, we ensure your data remains protected by implementing appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs)

  • Adequacy decisions

  • Secure encrypted transfer protocols

You may request us to delete your data at any time.

Your personal data may be transferred and processed outside the EU/EEA. When such transfers occur, we ensure your data remains protected by implementing appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs)

  • Adequacy decisions

  • Secure encrypted transfer protocols

You may request us to delete your data at any time.

5. Data Minimization & Storage Duration

5. Data Minimization & Storage Duration

We follow GDPR’s data minimization principles by collecting only the information necessary to deliver and improve our Services.

We follow GDPR’s data minimization principles by collecting only the information necessary to deliver and improve our Services.

We retain your personal data only as long as needed to:

  • Fulfill the purpose for which it was collected

  • Meet legal and regulatory requirements

  • Resolve disputes

  • Enforce agreements

You may request deletion at any time, subject to applicable legal requirements.

We retain your personal data only as long as needed to:

  • Fulfill the purpose for which it was collected

  • Meet legal and regulatory requirements

  • Resolve disputes

  • Enforce agreements

You may request deletion at any time, subject to applicable legal requirements.

6. Security Measures

6. Security Measures

We apply industry-standard technical and organizational security practices, including:

  • Encryption of stored and transferred data

  • Access control restrictions

  • Multi-layer authentication

  • Regular system monitoring

  • Security audits and updates

While no system is fully immune to risks, we take all reasonable steps to safeguard your personal data.

We apply industry-standard technical and organizational security practices, including:

  • Encryption of stored and transferred data

  • Access control restrictions

  • Multi-layer authentication

  • Regular system monitoring

  • Security audits and updates

While no system is fully immune to risks, we take all reasonable steps to safeguard your personal data.

7. Data Protection Officer (DPO)

7. Data Protection Officer (DPO)

If required by law, we appoint a Data Protection Officer (DPO) responsible for overseeing GDPR compliance and privacy matters.

If required by law, we appoint a Data Protection Officer (DPO) responsible for overseeing GDPR compliance and privacy matters.

For GDPR inquiries:

info@mucodi.co

For GDPR inquiries:

info@mucodi.co

8. Automated Decision-Making & Profiling

8. Automated Decision-Making & Profiling

We do not use your personal data for automated decision-making or profiling that produces significant legal or personal effects.

We do not use your personal data for automated decision-making or profiling that produces significant legal or personal effects.

9. How to File a Complaint

9. How to File a Complaint

If you believe your GDPR rights have been violated, you may file a complaint with your local Data Protection Authority (DPA). We encourage you to contact us first so we can address your concerns promptly and effectively.

If you believe your GDPR rights have been violated, you may file a complaint with your local Data Protection Authority (DPA). We encourage you to contact us first so we can address your concerns promptly and effectively.

10. Contact Information

10. Contact Information

If you have any questions or requests regarding GDPR or your personal data, please contact us:

If you have any questions or requests regarding GDPR or your personal data, please contact us:

Email: info@mucodi.co
Phone: (415) 555-0123

Address: 123 Museum Avenue, Copenhagen, Denmark

Email: info@mucodi.co
Phone: (415) 555-0123

Address: 123 Museum Avenue, Copenhagen, Denmark

11. Our Data Centers are in Finland and Germany.

11. Our Data Centers are in Finland and Germany.

Empowering museums to showcase their collections digitally and reach broader audiences worldwide.

Contact Us

Hammerensgade 1267

Copenhagen K Denmark

+45 70 70 12 15

info@mucodi.co

Subscribe for newsletter

Email

© 2026 Mucodi.co. All rights reserved.

Privacy Policy

Terms of Service

Cookie Policy

Empowering museums to showcase their collections digitally and reach broader audiences worldwide.

Contact Us

Hammerensgade 1267

Copenhagen K Denmark

+45 70 70 12 15

info@mucodi.co

Subscribe for newsletter

Email

© 2026 Mucodi.co. All rights reserved.

Privacy Policy

Terms of Service

Cookie Policy

Empowering museums to showcase their collections digitally and reach broader audiences worldwide.

Contact Us

Hammerensgade 1267

Copenhagen K Denmark

+45 70 70 12 15

info@mucodi.co

Subscribe for newsletter

Email

© 2026 Mucodi.co. All rights reserved.

Privacy Policy

Terms of Service

Cookie Policy

Empowering museums to showcase their collections digitally and reach broader audiences worldwide.

Contact Us

Hammerensgade 1267

Copenhagen K Denmark

+45 70 70 12 15

info@mucodi.co

Subscribe for newsletter

Email

© 2026 Mucodi.co. All rights reserved.

Privacy Policy

Terms of Service

Cookie Policy