Skip to main content

Privacy policy at Dan Cake

Dan Cake processes the information you provide us or we collect about you in accordance with applicable rules. We are aware that your information must be processed with respect for the confidentiality of the information and for your privacy. On this page you can read more about our processing of your personal data and your rights.

Data controller

Dan Cake is the data controller for the processing of your personal data.

The company information is as follows:
info@dancake.dk
+45 7573 1844

Hjortsvangen 15,
DK-7323 Give

Purpose and background

Below is an explanation of the purpose and the most common legal basis for Dan Cake processing your personal data.

  • Collection and processing of personal data:

    We collect a number of general personal data, cf. Article 6 of the General Data Protection Regulation. Depending on the circumstances, we may process your identity, contact and professional information, including name, e-mail, phone number, birthday, private address, IP address and information about our business relationship. In addition, we process payment information in case of purchase.

    - According to agreement. We only collect the personal data that is necessary for the performance of our work. We primarily process your data for the purpose of entering into or fulfilling the agreement we have with you or your company. The legal basis for this processing is GDPR Article 6(1)(b) and our legitimate interest in managing the customer relationship, cf. GDPR Article 6(1)(f).
    Collection and processing of personal data will also be based on consent where this has been validly given, cf. GDPR Article 6(1)(a). The data subject has the right to withdraw consent at any time, cf. GDPR Article 7. Consent can be withdrawn through our compliance officer - see below.

    - Marketing via the website. The purpose of this processing activity is to share information about the organization's services and products. The processing is based on GDPR Article 6(1)(f) (legitimate interest) as we pursue our marketing interest and interest in targeting our material to reach as many potential customers as possible. We process your IP address for this purpose.

    - Contact form on the website. The purpose of the activity is to establish contact with potential customers and business partners, including by answering the inquiry. The processing is based on Article 6(1)(f) GDPR (legitimate interest), as we pursue our legitimate interest in answering the inquiry, weighted against the fact that the visitor has provided the information in order to be contacted.

    - Competitions. Dan Cake processes the contact details of competition participants in connection with competitions. The purpose of the processing is to be able to contact the winner of a competition. In some cases, the processing is also carried out in order to send marketing to the competition participant. The legal basis for the processing is GDPR Article 6(1)(b) (contractual relationship) and, where marketing is the purpose, GDPR Article 6(1)(a) (consent). Consent can be withdrawn at any time.

  • Third countries

    Dan Cake does not transfer your personal data to third countries (countries outside the EU/EEA).

  • Data Security

    We ensure that access to private personal data is limited to those who need it to perform their work tasks. Other Dan Cake employees do not have access to private personal data.

    We have high standards for security, also when it comes to the protection of your personal data. We have a number of internal procedures and policies to ensure that we live up to our high security standards and thus meet the requirements of implementing appropriate technical and organizational security measures. In doing so, we do our best to ensure the accuracy and integrity of your personal data.

    Security on all our IT is built-in and always active. This means that we have the best prerequisites for protecting all our data and thus your information. Our IT security covers, among other things. Encryption of email, MalWare protection, antivirus and Firewall. We perform risk assessments on our work processes. By reviewing these processes, we have tightened security for you as a customer.

  • Storage and deletion


    We delete your personal data when we no longer need to process it to fulfill one or more of the purposes stated above. However, special legal rules, including in e.g. the Danish Bookkeeping Act, may give us the obligation or right to store it for a longer period of time. The data may also be processed and stored longer if it is anonymized.

    We always delete personal data five years after contract expiration. We store data for five years to ensure that it is possible to answer questions related to contractual matters or to secure, exercise or defend legal claims.

Data subject rights and contact details

  • Your rights as a data subject

    When we process your personal data, you have a number of rights under Chapter 3 of the General Data Protection Regulation that you can demand from us as data controllers of your personal data.

    - You have the right to gain insight into what personal data we process about you
    - You have the right to have the personal data we have registered about you corrected and updated
    - You have the right to have the personal data we have registered about you deleted. If you wish to have your personal data deleted, we will delete all information that we are not required by law to store
    - The right to data portability. You have the right to receive your personal data that you have provided to us in a machine-readable format, and you have the right to have your data transmitted to another data controller if technically possible
    - The right to restriction of processing. In certain cases, you have the right to have the processing of your personal data restricted.
    - Right to object. In certain cases, you have the right to object to our otherwise lawful processing of your personal data.
    - If the processing of personal data is based on your consent, you have the right to withdraw your consent, which means that processing will then cease unless we are required by law to process the personal data.

    However, the above may be limited for the protection of other people's privacy, trade secrets, intellectual property rights or other legal obligations that override the above rights.

    If you wish to gain insight into what personal data we store about you, you can contact our compliance officer.

    You can also contact us if you have any other questions about the processing of your personal data. The compliance officer that you can contact at any time in relation to our privacy policy is our privacy policy is: Ulla Andersen at ulla.andersen@dancake.dk

  • Reporting to the data protection authority and the data subject


    We have a duty to inform the Danish Data Protection Agency if we have a data breach. Data breaches can be several things. It can be accidental data that has been sent to the wrong recipient, hacker attacks, etc. If we experience this, we must contact the Danish Data Protection Agency within 72 hours, and in some cases the data subject it may concern.

  • Complaint to the Danish Data Protection Agency

    You have the right to lodge a complaint with the Danish Data Protection Agency if you disagree with the way we process your personal data. You can find the Danish Data Protection Agency's contact details at www.datatilsynet.dk

  • Changes to this privacy policy


    The privacy policy will be continuously changed when necessary. You can always see when the policy was last updated at the bottom of this page.

    Last updated in 2025

Find your Dan Cake favorite