For information regarding your personal data collected, the purposes of processing, and the parties with whom the data is shared, please contact the Data Controller.
Data Controller
The Data Controller responsible for the processing of personal data is:
For any inquiries regarding the processing of your personal data, you may contact the Data Controller using the contact details provided above.
Types of Data Collected
The types of personal data collected by this Application may include, but are not limited to: name, email address, usage data (such as IP address, browser type, and visited pages), and cookies or other tracking technologies.
Complete details on each type of personal data collected are provided in the specific sections of this privacy policy or through information notices displayed before data collection.
Personal data may be freely provided by the User or, in the case of usage data, collected automatically when using this Application.
All requested data is mandatory unless otherwise specified. If the User refuses to provide it, the Service may not be available. Where this Application indicates that certain data is optional, Users may choose not to provide it without affecting availability or functionality.
Users uncertain about which data is mandatory may contact the Data Controller.
Processing of Collected Data
Methods of Processing Data is processed using appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction. Processing is carried out using IT tools, following procedures strictly related to the stated purposes.
Data may be accessible to authorized staff involved in operations (e.g. administration, marketing, legal) or external service providers (e.g. hosting providers, IT services), appointed where necessary as Data Processors.
An up-to-date list of such parties may be requested from the Data Controller.
Location Data is processed at the operating offices of the Data Controller and other locations where the parties involved are based. Data may be transferred to a country outside the EU. Users can refer to the section on international data transfers for more information.
Retention Time
Unless otherwise stated, personal data is processed and stored for as long as required by the purpose it was collected for, and may be kept longer where legal obligations or user consent apply.
Examples:
Data collected for contract performance is kept until the contract is completed.
Data collected based on legitimate interest is retained as long as needed to fulfill that purpose.
Data collected based on user consent may be retained until consent is withdrawn.
After expiration, personal data will be deleted. Rights such as access, deletion, or data portability can no longer be exercised after that time.
Legal Basis for Processing
The Data Controller may process personal data if:
The User has given explicit consent
Processing is necessary to perform a contract or pre-contractual obligations
Processing is required by law
Processing is for a task carried out in the public interest
Processing is based on the legitimate interests of the Data Controller or a third party
Users can contact the Data Controller to clarify the applicable legal basis.
User Rights Under the GDPR
Users have the right to:
Withdraw consent at any time
Object to processing of their data
Access their personal data
Request rectification of inaccurate data
Request restriction of processing
Request erasure of their data
Receive data in a structured format (data portability)
Lodge a complaint with a data protection authority
Users may also request information about international data transfers and safeguards.
Right to Object
If data is processed based on legitimate interest or public interest, Users may object by stating grounds related to their situation. Users can always object to processing for direct marketing purposes, free of charge and without justification.
How to Exercise Your Rights
Requests can be sent to the Data Controller using the contact details provided above. Requests are processed free of charge and within one month, in accordance with GDPR.
Additional Information
Legal Defense Personal data may be used to defend against legal claims arising from misuse of the Application.
System Logs and Maintenance This Application may collect logs that record interactions and may contain personal data (e.g. IP address), used for maintenance or security.
Additional Information Users may request more details on the processing of personal data at any time.
Changes to This Privacy Policy
We reserve the right to modify this Privacy Policy at any time. Updates will be posted on this page with a revision date. If changes affect processing based on consent, new consent will be requested where required.
Definitions
Personal Data: Any information that identifies or can be used to identify a natural person.
Usage Data: Information collected automatically (e.g. IP address, browser type, pages visited).
Data Subject: The individual to whom the personal data refers.
Data Processor: A third party that processes data on behalf of the Data Controller.
This Application: The website and digital services provided by pastadiem.dk.
