Privacy Policy

Last Updated: January 2026

1. Introduction

sigmahubovaes AS ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website or use our services. We are the data controller for the personal data we process about you.

2. Data Collection

We collect various types of personal data to provide and improve our restaurant software analysis services. The data we collect includes:

• Contact Information: Name, email address, phone number, and business address
• Business Information: Restaurant name, type of establishment, operational details, and software requirements
• Communication Data: Records of our correspondence, consultation notes, and service interactions
• Website Usage Data: IP address, browser type, pages visited, time spent on pages, and referral sources
• Technical Data: Device information, operating system, and website preferences

3. How We Use Your Information

We use your personal data for legitimate business purposes, including how we use your information to provide our services effectively:

• Providing restaurant software analysis and comparison services
• Communicating with you about our services and responding to enquiries
• Preparing customised reports and recommendations
• Improving our services and developing new offerings
• Complying with legal obligations and regulatory requirements
• Marketing our services to existing and potential clients (with consent)

4. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Contractual Necessity: To perform our services and fulfil our contractual obligations
• Legitimate Interests: To improve our services, conduct business operations, and communicate with clients
• Consent: For marketing communications and non-essential cookies
• Legal Obligation: To comply with applicable laws and regulations

5. Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

6. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in the following circumstances:

• With service providers who assist us in delivering our services (under strict confidentiality agreements)
• With software vendors when facilitating introductions (with your explicit consent)
• When required by law or to protect our legal rights
• In connection with a business transaction such as a merger or acquisition

7. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations. Specifically:

• Client data is retained for the duration of our business relationship plus 5 years for potential future services
• Communication records are kept for 3 years after the last contact
• Website analytics data is retained for 26 months
• Marketing consent records are kept until consent is withdrawn

8. Your Rights

Under GDPR and Danish data protection laws, you have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Correct any inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Limit how we use your personal data
• Right to Data Portability: Receive your personal data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis

9. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection.

11. Children's Privacy

Our services are not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and indicating the date of the last revision.

13. Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

14. Supervisory Authority

If you are not satisfied with our response to your data protection concerns, you have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) or your local data protection authority.

This Privacy Policy is governed by Danish law and the General Data Protection Regulation (GDPR).