Operating status: You may currently experience problems logging into e-Boks

Terms of use - Business

  1. General terms
  2. Digital mailbox
  3. Digital services
  4. e-Boks mobile
  5. User support
  6. Terms for processing personal data
  7. Commercial Viewing Client

1. General terms

1.1 Scope

Upon becoming a user of the services provided by e-Boks Nordic A/S (hereinafter ”e-Boks”), you accept on behalf of your enterprise (hereinafter “the Enterprise”) these terms of use for e-Boks when opening an account on the e-Boks platform. These terms of use apply to enterprises using the services/product provided by e-Boks as business users, including e-Boks’ websites, support, apps, social media and other digital platforms and when participating in e-Boks user surveys. By accepting the terms of use, the Enterprise also accepts e-Boks' Privacy Policy and Cookies Policy.

1.2 About e-Boks

e-Boks is a digital platform which provides the Enterprise with access to digital mail from both public authorities and private enterprises.

e-Boks provides the Enterprise with access to:

  • letters, messages etc. (hereinafter "Messages") from private enterprises and digital mail from public authorities,
  • the Enterprise’s archives in e-Boks,
  • communicating directly and securely with a registered enterprise,
  • signing agreements digitally,
  • making payments through partners, and
  • using the services and functions that e-Boks may offer at any time by virtue of e-Boks' cooperation with third parties.

1.3 Limitation of liability

Unless otherwise required by law, e-Boks cannot be held liable for the solutions offered by e-Boks, the content of Messages, notifications, or for losses incurred in the event of delay, non-delivery, incorrect delivery, loss of data, IT errors, virus, damage to your hardware or force majeure situations, regardless of whether such circumstances affect e-Boks alone. Moreover, e-Boks does not acknowledge any liability for damages for breach of contract, non-performance or non-functionality. e-Boks is not liable for any loss as a result of unauthorized use, e.g. if other parties have been granted access to the Enterprise’s digital e-Boks mailbox, or the Enterprise’s access to e-Boks User Support, or if the Enterprise has failed to inform e-Boks of any irregularities or unauthorised use, or suspicion thereof. Nor will e-Boks be liable for third party services offered via the e-Boks solution.

1.4 Inactivity

If the Enterprise discontinues its activities, e-Boks reserves the right to delete the Enterprise’s data. If the Enterprise has not logged into e-Boks for over 5 years, e-Boks reserves the right to delete the Enterprise’s data.

1.5 Changes to the terms of use

e-Boks may change and update the terms of use on https://private.e-boks.com/danmark/en, where the applicable terms will always be available. In the event of major changes, notification will be given via the Enterprise’s e-Boks mailbox with at least 30 days’ notice.

1.6 Rights

All material in e-Boks, such as names, logos, trademarks, graphics, text, icons, images, software etc., belongs to e-Boks and its partners and is protected by the legislation on trademark protection, copyright and marketing practices.

1.7 Governing law and venue

Disputes concerning matters regulated by these terms must be settled by Danish courts in accordance with Danish law.

1.8 Contact

e-Boks can be contacted via private.e-boks.com/danmark/en/contact/

2. Digital mailbox

In the Enterprise’s digital mailbox at e-Boks, the Enterprise can receive mail from both public authorities and private enterprises.

2.1 Legal effect

The Messages that the Enterprise receives via e-Boks will not be sent to the Enterprise as regular mail. Messages received in e-Boks have the same legal effect as if they were received by regular mail, e.g. regarding payment, acceptance and complaints deadlines. Messages will be regarded as having been delivered to the Enterprise when they are made available to the Enterprise in e-Boks.

2.2 Responsibility

The Enterprise is responsible for:

  • regularly checking whether new Messages have been delivered to its digital mailbox at e-Boks,
  • ensuring that e-Boks always has the Enterprise's correct email address and/or mobile number if the Enterprise wants to be notified of new Messages,
  • immediately changing its password and informing e-Boks if the Enterprise becomes aware of or suspects irregularities or unauthorised use of its digital mailbox at e-Boks,
  • granting and administering access for individuals to the Enterprise’s e-Boks account, including deleting such access in accordance with the Enterprise’s needs, and
  • reading the contents of the original document if the Enterprise uses e-Boks’ Reading Tools.

The Enterprise is also responsible for the content it archives in e-Boks always being in compliance with applicable law.

2.3 Deletion

Messages deleted in a digital mailbox at e-Boks cannot be restored or recreated. Only the Enterprise and anyone who have access to the Enterprise’s digital mailbox can delete messages and documents in the Enterprise’s digital mailbox at e-Boks at any time. e-Boks cannot access the content of the Enterprise’s messages. However, e-Boks reserves the right to make messages in the digital mailbox at e-Boks inaccessible when e-Boks is obliged to do so by law, and when other people's personal data have been compromised by error.

2.4 Registration and deregistration

When creating your user account, the Enterprise accepts being registered with all senders using e-Boks’ services to send digital mail.

2.4.1 Registering and deregistering for messages from senders

By default, the Enterprise is registered with all senders using the e-Boks platform. The Enterprise can deregister itself from receiving Messages from senders in e-Boks at any time, unless the Enterprise has entered into agreement with senders that requires the Enterprise to have a digital mailbox at e-Boks or with senders are otherwise entitled by law to send mail to the Enterprise. Any changes made to the Enterprise’s registrations will affect mail received by e-Boks after the date the change comes into effect. In the event of a sender transferring its activities and/or assets, the Enterprise’s registrations may be automatically changed in accordance with that transfer.

2.4.2 Deregistration of digital mailbox

The Enterprise can deregister or delete its digital mailbox at e-Boks at any time. However, e-Boks will remain subject to these terms for as long as the Enterprise stores personal data with e-Boks.

3. Digital services

e-Boks allows the Enterprise to access different digital services of its own choice. The content depends on who supplies and administers the digital service. The digital services the Enterprise chooses will either be supplied and administered by e-Boks or a third party.

e-Boks is entitled to pre-install services that do not have the character of commercial services, and that e-Boks find to be of relevance to all users. The Enterprise can opt out of such services at any time, see item 3.3.

3.1 Content in digital services

The content shown when accessing a digital service may be determined by a third party. When such third parties provide content through a digital service, e-Boks has no responsibility or liability for the content of the service.

3.2 Consent and verification

When choosing to access an add-on digital service provided and administered by a third party, the Enterprise accepts that e-Boks discloses any data necessary to the third party for it to be able to verify the Enterprise. The Enterprise will always be informed what data are being disclosed when adding a service.

3.3 Opting out of digital and pre-installed services

The Enterprise may freely opt out of services provided by e-Boks. To do so, simply delete the service in question in the settings. When the Enterprise opts out of a service, it does not mean that the Enterprise no longer has a user account with the third party providing and administering the service, and that third party can continue to have data registered about the Enterprise. To delete the Enterprise’s user profile and/or data held by a third party, the third party must be contacted directly. Deletion of data held by a third party is not e-Boks' responsibility.

4. e-Boks Mobile

4.1 Scope

e-Boks gives the Enterprise option to access e-Boks Mobile via the e-Boks App (hereinafter "the App”). Not all e-Boks functions can be executed in the App. To use these functions, the Enterprise must log-in to e-Boks in a browser. The App can be used to:

  • read and manage Messages,
  • save images from a camera or image archive,
  • register and deregister mail senders,
  • edit user profile with email and mobile number,
  • and to pay bills.

4.2 Right of use

The Enterprise acquires a non-exclusive and non-transferable right to use the App on any smartphone or tablet (iOS, Android or Windows) that the Enterprise owns or controls within the limits of these terms and Danish copyright law. The Enterprise may not distribute the App or make it accessible on a computer network. The Enterprise may not let, lease, lend, sub-license or sell the App. The Enterprise may not attempt to derive the source code, modify, or create derivatives of the App. Any breach of these terms of use and/or violation of Danish copyright law will automatically terminate the Enterprise’s right to use the App under these terms of use. In addition to termination the Enterprise’s right to use the App, any breach of these terms of use and/or breach of Danish copyright law may lead to legal action against the Enterprise. e-Boks may withdraw or alter the Enterprise’s right to use the App in accordance with these terms of use.

4.3 Unauthorised use

If the Enterprise suspects that other parties have acquired knowledge of its password or activation code, the Enterprise must change them immediately. Password and activation code can be found in the Enterprise’s e-Boks digital mailbox under Settings.

4.4 Biometric authorisation

Biometric authorisation such as touch ID or face ID can be used by the Enterprise’s employees to log-in to the App. For this to be possible, the Enterprise must accept that the device’s ability to use biometric authorisation will be linked to its user profile in the App. The Enterprise can only link registered biometric details of the device to one user profile in the App. Other parties may make unauthorised use of the App if they have access to administering biometric authorisation on the Enterprise’s device. The Enterprise must therefore ensure only its authorised personnel are able to use their biometric details as access code. Only use biometric authorisation on devices to which only the Enterprise personnel have access, and never on jailbroken devices. If the Enterprise has taken over a device from someone else, it must ensure that all saved biometric details are deleted before activating its own. If the Enterprise hands over a device to someone else, it must always ensure that its user profile in the App is deleted first.

4.5 Termination of biometric authorisation

The Enterprise can terminate its use of biometric authorisation to log on to the App by:

  • removing its user profile from the list of enabled users in the App,
  • logging on to the App and disabling the selected biometric authorisation under Settings, or
  • deleting the App from the device.

4.6 Lost mobile device

If a mobile device is lost, the Enterprise must generate a new activation code and/or access code for its e-Boks digital mailbox as soon as possible.

4.7 Blocking of mobile access

e-Boks reserves the right to block mobile access for security reasons on suspicion of unauthorised use. If mobile access is blocked, the Enterprise can contact e-Boks.

4.8 Reading Tools

e-Boks provides certain functions that use artificial intelligence (AI), including for summarising, simplifying, translating and similar purposes of processing of the content of digital messages (“Reading Tools”).

The Reading Tools are only provided as an assistance and AI-generated content may be incomplete or contain errors. e-Boks cannot guarantee that the AI-generated content is correct, complete or up to date and cannot be held liable for any actions taken by the Enterprise on the basis of such content.

The AI-generated content does not replace the original message or the documents attached to it. The content of the original documents shall always prevail, including in relation to rights, obligations and any applicable deadlines.

If the Enterprise chooses to use e-Boks’ Reading Tools, it thereby accepts that e-Boks does not warrant or guarantee the accuracy or correctness of the content generated by the Reading Tools. The Enterprise therefore accepts any risk associated with any inaccuracy of that content. The Enterprise may not bring any claim against e-Boks arising from content generated by the Reading Tools. The Enterprise is also obliged to indemnify e-Boks against any claims brought against e-Boks arising from the Enterprise’s use of the Reading Tools.

5. User support

e-Boks User Support gives the Enterprise access to communicate with a support team that provides assistance related to the use of e-Boks’ solutions.

5.1. Submission of personal data

The Enterprise is responsible for ensuring that personal data are only entered in the user support fields designed for this purpose. If personal data, such as civil registration numbers (CPR number) are entered in subject or description fields or in the chat function, an enquiry will be automatically deleted and will not be processed.

5.2. Suspected unauthorised use

If the Enterprise becomes aware of or suspects irregularities or unauthorised use of its access to e-Boks User Support, the Enterprise must immediately change its password and notify e-Boks.

6. Terms for processing personal data

The terms determine the rights and obligations for the Enterprise as data controller and e-Boks as data processor when the Enterprise uses e-Boks services, including the digital mailbox and archive solution.

“Personal data” is defined as any form of information on an identified or identifiable natural person, ref. article 4(1) in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“the General Data Protection Regulation”).

6.1 Scope and purpose

e-Boks only processes personal data for purposes necessary to be able to provide its services to the Enterprise, including allowing the Enterprise to use a digital mailbox and the archive system.

6.2 Processing activities

The processing of personal data by e-Boks on behalf of the data controller (the Enterprise) in connection with provision of services includes:

  • Collection
  • Registration
  • Systematisation
  • Storage
  • Erasure
  • Disclosure

Furthermore, the data are included in general statistics for the use and application of e-Boks’ services.

6.3 Categories of personal data and data subjects

6.3.1 Categories of personal data

The contents of messages and documents that are transferred to e-Boks, either by a sender for delivery in the Enterprise’s digital mailbox or by the Enterprise for storing in its archive system at e-Boks, are determined by the sender or the Enterprise. Messages and documents therefore contain free text (fritekst) that is not determined by e-Boks, and that may contain a wide range of personal data.

e-Boks’ processing may therefore include the following types of personal data:

  • General personal data (such name, address, IP address, tel. no., e-mail address, sender ID, message ID, transaction ID, transaction data, log data, metadata for receipt and sending of mail, DPID numbers, RID numbers, UUID number)
  • Free text in messages
  • Criminal offences
  • Civil registration number
  • Racial or ethnic origin
  • Political opinions
  • Religious beliefs
  • Philosophical beliefs
  • Trade union membership
  • Health data, including genetic and biometric data
  • Data concerning sex life or sexual orientation.

6.3.2 Categories of data subjects

In the same manner as the content of messages and documents, the categories of data subjects of whom e-Boks processes personal data are determined by the Enterprise or the sender. As such, data subjects can fall within a number of categories, including employees, former employees, job seekers, customers, members, owners etc., or others who are mentioned in the content of documents and messages (free text).

6.3.3 Duration of processing

The duration of processing of personal data is determined by the Enterprise. More details can be found under clause 2.4.2.

6.4 The Enterprise’s instructions

e-Boks only processes the personal data referred to above on the basis of instructions from the Enterprise, unless such processing is required under EU law and Member State laws, in which case e-Boks will inform the Enterprise of such legal requirements before processing, unless the law in question prohibits such information to safeguard important public interests.

In accordance with these terms of use, the instructions from the Enterprise consist of the processing and storing of personal data which the Enterprise transfers to or receives in e-Boks’ system. In relation to content in the commercial viewing client, the instructions from the Enterprise consist solely of displaying the mail from public senders. Reference is also made to the Act to consolidate the Danish Act on Digital Mail. If e-Boks regards a specific instruction as being in violation of applicable data protection law, e-Boks will notify the Enterprise thereof.

6.5 The Enterprise’s responsibility as data controller

The Enterprise decides which personal data it wants e-Boks to process. The Enterprise therefore warrant that the purpose of processing personal data is legal and legitimate, and that no more personal data are processed by e-Boks than absolutely necessary in relation to the purpose. The Enterprise is responsible for ensuring the lawfulness of processing when the personal data is transferred to e-Boks, including (if required) obtaining a consent that is specific, voluntary, unambiguous and informed.

The Enterprise further warrants that the data subjects to whom the personal data relates, have been given sufficient information regarding the processing of their personal data.

Any instruction or amendments to instructions concerning the processing of personal data according to these terms must be presented to e-Boks.

The Enterprise is obliged to inform e-Boks of any changes in the purpose, the lawfulness of processing, the Enterprise’s instructions etc., including (but not limited to) changes to the categories/types of personal data and data subjects e-Boks shall process about on behalf of the Enterprise according to these terms.

6.6 Processing security

The processing of personal data by e-Boks on behalf of the Enterprise may include a large volume of personal data subject to Article 9 of the General Data Protection Regulation on “special categories of personal data”, and e-Boks is therefore obliged to ensure a ”high” level of security by implementing the technical and organizational security measures as described in clause 6.7 below.

6.7 Technical and organizational security precautions

e-Boks shall implement the necessary technical and organisational security measures, including any additional measures that may be required, to prevent personal data against accidental or unlawful destruction, loss or alteration, and against to any unauthorised disclosure to third parties, unauthorised use, or any other processing in violation of applicable data protection law.

e-Boks has implemented an information security management system in accordance with the ISO 27001 standard, including the implementation of all controls in the ISO 27002 standard.

The technical and organizational security precautions therefore include

  • Physical safeguards for protection of sites against unauthorised access to personal data
  • Technical and organisational measures and procedures for ensuring that access to personal data is limited to staff with a work-related need of access to such data
  • Technologies for secure identification, authentication and authorisation
  • Measures for encryption of personal data

6.8 Confidentiality

e-Boks ensures that the employees involved in the processing of personal data are bound by a duty of confidentiality and are subject to a to a statutory duty of secrecy.

6.9 Personal data breach

In the event of a breach or suspicion of a breach of data protection law related to the processing of personal data, e-Boks shall inform the Enterprise, and will, at the request of the Enterprise, assist with determining the cause of the breach, including the nature of the personal data breach and, if possible, (a) which categories of persons (data subjects) were involved, including the approximate number, (b) the probable consequences of the personal data breach and (c) categories of personal data and approximate number of registrations of personal data, as well as which measures e-Boks has taken to remedy the ascertained personal data breach. Any further investigation into security breaches will be at the Enterprise’s expense. If e-Boks is to assist the Enterprise with the provision of information to third parties, such as the Danish Data Protection Agency or data subjects in connection with the personal data breach, the Enterprise shall pay related expenses incurred by e-Boks.

6.10 Possibility of provision of documentation and auditing

The Enterprise can request e-Boks to account for and/or document that e-Boks fulfils the requirements of the General Data Protection Regulation, including that e-Boks has implemented the necessary technical and organizational security measures. Any costs incurred by e-Boks in connection with such a request shall be paid by the Enterprise.

At the request of the Enterprise, by further agreement and given minimum 9 months’ prior notice, e-Boks shall facilitate and contribute to an annual audit including inspection by the Enterprise or an auditor authorized by the Enterprise. When making such a request, the Enterprise shall include a detailed audit plan containing scope, duration, purpose and proposed start date for the audit. e-Boks may, if necessary, demand provision of security for the expenses associated with the audit.

When the Enterprise uses a third party for the audit, the Enterprise warrants that the third party accepts and complies with e-Boks’ requirements for security and confidentiality. The Enterprise cannot use any third party without e-Boks’ prior approval. e-Boks may only refuse approval on reasonable grounds, including, but not limited to, the third party being a competitor.

6.11. Objections to processing etc.

Taking into account the nature of the processing, the data processor shall assist the data controller by appropriate technical and organisational measures, insofar as this is possible, in the fulfilment of the data controller’s obligations to respond to requests for exercising the data subject’s rights laid down in Chapter III General Data Protection Regulation. The Enterprise shall refund the related expenses incurred by e-Boks.

e-Boks shall assist the Enterprise to a reasonable extent and at the latter’s expense in ensuring compliance with the obligations set out in Article 32-36 of the General Data Protection Regulation, with due consideration being given to the nature of the processing and the details available to e-Boks.

6.12. Disclosure of personal data to suppliers (sub-processors)

e-Boks uses suppliers to operate the e-Boks solution and therefore discloses the Enterprise’s personal data to those sub-data processors listed in Appendix 1 below. e-Boks supervises and audit these sub-data processors.

6.12.1 Changes in the use of sub-processors

e-Boks will inform the Enterprise in writing if e-Boks plans to make changes in the use of suppliers (sub-processors). The Enterprise will then have the opportunity to make objections as soon as possible and within 30 calendar days from receiving notification from e-Boks. The Enterprise can only make objections on reasonable and specific grounds.

If the Enterprise makes a reasonable and specific objection to the use of sub-processors within the deadline specified, e-Boks shall take it into consideration in accordance with the following. e-Boks can thus choose to take remedial actions in response to the Enterprise’s objection. Should e-Boks decide against taking remedial actions or is unable to take remedial actions within a reasonable period of time, the Enterprise is entitled to cease using e-Boks’ services, including the digital mailbox and archive solution, and can request the return and/or deletion of personal data.

e-Boks only stores personal data within the borders of the EU.

Prior to the disclosure of personal data to a supplier/sub-processor, e-Boks will enter into a written data processing agreement that meets the requirements of the General Data Protection Regulation. If the sub-processor fails to comply with its data protection obligations, e-Boks will be fully liable to the Enterprise for the performance of the sub-processor’s obligations.

7. Commercial viewing client

e-Boks grants the Enterprise access to digital mail from public senders. The Enterprise’s digital mail from public authorities can also be accessed from the public viewing clients (virk.dk) as an alternative/supplement to e-Boks.

7.1. Authentication of end-users

An end-user is authenticated by logging in to e-Boks via NemLog-In.

7.2. Change of terms of use for end-users

A minimum of 30 days’ notice must be given of changed terms of use for the viewing client before the changes take effect.

7.3. Notice of termination

Notice of termination of end-users of the viewing client is done at a minimum of 30 days’ notice.

Version 2.2 - 2026/02

Appendix 1 – Sub-processors

Company name CVR number or equivalent Address Description of processing Comments
e-Boks Development A/S 42309745 Hans Bekkevolds Alle 7, 1.
2900 Hellerup
Danmark		 Supplier of operation and maintenance services for e-Boks’ platform. Processing within the EU/EEA in:
- Denmark
e-Boks Group A/S 41015918 Hans Bekkevolds Alle 7, 1.
2900 Hellerup
Danmark		 Supplier of operation and maintenance services for e-Boks’ platform. Processing within the EU/EEA in:
- Denmark
Aeven A/S 43432133 Østmarken 3A
2860 SØborg
Danmark		 Hosting e-Boks’ platform. Processing within the EU/EEA in:
- Denmark
Aeven Czech Republic s.r.o
(sub processor for Aeven A/S)		 031 37 236 Explora Jupiter
Bucharova 2641/14 3.NP
CZ-158 00 Prag
Tjekkiet		 Provides IT operation and support related to hosting e-Boks’ platform Processing within the EU/EEA in:
- Czech Republic
Aeven Hungary Kft.
(sub processor for Aeven A/S)		 01-09-432639 1138 Budapest
Népfürdö utca 22
Building B 13th. Floor
Budapest
Ungarn		 Provides IT operation and support related to hosting e-Boks’ platform Processing within the EU/EEA in:
- Hungary
Stratu ApS 42543039 Lautrupparken 40
2750 Ballerup
Danmark		 Hosting e-Boks’ platform. Processing within the EU/EEA in:
- Denmark