Privacy Policy (GDPR)

Processing of Personal Data

Vou You AB, 556998-1318, Åbäcksgatan 6, 431 67 Mölndal, Sweden (hereinafter referred to as Swedishface) is the personally responsible person for the processing of your personal data. Swedishface undertakes to respect and protect your personal data and personal integrity in accordance with applicable laws (including the EU Data Protection Regulation), industry rules and other relevant standards.

What is a personal data and what is the processing of personal data?

Personal data is any information that can be directly or indirectly attributed to a physical person who is in life. For example, name, address, social security number, e-mail address and telephone number. It may also be, for example, order number, shipping number, and IP address if they can be connected to natural persons.

Processing of personal data means all types of personal data management, such as collection, registration, storage, transfer and deletion.

Collection of information

We collect and process personal information about / when you:

• register as a customer with us
• place an order with us
• sign up for our newsletter
• contact us via email, contact form or text

By registering as a customer or our newsletter, or ordering goods by us, you agree that Swedishface stores and uses the information about your purchases and the contact details you provide.

When you order from us, we will never be able to access card details, bank account information, or your social security number. However, our payment partners may access such information when you enter it.

Security

Swedishface protects your personal data through multiple technical security measures. In case you have your own account registered on Swedishface.se, a personal password is required for access to this. To prevent unauthorized access to your password and account, we use salt and one-way password encryption. You are also responsible for yourself, because no unauthorized access to your password.

All of our payment service providers meet the security card PCI-DSS (Payment Card Industry Data Security Standard), which is a security standard for managing card information, developed by the payment card industry, including: MasterCard, Visa, Amex and Diners. The standard applies to anyone who deals with payment transactions for debit cards and credit cards.

Use of personal data

In order for us to handle your data, one of the following legal bases is required:

• Requirements to complete the agreement with you.
• Requirement to fulfill a Swedishface's legal obligation.
• The management lies in both your and Swedishface's interest.
• Consent of you for that particular treatment.

Below you can read what we use your data for, and what legal basis the treatment supports.

Receive and complete orders

The data is stored and used to fulfill our commitments to you, such as receiving payment, delivering the goods to your address, and, if necessary, contacting you regarding your order.

Legal basis: Completion of agreement.

Communications & Support

We can use personal information from your orders with us, as well as previous contact with us, to better satisfy your needs as a customer and provide you with better service.

If you have agreed to receive our newsletter by e-mail, the information will also be used for this. You can of course, at any time, notify us that you no longer want to receive our newsletter.

Legal basis: Importance, consent and performance of agreements.

Marketing and Analysis

In order to market relevant products to you according to your needs, we process information about what products you previously traded.

Legal basis: Importance and Consent.

To whom do we provide personal information

Partners and subcontractors

We treat your personal information with the utmost care. We strive to never share more personal information than absolutely necessary with each partner. & Nbsp; We guarantee that no information about you is resold or used for third party advertising. We take appropriate safeguards to ensure that your personal information is handled in accordance with applicable laws regarding safety and privacy. The same requirements apply to our subcontractors. For the following purposes, we may share certain data with the following partners and subcontractors.

Purpose: Marketing and Analysis

In order to market relevant products to you according to your needs, we process information about what products you previously traded.

Legal basis: Importance and Consent.

To whom do we provide personal information

Partners and subcontractors

We treat your personal information with the utmost care. We strive to never share more personal information than absolutely necessary with each partner. & Nbsp; We guarantee that no information about you is resold or used for third party advertising. We take appropriate safeguards to ensure that your personal information is handled in accordance with applicable laws regarding safety and privacy. The same requirements apply to our subcontractors. For the following purposes, we may share certain data with the following partners and subcontractors.

Purpose: Marketing and Analysis

Partner: Google
Personal data shared and why: Analysis data through third-party cookies for marketing and analysis to provide our customers with better services.
When the data is shared: If you visit our site and accept cookies.

Partner: Addwish
Personal data shared and why: Analysis data & nbsp; via third-party cookie and order data through the Promotional Marketing and Analysis API.
When the data is shared: If you visit our site and accept cookies.

Partner: CLERK
Personal data shared and why: Analysis data & nbsp; via third-party cookie and order data through the Promotional Marketing and Analysis API.
When the data is shared: If you visit our site and accept cookies.

Partner: Inesignal
Personal data shared and why: An anonymous ID (linked to your browser) for promotion via pushnotes.
When the data is shared: Only if you actively accept pushnotes.

Partner: Mailjet
Personal Information Shared and Why:Email Address. We send transactional emails through their SMTP relay.
When the data is shared: If you register as a customer or place orders with us.

Partner: Mailchimp
Personal data shared and why: Order data and email address, for general and personalized newsletters.

Purpose: To complete orders (payment and shipping)

Partner: Klarna
Personal information shared and why: Order information and data (including address and contact details) required to complete purchase / payment.
When the data is shared: If orders are completed in our default box, which uses "Klarna Checkout."

Partner: PayPal
Personal information shared and why: Order information and data (including address and contact details) required to make payment.
When the data is shared: If orders are paid in our alternative checkout with PayPal.

Partner: Stripe
Personal Information Shared and Why: Order Information and Data Required to Make Payment.
When the data is shared: If orders are paid in our alternative checkout, directly with Card via Stripe.

Partner: PostNord
Personal information shared and why: Address details and contact details for ordering.
When the data is shared: If orders are sent with PostNord.

Partner: DHL Freight
Personal information shared and why: Address details and contact details for ordering.
When the data is shared: If orders are sent by DHL.

Purpose: Other

Partner: GleSYS AB
Personal data shared and why: Manages the servers running our e-store system, order data and customer information are stored here.

Partner: Hjorten Revision
Personal data shared and why: For accounting purposes, accounting documents such as customer invoices can be shared.

If all or part of Swedishface's business is sold or integrated with other business, your personal information may be disclosed to our advisors, potential buyers and their advisors, and will be forwarded to the new owners of the business.

Authorities

Upon request, we may, by law and authority, be obliged to provide certain personal information to, for example, the Police or the Tax Agency.

How long do we store your personal data

We save personal information during the time there is a purpose for the treatment and for the time required for us as a supplier to fulfill our commitments or during the time we are required to do so by law.

Your right to personal data

When we process your personal information, you have certain rights under the law (EU Data Protection Ordinance). Please note that the exercise of these rights is subject to certain requirements and conditions specified in law.

You have the right to:

• access your personal information and information about how they are used;
• correct or complete your personal information;
• delete your personal information;
• limit the Use of Your Personal Information;
• access your personal information in a manageable format;
• to prohibit the use of your personal information;
• to revoke your consent for the use of your personal information.If you wish to avail of any of the above rights, please contact us.

We can not remove personal data and data required by the Accounting Act.

Policy Change

This policy can be updated by Swedishface at any time. We encourage you to review this policy to keep you informed of how Swedishface processes your personal information.

Last modified 2018-05-24

Do we use 'cookies'?

Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.