1. Introduction to Your Privacy

At On A Roll - Sushi Amager (operated by Vibecast ApS), we respect your privacy and are deeply committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your personal information when you visit our website (https://onaroll.dk), interact with our content, or place an order for takeaway. We process all personal data strictly in accordance with the European General Data Protection Regulation (GDPR) and Danish data protection laws.

Data Controller Information: Vibecast ApS Bremensgade 3, st. th., 2300 Copenhagen S CVR: 44608332 Email: hey@onaroll.dk

2. What Personal Data We Collect

To enter into a purchase agreement and successfully deliver our products to you, we must collect specific personal information. This data includes:

  • Contact Information: Your full name, delivery address, billing address, telephone number, and email address.

  • Order Details: Information regarding the specific items you have purchased, order notes, and transaction amounts.

  • Technical Data: Your IP address, browser type, time zone settings, and operating system when you browse our site.

  • Account Data: If you choose to create a user account, we store your chosen username, password (in an encrypted format), and saved preferences.

3. Purpose and Legal Basis for Processing

We do not collect data arbitrarily. We process your information for the following specific purposes:

  • Fulfillment of Contract: To process your payment, prepare your food, and deliver the goods to your specified address.

  • Customer Support: To communicate with you regarding your order status, handle inquiries, and process potential complaints or refunds.

  • Legal Obligations: To comply with Danish bookkeeping and accounting laws, which require us to retain transaction records.

  • Security: To monitor against fraudulent transactions and ensure the security of our webshop infrastructure.

4. Data Sharing and Third Parties

We treat your personal data with strict confidentiality. We do not sell, rent, or trade your data to marketing agencies. However, to operate our business, we share necessary data with trusted third-party processors:

  • Payment Gateways: To securely process your credit card, MobilePay, or PayPal transactions. (We do not store your raw credit card numbers on our servers).

  • Logistics Partners: To facilitate the physical delivery of your order to your door.

  • IT Infrastructure: Hosting providers and automated spam detection services (which may check visitor comments).

  • System Emails: If you request a password reset, your IP address will be included in the automated reset email for security purposes.

5. Data Retention

We keep your personal data only for as long as necessary to fulfill the purposes outlined in this policy.

  • Order Data: Information related to purchases is stored for 5 years to comply with the Danish Bookkeeping Act.

  • User Profiles: For users that register on our website, we store the personal information provided in their profile indefinitely, or until the user deletes their account.

  • Comments: If you leave a review or comment, the comment and its metadata are retained indefinitely to recognize and approve follow-up comments automatically.

6. Your Rights Under GDPR

As a consumer, you have extensive rights regarding your personal data:

  • Right to Access: You can request an exported file of the personal data we hold about you.

  • Right to Rectification: You can log in and correct inaccurate information in your profile, or ask us to update it.

  • Right to Erasure (Right to be Forgotten): You can request that we delete your personal data. Note that this does not include data we are legally obliged to retain for administrative, tax, or security purposes.

  • To exercise any of these rights, please contact us via our Contact form or email us directly at hey@onaroll.dk.

7. Comprehensive Cookie Policy

Our website utilizes "cookies"—small text files saved to your device—to enhance your user experience, analyze site traffic, and maintain essential website functionality.

Types of Cookies We Use:

  • Essential Functionality Cookies: If you visit our login page, a temporary cookie checks if your browser accepts cookies (contains no personal data and is discarded when the browser closes). When you log in, cookies save your login info (lasting 2 days to 2 weeks if "Remember Me" is checked) and screen display choices (lasting 1 year).

  • Comment Cookies: If you leave a comment, you may opt-in to saving your name, email, and website in cookies for convenience. These last for one year.

  • Editing Cookies: If you edit an article/page (administrative), a cookie storing the post ID is saved for 1 day.

Embedded Content: Articles on this site may include embedded content (e.g., YouTube videos, Instagram posts). Embedded content behaves exactly as if you visited the source website. These external websites may collect data, use their own cookies, embed third-party tracking, and monitor your interaction with that content, especially if you are logged into an account on their platform.

Managing Cookies: You can clear, block, or manage cookies at any time through your web browser's settings. Please note that blocking essential cookies may prevent you from logging into your account or adding items to your shopping cart.