Privacy Policy for Nordic Prime Butchers

This Privacy Policy explains how Nordic Prime Butchers collects, uses, stores, shares, and protects personal data in connection with its business activities, including the sale of meat products, customer service, online and offline orders, delivery arrangements, and related communications.

Data controller: Nordic Prime Butchers
Address: Nordhavnsgade 15, 2150 København, Denmark
Email: [email protected]
Phone: +45 32 67 48 91

This Privacy Policy is prepared in accordance with applicable Danish and EU data protection rules, including the General Data Protection Regulation (GDPR) and the Danish Data Protection Act.

1. Introduction and company information

Nordic Prime Butchers is responsible for the processing of personal data collected in connection with its operations. We process personal data only to the extent necessary and in accordance with applicable law. This Privacy Policy applies to personal data collected from customers, prospective customers, business partners, website visitors, suppliers, and other individuals who interact with Nordic Prime Butchers.

2. Data collection and processing

We may collect and process the following categories of personal data:

• Identification and contact data: name, address, email address, phone number, and delivery information.
• Order and transaction data: order history, purchased products, payment status, invoices, and delivery details.
• Communication data: messages, inquiries, complaints, feedback, and correspondence with customer service.
• Account and technical data: login details if applicable, IP address, device information, browser type, and website usage data.
• Marketing preferences: consent choices, newsletter subscriptions, and communication preferences.
• Supplier and business contact data: contact details of employees or representatives of suppliers and business partners.

We generally collect personal data directly from you when you place an order, contact us, subscribe to communications, visit our website, or otherwise interact with us. In some cases, we may receive data from third parties such as payment service providers, delivery partners, or public authorities where permitted by law.

3. Purpose of data processing

We process personal data for the following purposes:

• to process and fulfill orders for meat products and related goods;
• to arrange delivery, pickup, and customer support;
• to manage payments, invoicing, refunds, and accounting obligations;
• to communicate with customers and respond to inquiries;
• to maintain business records and comply with legal obligations;
• to prevent fraud, misuse, and unauthorized access;
• to improve our products, services, website, and customer experience;
• to send marketing communications where permitted and, where required, with consent;
• to manage supplier and business relationships.

4. Legal basis for processing

We process personal data only where we have a valid legal basis under the GDPR. Depending on the specific processing activity, the legal basis may be one or more of the following:

• Performance of a contract: where processing is necessary to fulfill an order, provide services, or take steps at your request before entering into a contract.
• Legal obligation: where processing is necessary to comply with accounting, tax, consumer protection, food safety, or other legal requirements.
• Legitimate interests: where processing is necessary for our legitimate business interests, such as customer service, fraud prevention, IT security, and business administration, provided that your interests and fundamental rights do not override those interests.
• Consent: where you have given clear consent, for example for certain marketing communications or cookies where required by law.

Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Data sharing and third parties

We may share personal data with third parties only when necessary and in accordance with applicable law. These third parties may include:

• Payment service providers for processing payments and refunds;
• Delivery and logistics providers for shipping and order fulfillment;
• IT and hosting providers for website, email, cloud storage, and system maintenance;
• Accounting, audit, and legal advisers where necessary for compliance and business operations;
• Public authorities where disclosure is required by law or lawful request;
• Marketing and analytics providers where relevant and permitted by law.

We require our service providers to handle personal data securely and only in accordance with our instructions and applicable data protection law.

6. Data transfer to third countries

As a general rule, we aim to store and process personal data within the EU/EEA. If personal data is transferred to a country outside the EU/EEA, we will ensure that appropriate safeguards are in place in accordance with the GDPR, such as:

• an adequacy decision by the European Commission;
• standard contractual clauses approved by the European Commission;
• additional technical and organizational safeguards where necessary.

You may contact us for more information about any international data transfers and the safeguards used.

7. Storage duration

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. The retention period depends on the type of data and the purpose of processing. In general:

• Order, invoice, and accounting records are retained for the period required under Danish accounting and tax rules, typically up to 5 years or longer where legally required;
• Customer service communications are retained for as long as needed to handle the inquiry and any follow-up;
• Marketing data is retained until you withdraw consent or object, unless a longer retention period is required or permitted by law;
• Technical logs and security data are retained for a limited period necessary for security, troubleshooting, and system integrity.

When personal data is no longer needed, we will delete, anonymize, or securely archive it in accordance with applicable law and internal retention procedures.

8. User rights (access, rectification, erasure, restriction, data portability, objection)

Under applicable data protection law, you have the following rights regarding your personal data:

• Right of access: you may request confirmation of whether we process your personal data and obtain a copy of that data;
• Right to rectification: you may request correction of inaccurate or incomplete personal data;
• Right to erasure: you may request deletion of your personal data where the legal conditions are met;
• Right to restriction: you may request that we limit the processing of your personal data in certain circumstances;
• Right to data portability: where processing is based on consent or contract and carried out by automated means, you may request to receive your data in a structured, commonly used, machine-readable format or have it transmitted to another controller where technically feasible;
• Right to object: you may object to processing based on legitimate interests and, at any time, to processing for direct marketing purposes.

To exercise your rights, please contact us using the details provided below. We may ask for information necessary to verify your identity before responding to your request. We will respond within the time limits set by applicable law.

9. Withdrawal of consent

If we process your personal data based on consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal. If you withdraw consent, we may no longer be able to provide certain services or communications that depend on that consent.

10. Right to complain

If you have concerns about how we process your personal data, we encourage you to contact us first so that we can address your concerns directly. You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet).

Danish Data Protection Agency (Datatilsynet)
Carl Jacobsens Vej 35
2500 Valby
Denmark
Website: www.datatilsynet.dk

11. Data security

Nordic Prime Butchers implements appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures may include:

• access controls and role-based permissions;
• secure storage and encryption where appropriate;
• regular backups and system monitoring;
• staff training on confidentiality and data protection;
• procedures for handling data breaches and security incidents;
• vendor assessments and contractual safeguards for processors.

While we take reasonable steps to protect personal data, no system can be guaranteed to be completely secure.

12. Contact information

If you have questions about this Privacy Policy or our processing of personal data, please contact:

Nordic Prime Butchers
Nordhavnsgade 15, 2150 København, Denmark
Email: [email protected]
Phone: +45 32 67 48 91

13. Changes to privacy policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. The updated version will be published on our website or otherwise made available to you. We encourage you to review this Privacy Policy periodically to stay informed about how Nordic Prime Butchers processes personal data.

Last updated: 2026-05-12