Dansk Deutsch

Privacy policy

Protecting your personal data is important to us. With these notices, we inform you about which personal data we process on this website, for what purposes we do so, and which rights you have as a data subject.

Data processing is carried out on the basis of the EU General Data Protection Regulation (GDPR) as well as the applicable national data protection laws. We are obliged to process your data only to the extent necessary and for specific purposes, and to protect it through appropriate technical and organizational measures.

Please read the information below carefully to understand how we handle your data, especially in connection with newsletter distribution, analytics tools, and other online services we use for SugarFatFree.

1. Data controller

The party responsible for data processing on this website is:
SugarFatFree
represented by: Christopher Jorns Andersen
Address: Frederikshaldparken 8, 8300 Odder, Denmark

Email: c@sugarfatfree.com
Phone: +45 44 11 66 11
Website: https://sugarfatfree.com

The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

2. Definitions and legal bases

2.1 Personal data

Personal data means any information relating to an identified or identifiable natural person, e.g., name, email address, IP address, and user behavior.

2.2 Legal bases under the GDPR

Depending on the purpose, we base the processing on the following legal grounds:

  • Art. 6(1)(a) GDPR — Consent (e.g., newsletter, certain cookies, marketing tracking)

  • Art. 6(1)(b) GDPR — Performance of a contract or pre-contractual measures (e.g., communication with prospective users)

  • Art. 6(1)(f) GDPR — Legitimate interests (e.g., technically necessary analysis of website usage, IT security)

Where we ask for your consent (e.g., cookie banner, newsletter), you can withdraw it at any time with effect for the future.

3. Hosting and server log files

Our website is hosted by the following provider:

All-Inkl.com / Neue Medien Münnich

When you visit our website, the hosting provider automatically collects and stores information in so-called server log files. This includes, among other things:

  • IP address

  • Date and time of the request

  • Time zone difference to Greenwich Mean Time (GMT)

  • Content of the request (specific page)

  • Access status / HTTP status code

  • Amount of data transferred in each case

  • Website from which the request originates (referrer URL)

  • Browser type, browser version, operating system


This data is processed in order to:

  • ensure a stable connection to the website,

  • evaluate system security and stability,

  • detect and resolve technical issues.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in operating and securing the website). The log files are generally deleted automatically after [e.g., 7–30 days], unless longer retention is required for evidentiary purposes.

4. Contact (email, contact form)

If you contact us by email or (if applicable) via a contact form, we process the information you provide (e.g., name, email address, message content) in order to handle your request.

The data is processed:

  • to respond to your inquiry, and

  • if necessary, to initiate or carry out a contractual relationship.

Depending on the nature of your request, the legal basis is Art. 6(1)(b) GDPR (contract-related inquiry) or Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries).

We store your inquiries for as long as necessary for processing and to comply with retention obligations (e.g., under commercial or tax law).

5. Newsletter and email communication (MailerLite)

We offer interested users the option to subscribe to a newsletter in which we provide information about SugarFatFree content and offers. We use the service MailerLite to send this newsletter.

If you subscribe to our newsletter, the data you provide (e.g., email address and, if applicable, name) will be transmitted to MailerLite and processed there for the purpose of sending and analyzing the newsletter. In particular, open and click rates may be recorded in order to improve our content.

Your data is processed on the basis of your consent under Art. 6(1)(a) GDPR. You can withdraw this consent at any time with effect for the future by unsubscribing via the unsubscribe link in the newsletter or by sending us a corresponding message.

We have concluded a data processing agreement (Data Processing Agreement) with MailerLite in accordance with Art. 28 GDPR. Under this agreement, MailerLite is obliged to process personal data only in accordance with our instructions, to implement appropriate technical and organizational measures to protect the data, and to comply with the requirements of the GDPR.

6. Web analytics and statistics (e.g., Google Analytics / comparable tools)

To improve our content and better understand how our website is used, we may use web analytics tools (e.g., Google Analytics or comparable services).

The analysis is generally carried out in a pseudonymized manner; IP addresses may be shortened. The information generated about the use of the website (including the IP address in shortened form) may be transmitted to the respective provider’s servers and stored there.

Where required, we obtain your consent in advance via the cookie banner. The legal basis is then Art. 6(1)(a) GDPR. Without your consent, only technically necessary data is processed.

You can withdraw any consent you have given at any time, for example by:

  • adjusting your settings in the cookie banner (if implemented), or

  • using corresponding browser settings (blocking cookies / tracking).

7. Cookies and similar technologies

Our website uses cookies or comparable technologies (e.g., local storage) in certain areas in order to:

  • provide basic website functions (e.g., language settings, login areas),

  • enable statistical analysis of website usage,

  • support marketing measures where applicable (e.g., remarketing, social media pixels).

7.1 Essential cookies

Essential cookies are required for operating the website and cannot be disabled if you want to use our site. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in the technically error-free and secure provision of the website).

7.2 Optional cookies (statistics, marketing)

We use optional cookies (e.g., for web analytics, social media, or marketing) only with your consent (Art. 6(1)(a) GDPR).

You can withdraw or change your consent at any time via the cookie banner (if available) or through your browser settings.

8. Embedding third-party content (e.g. YouTube, social media)

We may embed content from third-party providers on our pages, e.g.:

  • YouTube videos

  • Embedded posts from Instagram, Facebook, Pinterest

  • Fonts or icons from external content delivery networks (CDNs)

This requires the providers of such content to process your IP address in order to deliver the content to your browser. In many cases, additional information is also processed (e.g., device information and, where applicable, cookies or similar technologies).

Where required, we obtain your consent before embedding such content via the cookie or consent banner. The legal basis is then Art. 6(1)(a) GDPR.

If you are logged into your account with a third-party provider (e.g., Google/YouTube, Meta), that provider may be able to associate your visit to our website with your respective profile. You can usually prevent this by logging out of the relevant service beforehand or choosing appropriate privacy settings.

9. Social media presences (Instagram, Facebook, Pinterest, YouTube, etc.)

We maintain publicly accessible profiles on social networks (e.g., Instagram, Facebook, Pinterest, YouTube) in order to communicate with interested users and to provide information about our content and offers.

When you visit our social media pages, personal data is collected and processed by the operators of the respective platforms, e.g.:

  • usage and interaction data (likes, comments, messages),

  • statistical analyses (“Insights”),

  • where applicable, profile data if you are logged in there.

Data processing on the platforms themselves is carried out on the basis of the terms of use and privacy policies of the respective providers.

Where we analyze data provided by the platforms (e.g., statistics on reach and audience), we rely on Art. 6(1)(f) GDPR (legitimate interest in communication and public presence).

If you communicate with us directly via social media (e.g., by direct message), we process your information to respond to your inquiry; the legal basis is accordingly Art. 6(1)(b) or Art. 6(1)(f) GDPR.

10. Recipients of data and data processing on our behalf (data processors)

Depending on the purpose of processing, the following categories of recipients may have access to personal data:

  • IT and hosting service providers

  • Email and newsletter service providers (e.g., MailerLite)

  • Web analytics and marketing service providers

  • Where applicable, external service providers for support, consulting, or maintenance

We conclude data processing agreements with service providers who process personal data on our behalf (Art. 28 GDPR) to ensure compliant handling of data.

11. Transfers to third countries (outside the EU/EEA)

Some of the service providers we use may operate their servers outside the EU/EEA (e.g., in the USA or other countries). In such cases, we ensure that an adequate level of data protection is maintained, for example through:

  • adequacy decisions of the European Commission,

  • entering into Standard Contractual Clauses (SCCs) with the service providers,

  • additional technical and organizational measures.

You can find details in the privacy notices of the respective services, or request them from us.

12. Retention period

We store personal data only for as long as necessary for the respective purposes, or as required by statutory retention periods.

Categories of retention periods:

  • Newsletter data: until you withdraw your consent or unsubscribe from the newsletter; afterwards, storage only in a suppression list where necessary to prevent future mailings.

  • Contact inquiries: for as long as necessary to process the inquiry and any follow-up questions; possibly longer if required by law.

  • Server log files: typically [e.g., 7–30 days], unless longer retention is necessary for security or evidentiary reasons.

13. Your rights as a data subject

You have the following rights under the applicable legal requirements:

  • Right of access (Art. 15 GDPR): You can request information about which personal data we process about you.

  • Right to rectification (Art. 16 GDPR): You can request the correction of inaccurate data or the completion of incomplete data.

  • Right to erasure (Art. 17 GDPR): You can request the deletion of your data, provided no statutory retention obligations conflict with this.

  • Right to restriction of processing (Art. 18 GDPR): You can request that the processing of your data be restricted.

  • Right to data portability (Art. 20 GDPR): You can receive certain data in a structured, commonly used, and machine-readable format or have it transferred to another controller.

  • Right to object (Art. 21 GDPR): You can object to the processing of your data on grounds relating to your particular situation, insofar as it is based on Art. 6(1)(e) or (f) GDPR.

  • Right to withdraw consent (Art. 7(3) GDPR): You can withdraw any consent you have given at any time with effect for the future.

To exercise your rights, you can contact us at any time using the contact details provided above.

14. Right to lodge a complaint with a supervisory authority

If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a data protection supervisory authority. This may, in particular, be the supervisory authority in your place of residence, your place of work, or the place of the alleged infringement.

15. Data security

We implement appropriate technical and organizational measures to protect your data against loss, misuse, unauthorized access, or unlawful processing. These include, for example:

  • the use of SSL/TLS encryption on our website,

  • access restrictions for administrative areas,

  • regular updates of software and systems.

Despite careful implementation, complete protection against all risks on the internet cannot be guaranteed.

16. Updates and changes to this privacy policy

This privacy policy is currently valid and is dated 02/12/2025.

Due to the further development of our website or changes in legal and/or regulatory requirements, it may become necessary to update this privacy policy. The current version can be accessed at any time on our website under the “Privacy Policy” menu item.

© 2025 SugarFatFree