← LexLast updated: March 2026

Privacy Policy

WheresMyMEP ApS · CVR pending · Copenhagen, Denmark

1. Data Controller

WheresMyMEP ApS (“we”, “us”, “our”) is the data controller for personal data processed through the Lex intelligence platform (“Service”). You can contact us at privacy@wheresmymep.eu.

2. Data We Process

We process the following categories of personal data:

  • Account data: email address, password (hashed), account creation date
  • Company profile: company name, industry sector, EU member state presence, revenue band, and regulatory profile fields you provide during onboarding
  • Usage data: pages visited, digests generated, features used — collected for product improvement
  • Communication data: any messages you send to us via email

We do not process special categories of personal data (e.g. health data, political opinions of individuals).

3. Legal Basis

We process your data on the following legal bases under GDPR:

  • Contract performance (Art. 6(1)(b)): to provide and operate the Service you signed up for
  • Legitimate interests (Art. 6(1)(f)): product analytics and fraud prevention
  • Legal obligation (Art. 6(1)(c)): where required by Danish or EU law

4. Data Sharing

We share data with the following categories of processors:

  • Supabase Inc. (database hosting, EU region)
  • Anthropic PBC (AI model API — only company profile and policy file metadata, no personal end-user data)
  • Vercel Inc. (hosting and CDN)

We do not sell personal data to third parties.

5. Retention

We retain account data for the duration of your subscription plus 90 days after termination, unless a longer period is required by law. You may request deletion at any time.

6. Your Rights

Under GDPR you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate data
  • Erasure (“right to be forgotten”)
  • Data portability
  • Object to processing based on legitimate interests
  • Lodge a complaint with Datatilsynet (the Danish Data Protection Authority)

To exercise your rights, email us at privacy@wheresmymep.eu. We respond within 30 days.

7. Cookies

We use only strictly necessary session cookies for authentication. We do not use advertising or tracking cookies.

8. Governing Law

This policy is governed by Danish law and the EU General Data Protection Regulation (GDPR). Any disputes shall be subject to the jurisdiction of the courts of Copenhagen, Denmark.

9. Changes

We may update this policy. Material changes will be communicated by email to registered users at least 14 days before taking effect.

Questions? Email privacy@wheresmymep.eu · Terms of Service · Back to Lex