MealGig processes personal data in accordance with the EU GDPR and Danish data protection law. We are committed to transparency, data minimisation, and security.
1.2 Data Categories Collected
Contact details: name, email, phone.
Account information: login details, preferences.
Payment data: processed by secure third-party provider.
Booking details: date, time, location.
Health-related data: allergies, intolerances (optional, with explicit consent).
Communications: in-app messages, support interactions.
1.3 Purposes of Processing
Account creation and management.
Booking and payment facilitation.
Safe meal preparation according to dietary needs.
Customer communication.
Service improvement and compliance with legal requirements.
1.4 Legal Basis
Contract performance.
Legal obligation.
Legitimate interest.
Explicit consent (special category data).
1.5 Data Protection Measures
Encryption in transit and at rest.
Access control and role-based permissions.
Separation of health data from general account data.
1.6 Retention
See Section 5 Retention Schedule.
1.7 Sharing
We share data only with:
Chefs (only for relevant booking).
Service providers under DPAs: Stripe (payments), AWS (hosting), [Email provider], [Analytics provider].
Authorities when legally required.
1.8 International Data Transfers
All personal data is stored within the EEA unless otherwise stated.
Where data is transferred outside the EEA, we use Standard Contractual Clauses or rely on adequacy decisions.
1.9 User Rights
Access, rectification, deletion, restriction, objection, portability, consent withdrawal, and complaint to Datatilsynet.