Proactive Creator
Method-to-AI systems for specialists
Legal

Privacy Policy

Last updated: April 29, 2026

Preamble

Proactive Creator works with a small number of specialists at a time. The personal data we hold is, by design, narrow: enough to assess fit, deliver the engagement, and support the working relationship - and no more.

This policy describes that practice plainly. It is written to inform, not to insulate.

1. Introduction

This Privacy Policy explains how Proactive Creator collects, uses, stores, shares, and protects personal data when you interact with the service.

Proactive Creator is a strategic and implementation service operated by Proactive Health & Retreat ApS.

This Privacy Policy applies when you:

  • visit proactivecreator.com
  • submit an inquiry or qualification form
  • book a strategy call
  • enter into a project or commercial dialogue with us
  • otherwise interact with Proactive Creator

2. Data Controller

The data controller for personal data processed through Proactive Creator is:

Proactive Health & Retreat ApS
CVR: 41372192
Vornæs Skovvej 14
5700 Svendborg
Denmark

Contact: hello@proactivecreator.com

3. What Data We Collect

We may collect and process:

  • name
  • email address
  • company details
  • contact information
  • qualification form submissions
  • project and inquiry information
  • strategy call notes and meeting metadata
  • support and commercial communications
  • information voluntarily shared with us in relation to a possible or active engagement
  • technical data such as IP address, browser type, device type, referrer, and pages visited

4. How We Use Personal Data

We use personal data to:

  • respond to inquiries
  • assess fit for Proactive Creator engagements
  • prepare proposals and agreements
  • deliver strategic and implementation services
  • communicate with prospective and active clients
  • support ongoing client relationships
  • improve the website and service through aggregated analytics
  • comply with legal, accounting, and contractual obligations
  • establish, exercise, or defend legal claims where necessary

5. Legal Basis for Processing

Where GDPR applies, we rely on one or more of the following legal bases:

  • steps requested by you prior to entering into a contract
  • performance of a contract
  • our legitimate interests in operating, securing, and developing the service
  • compliance with a legal obligation
  • your consent, where required by law (for example, non-essential cookies)

6. Cookies, Analytics, and Tracking

We use a small number of analytics and measurement tools to understand how the website is used and how prospective clients move through it. These tools may set cookies or use similar technologies.

Tools currently in use:

  • Google Analytics 4 (GA4) - aggregated traffic and behaviour analytics
  • Meta Pixel - measurement of campaign reach and conversion on Meta platforms
  • LinkedIn Insight Tag - measurement of campaign reach and conversion on LinkedIn

These tools may transfer data outside the EU/EEA. See section 9 on international transfers.

Where required by law, non-essential cookies will only be set after you give consent through the cookie banner. You can change or withdraw your consent at any time. Browser settings can also be used to block or delete cookies; doing so may affect site functionality.

7. Sub-Processors

We use a small set of trusted sub-processors to operate the service. The current list is:

  • Lovable Cloud (Supabase) - application hosting, database, authentication, edge functions
  • Cal.com - strategy call scheduling
  • Resend - transactional email delivery
  • Google Workspace - business email, document collaboration, calendar
  • Google Analytics 4 - website analytics
  • Meta Pixel - campaign measurement on Meta platforms
  • LinkedIn Insight Tag - campaign measurement on LinkedIn
  • ElevenLabs - voice generation for selected AI deliverables

Each sub-processor is bound by its own terms and, where applicable, a data processing agreement. We review this list periodically and update it when sub-processors are added or removed.

8. Data Processing Agreement

Where Proactive Creator acts as a data processor on behalf of a client - for example, while building or operating an AI client-access layer that handles end-user data - a separate Data Processing Agreement (DPA) governs that processing.

Clients can request the standard DPA at hello@proactivecreator.com.

9. International Transfers

Some of our sub-processors are based outside the EU/EEA, including in the United States. Where personal data is transferred outside the EU/EEA, we rely on lawful transfer mechanisms such as the European Commission's Standard Contractual Clauses, adequacy decisions where they apply, and supplementary measures where appropriate.

You can request more detail on these transfer mechanisms by contacting us.

10. Data Minimization

We process only the information reasonably necessary to assess, structure, deliver, and support Proactive Creator engagements. We do not collect data speculatively.

11. Data Retention

We retain personal data for as long as necessary to:

  • manage inquiries and prospective engagements
  • deliver and support active engagements
  • support legal, accounting, and contractual obligations (including statutory bookkeeping retention under Danish law, currently five years)
  • maintain legitimate business continuity and reference history

Where retention depends partly on third-party infrastructure used in a specific implementation, that retention also depends on the relevant processor-side handling and the client's chosen operating model.

When personal data is no longer needed, it is deleted or anonymized.

12. Data Sharing

We may share personal data with the trusted sub-processors listed in section 7, and with professional advisors (such as accountants and lawyers) where strictly necessary.

We may also share personal data where required by law, court order, or to protect our legitimate interests in establishing, exercising, or defending legal claims.

We do not sell personal data.

13. Data Security

We take reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These measures include access controls, encrypted transport, vendor selection criteria, and regular review of our processing.

No system is perfectly secure. In the event of a personal data breach that is likely to result in a risk to your rights, we will notify the relevant supervisory authority and, where required, affected individuals in accordance with GDPR.

14. Your Rights

If GDPR applies to you, you may have the right to:

  • access your personal data
  • request correction of inaccurate or incomplete data
  • request deletion
  • object to certain processing, including processing based on legitimate interests
  • request restriction of processing
  • request data portability
  • withdraw consent where processing is based on consent
  • lodge a complaint with a supervisory authority - in Denmark, Datatilsynet (datatilsynet.dk)

To exercise your rights, contact hello@proactivecreator.com. We respond within one month of a verified request, in line with GDPR.

15. Children

Proactive Creator is a B2B service intended for professional use. We do not knowingly collect personal data from children under 16. If you believe a child has provided personal data to us, please contact hello@proactivecreator.com and we will delete it.

16. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version is always available on this page with the updated date. Material changes will be highlighted where reasonably possible.

17. Contact

For privacy questions, requests, or commercial inquiries, contact hello@proactivecreator.com.