Privacy Policy

Last updated: April 6, 2026

Poised ApS ("we", "us", "our") operates the poised.dk website and the SafeDish iOS application. This Privacy Policy describes how we collect, use, share, and protect your personal information when you use our services.

1. Information We Collect

We may collect the following types of information:

• Account information: name and email address when you create an account
• Health & dietary data: allergies and intolerances you provide to personalize your experience
• Usage data: app interactions, search history, and saved preferences
• Device information: device type, operating system version, app version, and language settings
• Location data: approximate location (city-level) to show nearby restaurants, only with your consent

2. How We Use Your Information

We use your information to:

• Provide, maintain, and improve our services
• Personalize restaurant and menu recommendations based on your dietary needs
• Send service-related communications (account verification, updates)
• Analyze usage patterns to improve app functionality
• Ensure security and prevent fraud

3. Third-Party Data Sharing

We do not sell your personal data. We may share data with the following categories of third parties, all of whom are required to provide the same level of data protection as described in this policy:

• Hosting & infrastructure: Supabase (database), Vercel (hosting) — EU-based
• Analytics: anonymized usage data to improve the app experience

We do not share your health or dietary data with advertisers or other third parties.

4. Data Storage and Security

Your data is stored securely using industry-standard encryption (TLS in transit, AES-256 at rest). Our infrastructure is hosted within the European Union. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, or destruction.

5. Data Retention and Deletion

We retain your data only as long as necessary to provide our services or as required by law. You can request deletion of your account and all associated data at any time by contacting us at jarl@poised.dk. Upon receiving a deletion request, we will remove your data within 30 days.

6. Your Rights

Under the EU General Data Protection Regulation (GDPR), you have the right to:

• Access your personal data and receive a copy
• Request correction of inaccurate data
• Request deletion of your data ("right to be forgotten")
• Withdraw consent at any time
• Request data portability (receive your data in a machine-readable format)
• Object to or restrict processing of your data
• Lodge a complaint with the Danish Data Protection Agency (Datatilsynet)

To exercise any of these rights, contact us at jarl@poised.dk.

7. Children's Privacy

Our services are not directed at children under the age of 13. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 13, we will take steps to delete it promptly.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date and, where appropriate, through in-app notifications. Continued use of our services after changes constitutes acceptance of the updated policy.

9. Contact

For privacy-related inquiries, data access, or deletion requests, contact us at:

Poised ApS
Jarl Rosenlykke, Data Controller
jarl@poised.dk
CVR: 34453314
Holbæk, Denmark