Privacy Policy for Nordic Prime Meat House

This privacy policy explains how Nordic Prime Meat House collects, uses, stores, shares, and protects personal data in connection with our business activities, including sales of meat products, customer service, order handling, delivery coordination, invoicing, and communication with customers, suppliers, and business partners.

Data controller: Nordic Prime Meat House
Address: Nordhavnsgade 21, 2150 Nordhavn, København
Email: [email protected]
Phone: +45 32 18 74 96

1. Introduction and company information

Nordic Prime Meat House is responsible for the processing of personal data collected through our website, by email, by telephone, in-store, and in connection with orders, deliveries, complaints, and other customer interactions. We process personal data in accordance with the General Data Protection Regulation (GDPR), the Danish Data Protection Act, and applicable Danish privacy rules.

This privacy policy applies to personal data relating to customers, potential customers, suppliers, business contacts, website users, and other individuals whose data we process in the course of our operations.

2. Data collection and processing

We may collect and process the following categories of personal data, depending on your relationship with us:

• Identification and contact details: name, address, email address, telephone number, and company name.
• Order and transaction data: purchased products, order history, payment status, delivery details, invoices, and complaints.
• Communication data: correspondence with us by email, phone, contact forms, or other channels.
• Technical data: IP address, browser type, device information, and usage data collected through our website, where applicable.
• Business relationship data: supplier information, contact persons, contract details, and account information.
• Special categories of data: we do not intentionally collect sensitive personal data. Please do not provide such information unless it is necessary and lawful to do so.

We generally collect personal data directly from you. In some cases, we may also receive data from payment providers, delivery partners, public authorities, or other business partners where necessary for the purposes described in this policy.

3. Purpose of data processing

We process personal data for the following purposes:

• to handle orders, payments, deliveries, and returns;
• to provide customer service and respond to inquiries;
• to issue invoices, manage accounting, and comply with bookkeeping obligations;
• to maintain business relationships with suppliers and partners;
• to improve our products, services, operations, and website;
• to prevent fraud, misuse, and unauthorized access;
• to comply with legal obligations under Danish and EU law;
• to manage complaints, disputes, and claims;
• to send marketing communications where permitted by law or with consent.

4. Legal basis for processing

We process personal data only where we have a valid legal basis under GDPR. Depending on the specific processing activity, the legal basis may be one or more of the following:

• Performance of a contract: when processing is necessary to fulfill an order, deliver products, or otherwise provide requested services.
• Legal obligation: when processing is required to comply with accounting, tax, consumer protection, food safety, or other applicable legal requirements.
• Legitimate interests: when processing is necessary for our legitimate business interests, such as customer service, fraud prevention, internal administration, and business development, provided that your interests and fundamental rights do not override those interests.
• Consent: where we rely on your consent, for example for certain marketing activities or optional cookies, if applicable.

Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Data sharing and third parties

We may share personal data with third parties when necessary for the purposes described in this policy. Such recipients may include:

• payment service providers;
• delivery and logistics partners;
• IT and hosting providers;
• accountants, auditors, and legal advisers;
• public authorities, where required by law;
• marketing or communication service providers, where applicable;
• other business partners involved in the execution of our services.

We only disclose personal data to third parties to the extent necessary and subject to appropriate contractual and security safeguards. Where a third party acts as a data processor, we ensure that a data processing agreement is in place in accordance with GDPR requirements.

6. Data transfer to third countries

As a general rule, we aim to store and process personal data within the EU/EEA. If personal data is transferred to a country outside the EU/EEA, we will ensure that such transfer is carried out in compliance with applicable data protection law, including by using an adequate transfer mechanism such as:

• an adequacy decision by the European Commission;
• Standard Contractual Clauses approved by the European Commission;
• supplementary technical and organizational safeguards where necessary.

You may contact us for further information about any international transfers and the safeguards applied.

7. Storage duration

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. The retention period depends on the type of data and the purpose of processing.

• Order and customer data: retained for the duration of the customer relationship and thereafter for as long as necessary to handle claims, disputes, and legal obligations.
• Accounting and invoice data: retained in accordance with Danish bookkeeping and tax requirements, typically for the legally required retention period.
• Communication records: retained for as long as necessary to document inquiries, complaints, or business correspondence.
• Marketing data: retained until you withdraw consent or object, where applicable, or until the data is no longer needed.

When personal data is no longer needed, it will be securely deleted, anonymized, or otherwise irreversibly removed from our systems.

8. User rights

Under applicable data protection law, you have the following rights regarding your personal data:

• Right of access: you may request confirmation of whether we process your personal data and obtain a copy of that data.
• Right to rectification: you may request correction of inaccurate or incomplete personal data.
• Right to erasure: you may request deletion of personal data in certain circumstances, subject to legal retention obligations.
• Right to restriction: you may request that we limit processing in certain situations.
• Right to data portability: where processing is based on consent or contract and carried out by automated means, you may request to receive your data in a structured, commonly used, machine-readable format and, where technically feasible, have it transmitted to another controller.
• Right to object: you may object to processing based on legitimate interests and, in certain cases, to processing for direct marketing purposes.

To exercise your rights, please contact us using the contact details below. We may need to verify your identity before responding to your request. We will respond within the time limits required by law.

9. Withdrawal of consent

If we process your personal data based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

You may withdraw consent by contacting Nordic Prime Meat House at [email protected]. If you withdraw consent for marketing communications, we will stop sending such communications as soon as reasonably possible.

10. Right to complain

If you are dissatisfied with our processing of your personal data, you are encouraged to contact us first so that we can address your concerns.

You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet):

Datatilsynet
Carl Jacobsens Vej 35
2500 Valby
Denmark
Website: www.datatilsynet.dk

11. Data security

We take appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access. These measures may include access controls, password protection, encryption where appropriate, secure storage, staff confidentiality obligations, and regular review of our security procedures.

Although we strive to protect personal data, no system can be guaranteed to be completely secure. We therefore encourage you to take reasonable precautions when communicating with us online.

12. Contact information

If you have questions about this privacy policy or our processing of personal data, or if you wish to exercise your rights, please contact:

Nordic Prime Meat House
Nordhavnsgade 21, 2150 Nordhavn, København
Email: [email protected]
Phone: +45 32 18 74 96

13. Changes to privacy policy

We may update this privacy policy from time to time to reflect changes in our practices, legal requirements, or operational needs. The latest version will always be available through our usual communication channels or on our website, if applicable.

We encourage you to review this privacy policy periodically. Continued use of our services after changes have been made will be subject to the updated version of the policy.