Privacy Policy

Introduction

Too Good To Go ApS (“TGTG”) works to ensure that your privacy is protected when using our Services. We therefore have a policy setting out how your Personal Data will be processed and protected. Please stay updated on any changes to this Privacy Policy by visiting our websites and mobile applications (“Platform”).

This Privacy Policy only concerns TGTG’s Customers and users of our Platform and Services.

What information do we collect?

TGTG collects information to operate our business and provide you with opportunities for reducing food waste. We collect both Personal Data and Other Information in support of these efforts.

  • "Personal Data" is information that can be used, directly or indirectly, alone or together with other information, to identify you as an individual Customer. This may include your precise Location Data.

  • "Other Information" is information that is anonymous, aggregate, de-identified, or otherwise does not reveal your identity. Some examples include age, gender, browser and operating system, time spent using our Services, and webpages visited. We collect and use this information to understand how you and our Customers as a whole use our Services and constantly tune, enhance, innovate and build products and services to reflect the needs of our Customers. We also collect responses from trusted Payment Service Providers when you make purchases on the Platform. Depending on payment method, this may include a subscription ID that is sent to the Payment Service Provider. We DO NOT collect any credit card information. When you are using a mobile device, we also collect and use your Apple Identifier for Advertising (IDFA) and Google Advertising ID (AAID) to recognize your device and support activities on our Services. These number values are not permanently tied to your device and, depending on your operating system, you can reset it through your device settings.

We collect Personal Data in the following ways:

  1. When you register with us, we collect registration and demographic details, e.g., name, email address, password, country and exact location. We may also collect your mobile phone number.

We process this Personal Data because it is necessary for performing the agreement with you for the use of the Platform, pursuant to GDPR article 6 (1) (b).

  1. When you use or interact with our Services, we collect Personal Data such as Location Data. We use your Location Data to provide a more relevant service. We may also use your Location Data to conduct analytics to improve the Services.

We collect Location Data in several ways:

  1. from your wireless carrier,

  2. directly from the device on which you use our Services.

The way in which we collect Location Data is different depending on whether you are accessing the Services through a website or a mobile application.

If you are accessing the Services through one of our mobile applications, the way we collect Location Data will differ depending on your mobile device’s operating system. In all events, we do not collect Location Data, unless you have allowed its collection when prompted. If you decline to allow Location Data collection in the app, we will not collect your Location Data unless you manually enter it in.

We process this Personal Data based on your consent, pursuant to GDPR article 6 (1) (a).

Other Information: We may collect Other Information about your use of our Services. This includes, for example, your device type, carrier provider, browser type, operating system, internet domain and host name, date and time of access as well as referring and onward URL, as well as transactional data about the activities you undertake and how you interact with the Services, such as what data is displayed, clicked on or shared, the click stream patterns, and the length of time spent on each site or page; and searches you may conduct on the Services.

We process this Personal Data because it is necessary for the purposes of the legitimate interests pursued by us in order to improve our Platform, pursuant to GDPR article 6 (1) (f).

  1. When you connect with us through social media, we may collect account or profile information.

You may choose to enable, log into or sign on to the Services through Facebook ("Social Networking Services"). When you connect using your Social Networking Services accounts, we may collect Personal Data that you have provided to that Social Networking Service. For example, when you log in with your Facebook credentials, with your consent we may collect Personal Data from your Facebook profile that is permitted under Facebook’s Terms of Use, such as your email address and profile picture. If you do not want to provide us with this information, you will need to amend the privacy settings on your Social Networking Services account. For more information, please review the privacy disclosures and terms of your Social Networking Services account, which govern how that account information is collected and shared with us.

We process this Personal Data based on your consent, pursuant to GDPR article 6 (1) (a).

  1. When you take surveys and enter promotions, contests, and sweepstakes, we collect contact, demographic and eligibility information.

We may sponsor contests, sweepstakes and other promotions ("Promotions") and we may request that you provide Personal Data, such as name, address, email address, telephone number and age and other information that may be appropriate in order to participate.

We may also launch surveys that ask you to answer questions about a range of topics from personal information to brand and product preferences.

We process this Personal Data based on your consent, pursuant to GDPR article 6 (1) (a) or because it is necessary for the purposes of the legitimate interests pursued by us in order to improve our Platform, pursuant to GDPR article 6 (1) (f).

When we collect Personal Data directly from you, you voluntarily provide us with the Personal Data in order to use the Platform.

The submission of your Personal Data to us is voluntary, but the consequence of not submitting your Personal Data may be that you cannot use the Platform or enter into promotions, contests, or sweepstakes.

How do we use your Personal Data?

We use the data we collect to operate our business, advertise and improve our existing Platform, develop new services and to improve and personalize your experiences interacting with us. We also use your Personal Data to communicate with you.


We will use your Personal Data for the following purposes:

  1. Operate our business and run our Services.

We use your Personal Data to create and manage your personal account at TGTG and to process your orders.

  1. Personalize experiences on our Services, better understand our Customers and gain customer insights

We use your Personal Data to conduct analyses in order to provide you with relevant functionality. This includes showing you a map or list view of nearby stores and suggesting the most relevant stores for you.

  1. Communicate with you and respond to your requests

When registering an account with us, you have a choice of receiving announcements about us and our products and Services via email and/or push notifications. If you consent to such messages, we may use your Personal Data and Other Information to communicate with you about the TGTG products or Services you have purchased or used and to notify you of other products, promotions and Services we think may be of interest to you. You can manage your communication preferences at any time from the mobile applications.

We may use your Personal Data to respond to your requests for technical support, online services, product information or to any other communication you initiate. This includes accessing your account to address technical support requests.

Additionally, when you request it, we will use your Personal Data to enroll you in contests, programs, or offers. We also may use your Personal Data to notify you of promotions and other special offers.

Please note that irrespective of your email and push notifications settings, we may send you notifications pertaining to the performance of our Services, such as revision of our Terms or this Privacy Policy or other formal communications relating to products or Services you have purchased or use. This also includes emails, push notifications and text messages in the event one or more of your purchases are cancelled by a store. We do this to avoid a situation where you show up at a store to pick up food when the store has no surplus food left to sell.

  1. Tailor our advertising and marketing

We use Personal Data and Other Information to assist us in our advertising and marketing campaigns, to provide you with information on the products and Services that we think are most relevant to you.

Where is your Personal Data stored?

The data that we collect from you is stored within the European Economic Area (“EEA”) but may also be transferred to and processed in a country outside of the EEA. Any such transfer of your Personal Data will be carried out in compliance with applicable laws.

For how long is your Personal Data stored?

TGTG will retain your Personal Data for as long as you maintain an Account or as needed to provide you the Services. We will also retain and use your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will retain your Personal Data until 5 years after the end of the year in which you delete your Account in order to comply with our legal obligations pursuant to the Danish Accounting Act or for the establishment, exercise or defence of legal claims

Who is responsible for your Personal Data?

Too Good To Go ApS (“TGTG”), is the controller of the Personal Data you submit to us and responsible for your Personal Data under the Danish Data Protection Act, which implements the EU Data Protection Directive (95/46/EC).

Who has access to your Personal Data?


Your data may be shared within the TGTG group. We never pass on, sell or swap your data for marketing purposes to third parties outside the Too Good To Go group. Data that is forwarded to third parties is only used to provide you with the services mentioned above, for example media services and agencies for distribution of newsletter and credit reference or debt collection agencies for the purpose of credit rating checks, identity checks and debt collection.

How do we protect your Personal Data?

We have taken technical and organisational measures to protect your data from loss, manipulation and unauthorised access. We continually adapt our security measures in line with technological progress and developments. To make card purchases with us as secure as possible, all information is sent in encrypted form. This means that the information is passed through a secure connection and that external parties cannot read your Personal Data. For card purchases, we work with PCP compliant Payment Service Providers that help us to check directly with your bank that the card is valid for purchases. Our Payment Service Providers process your card details according to the international security standards PCI DSS, which was developed by the card companies VISA, MasterCard, Diners, American Express and JCB. This means that your card details are processed with a very high level of security. When you pay by card, we reserve the right to carry out an identity check.

What are your rights?

You have the right to request information about the Personal Data we hold on you at any time. If your Personal Data is incorrect, incomplete or irrelevant, you can ask to have the information corrected or removed. You also have the right to request the processing of your Personal Data restricted and in some circumstances to data portability. We cannot remove your Personal Data when there is a legal storage requirement, such as accounting rules or when there are other legitimate grounds to keep the data, such as unsettled debts. You can withdraw your consent to us using the Personal Data for marketing purposes at any time. You can contact us either by sending a letter to Too Good To Go ApS, Customer Service, Landskronagade 66, 2100 København Ø, Denmark or by sending an email to [email protected] Your rights under the Data Protection Act will not be affected.

You may file a complaint with the Danish Data Protection Agency if you are dissatisfied with our processing of your Personal Data. You can find the contact details of the Danish Data Protection Agency on www.datatilsynet.dk.

Controller of Personal Data

Too Good To Go ApS

Landskronagade 66

2100 København Ø

Denmark

CVR-no. 37146668
E-mail: [email protected]

Mail address: Landskronagade 66, 2100 København Ø, Denmark