We are the data controller for the processing of personal data that we handle about our customers and business partners. You can find our contact details below:
Pico Pizza ApS
Struenseegade 9
2200 Copenhagen N
CVR No.: 41700246
Our company is not required to have an external Data Protection Officer (DPO), but if you have any questions regarding the processing of your personal data, you can contact us at info@picopizza.dk.
As the data controller under the GDPR, we carry out the following processing activities.
When you visit our website, we use cookies to ensure the website functions properly. You can read more about this by pressing the icon located on the bottom right of this page.
If you have questions about our site or want to learn more about our services, you can contact us via:
In doing so, we will process your personal data to engage in a dialogue with you, for example, to answer questions about our services. We only process the information you provide to us as part of our communication.
We typically process the following general personal data: name, email, and phone number.
Our legal basis for processing this personal data is Article 6(1)(f) of the General Data Protection Regulation (GDPR).
In special cases, if there is a need to retain your personal data for a longer period, this may occur.
We need to communicate with our customers to ensure that the service is delivered correctly. In doing so, we may process information such as name, address, services, special agreements, payment details, and similar data.
The legal basis for processing this personal data is Article 6(1)(b) of the General Data Protection Regulation (GDPR).
We offer a newsletter that you can choose to subscribe to voluntarily – and you can unsubscribe at any time.
The purpose of the newsletter is to send subscribers emails with new information from the company, which may include updates to our website, announcements about our services etc.
We will only send you emails if you have given your explicit consent. This initially requires you to provide your email address, after which you will receive a confirmation email to complete your subscription and consent.
Our legal basis for processing your personal data (i.e. your email address) in connection with the newsletter is Article 6(1)(a) of the General Data Protection Regulation (GDPR).
We will process your personal data for as long as you remain subscribed to the newsletter. Once you unsubscribe, we will stop sending it to you.
We are required to retain all accounting records in accordance with the Danish Bookkeeping Act. This means we store invoices and similar documents for bookkeeping purposes. These documents may contain general personal data such as name, address, and service descriptions.
Our legal basis for processing personal data for accounting purposes is Article 6(1)(c) of the General Data Protection Regulation (GDPR).
We retain this information for a minimum of 5 years after the end of the current financial year.
We gladly accept job applications in order to assess whether they match an employment need within our company.
If you send us your job application, our legal basis for processing your personal data is Article 6(1)(f) of the General Data Protection Regulation (GDPR).
No one can do everything alone — and the same goes for us. We work with partners and use suppliers, some of whom act as data processors on our behalf.
External providers may, for example, supply systems for organizing our work, services, consultancy, IT hosting, or marketing.
Our data processors include:
It is our responsibility to ensure that your personal data is processed properly. Therefore, we set high standards for our partners, who must guarantee that your personal data is protected.
We enter into agreements with companies (data processors) that handle personal data on our behalf to enhance the security of your personal data.
We do not disclose your personal data to third parties.
We do not perform profiling or automated decision-making.
As a rule, we use data processors within the EU/EEA or who store data within the EU/EEA.
In some cases, this is not possible, and data processors outside the EU/EEA may be used, provided they can ensure an adequate level of protection for your personal data.
We ensure the security of personal data processing by implementing appropriate technical and organizational measures.
We have conducted risk assessments of our personal data processing and have subsequently implemented suitable technical and organizational measures to enhance data security.
Under the General Data Protection Regulation (GDPR), you have a number of rights regarding our processing of your personal data.
If you wish to exercise your rights, please contact us so we can assist you.
You have the right to access the personal data we process about you, as well as certain additional information.
You have the right to have incorrect personal data about you corrected.
In certain cases, you have the right to have your personal data deleted before the time of our general retention period expires.
In certain cases, you have the right to request a restriction of the processing of your personal data. If you are entitled to this, we may only process the data—apart from storage—with your consent, or for the establishment, exercise, or defense of legal claims, or to protect a person or important public interests.
In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You can also object to the processing of your data for direct marketing purposes.
In certain cases, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to have these personal data transferred from one data controller to another without hindrance.
You can read more about your rights in the Danish Data Protection Agency’s guide on data subject rights, available at www.datatilsynet.dk.
When our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time.
You have the right to file a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data. You can find their contact details at www.datatilsynet.dk.
We generally encourage you to learn more about the GDPR to stay informed about your rights and the regulations.