PRIVACY POLICY

Astrid Sweden AB, reg.no 559210-7170 (“ASTRID Sweden,” “we,” “us” or “our”) will process your personal data when you are visiting and using the services provided at DanielWellington.com or purchase products in our stores. We strive to be transparent in what we do with our visitors’ and customers’ personal data and have therefore adopted this privacy policy. Below you will find information on what kind of personal data we process, why we do it, what we use it for and how we may share it. ASTRID Sweden is the data controller of any processing of your personal data, unless otherwise stated in this privacy policy.

WHAT PERSONAL DATA DO WE PROCESS?

We collect personal data when you (i) purchase phone cases and other items, (ii) sign up for our newsletter (iii) request support and (iv) are browsing our website. Such personal data will include your name, e-mail address, telephone number, delivery address, IP address, behavior on the website and other information that you voluntarily provide us.

PURPOSE, LEGAL GROUND AND STORAGE PERIOD

We will only use your personal data for the purposes and on the legal grounds set out below. Further, we will only use your personal data during the period set out under “Storage period”, after which period your personal data will be erased.

PURCHASES

Purpose of processing : When you purchase phone cases or other goods and/or services, we will process your personal data to fulfil our contractual obligations towards you (see Terms of Use).

Legal ground for processing : The processing is necessary for our performance of the contract with you (i.e. Terms of Use).

Storage period : We will process your personal data during the term of our contract (including the statutory warranty period of three years) and we will thereafter erase your personal data. The storage period also applies to any unsuccessful purchase due to lack of funds in your account. We also save your personal data due to legal requirements (accounting legislation) for 7 years.

direCT MARKETING

Purpose of processing : When you sign up for our newsletter (direct marketing), we will process your personal data to provide the services as requested by you. Our direct marketing may be based on profiling, which means that we will customize the information that you receive from us based on certain factors. We use the following types of personal data to compile a profile: your gender, your location, your previous purchases, your behavior on our website, and/or your previous behavior when receiving direct marketing from us.

Legal ground for processing : The processing is necessary for our legitimate interests to maintain good customer relations.

Storage period : If you opt-out or unsubscribe from our marketing (including profiling), we will no longer process your personal data for this purpose. Unless there is another legal ground for keeping your data (such as a valid purchase contract).

SUPPORT

Purpose of processing : When you request support via email, we will process your personal data to be able to assist you with the relevant matter.

Legal ground for processing : If we provide this service on the basis of an agreement with you, we consider the processing of your personal data to be necessary for the performance of the contract to which you are party. In other cases, we consider the processing of your personal data in the above context to be based on our legitimate interest to provide you with the best customer service possible.

Storage period : We will erase your data within three years after the relevant matter has been finally resolved.

checkout reminder

Purpose of processing : If you have initiated a purchase at our website and if you have provided your e-mail address in connection therewith but have not completed the final step of your purchase, we will send you an e-mail with a link to your shopping cart for the purposes of reminding you of your uncompleted purchase.

Legal ground for processing : The processing is necessary for our and your legitimate interest to remind you of your uncompleted purchase.

Storage period : We will erase your data, within one month after the checkout reminder, unless there is another legal ground for keeping your data (such as a valid purchase contract). Opt-out is possible by contacting support@astridsweden.com.

browsing

Ändamålet med behandlingen: När du använder vår webbplats behandlar vi dina personuppgifter i syfte att förbättra vår webbplats samt för marknadsföringsändamål.

Rättslig grund för behandlingen: Behandlingen krävs för vårt berättigade intresse av att förbättra vår webbplats samt för återmarknadsföring. Mer information finns i avsnittet ”Cookies”.

Lagringsperiod : Mer information finns i avsnittet ”Cookies”.

fraud prevention

Purpose of processing : We will process your personal data for the purposes of carrying out risk analysis, fraud prevention and risk management.

Legal ground for processing : The processing is necessary for our legitimate interests to prevent fraud and to handle risks.

Storage period : We will erase any personal data used for this purpose on a six-month basis, unless there is another legal ground for keeping your data. Upon a purchase that has been cancelled due to fraud prevention, we will delete your personal data two years after the unsuccessful purchase.

analysis of data

Purpose of processing : We will analyze your personal data, in order to compile aggregated tracking data (including to analyze visitors’ use of our sites by tracking information such as page views, traffic flows, search terms and click throughs) for the purposes of to continuously being able to offer a more user-friendly experience.

Legal ground for processing : The processing is based on the consent that you provide to us if you accept our Performance Cookies (see “Cookies” below).

Storage period : The storage period for each of our Performance Cookies can be found under the section “Cookies” below.

who do we share your personal data with?

Only the people who need to process personal data for the purposes mentioned above have access to your personal data. We may need to share your personal data with our group companies. We further may need to allow our suppliers access to your personal data when they perform services on our behalf, mainly to provide support and maintenance of IT systems, storage services and marketing. Any transfer of data outside the EU/EEA is made in line with data protection laws. Our international transfers of personal data (including transfers to our group companies and suppliers outside the EU/EEA) are based on the EU Commission’s standard contractual clauses. The standard contractual clauses may be found here. For personal data transfers to some of our suppliers in the US, these companies are also certified by the EU-U.S. Privacy Shield, which is administrated by the International Trade Administration (www.privacyshield.gov). 

We are currently sharing personal data with the following suppliers: 

  • Klaviyo in the US for email marketing
  • Google in the US for customer support via email’
  • Facebook in the US for marketing
  • Amazon in Ireland for IT cloud services

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

Independent data controllers with whom we share your personal information that have their own policies are:

  1. Government agencies (police, tax authorities or other authorities) if we are required to do so by law or in suspicion of crime.
  2. Companies dealing with general freight transport (logistics companies and freight forwarders).
  3. Businesses offering payment solutions (card-insolvent companies, banks and other payment service providers).

In particular, remember that certain providers may be located in or have facilities that are located at a different jurisdiction than either you or us. So, if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

your rights

You are entitled to the following rights under applicable laws:

  • The right to access : you may at any time request to access your personal data. Upon request, we will provide a copy of your personal data in a commonly used electronic form.
  • The right to rectification : you are entitled to obtain rectification of inaccurate personal data and to have incomplete personal data completed.
  • The right to erasure (“right to be forgotten”) : under certain circumstances (including processing on the basis of your consent), you may request us to delete your personal data. Please note that this right is not unconditional. Therefore, an attempt to invoke the right might not lead to an action from us.
  • The right to object : to certain processing activities conducted by the us in relation to your personal data, such as our processing of your personal data based on our legitimate interest. The right to object also applies to processing of your personal data for direct marketing purposes.
  • The right to restriction of processing : you may under certain circumstances request from us to restrict the processing of your personal data. Please note that this right is not unconditional. Therefore, an attempt to invoke the right might not lead to an action from us.
  • The right to data portability : you are entitled to receive your personal data (or have your personal data directly transmitted to another data controller) in a structured, commonly used and machine-readable format.

Finally, you also have the right to lodge a complaint with the supervisory authority in Sweden, which currently is Datainspektionen, under name change to Integritetsskyddsmyndigheten.

cookies

As part of our approach to providing personalized services on our website, we use cookies to store and sometimes track information about you. A cookie is a small data file sent to your browser from a web server and stored on your hard drive that allows easier access the next time the same page is visited. For example, a cookie is sent when you sign-up to download products or information on our website. If you do not want your personal information to be stored by cookies, you can configure your browser so that it notifies you whenever a cookie is received. This way you can decide each time to accept cookies or not. However, the use of cookies may be necessary to provide certain features and choosing to reject cookies may reduce the functionality of our website. Your browser should include precise instructions explaining how to control the acceptance of cookies.

To be transparent, we have summarized the cookies used on our website below. Our website is regularly scanned to have an up-to-date list of cookies used.

Name: viewed_cookie_policy
Supplier: GDPR Cookie Consent
Storage period: 365 days
Description: Used to store the user’s choice of accepting or rejecting the use of cookies on the website. The cookie doesn’t store any personal data.  

Namn: cookielawinfo-checkbox-non-necessary
Supplier: GDPR Cookie Consent
Storage period: 365 days
Description: Used to store the user’s acceptance of non-necessary cookies.

Name: cookielawinfo-checkbox-necessary
Supplier: GDPR Cookie Consent
Storage period: 365 dagar
Description: Used to store the user’s acceptance of necessary cookies.

Name: wordpress_test_cookie
Supplier: WordPress
Storage period: None
Type: 1st party

Name: _ga
Supplier: Google Analytics
Storage period: 2 years
Type: 1st party
Description: Used to identify unique users.

Name: _gid
Supplier: Google Analytics
Storage period: 24 timmar
Type: 1st party
Description: Used to identify unique users.

Name: _fbp
Supplier: Facebook
Storage period: 90 days
Type: 1st party
Description: Used to store and track visits on the website.

Name: _hjid
Supplier: Hotjar
Storage period: 365 days
Description: Used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.

Name: _hjAbsoluteSessionInProgress
Supplier: Hotjar
Storage period: 30 min
Description: used to detect the first pageview session of a user. This is a True/False flag set by the cookie.

Name: _hjIncludedInPageviewSample 
Supplier: Hotjar
Storage period: 30 min
Description: Used to let Hotjar know whether a visitor is included in the data sampling defined by the website’s pageview limit.

Name: _hjIncludedInSessionSample
Supplier: Hotjar
Storage period: 30 min
Description: Used to let Hotjar know whether that visitor is included in the data sampling defined by your site’s daily session limit.

Name: _pin_unauth
Supplier: Pinterest
Storage period: 1 day
Type: 1st party
Description: Used to group visitors that cannot be identified by Pinterest.

Name: KL_FORMS_MODAL
Supplier: Klaviyo
Storage period: 1 year
Description: Tracks when someone subscribes (opts-in to a form).

Name:__kla_id
Supplier: Klaviyo
Storage period: 2 years
Description: Tracks when someone clicks through from a Klaviyo email to ASTRID Sweden’s website.

Name: woocommerce_recently_viewed
Supplier: Woocommerce
Storage period: Session
Description: Used to store performed actions on the website.

data security

We employ appropriate technical and organizational security measures to help protect your personal data against loss and to guard against access by unauthorized persons. Appropriate security measures we have taken include implementing secure private connections, traceability, disaster recovery and access limitations. We regularly review our security policies and procedures to ensure our systems are secure and protected.

contact information

If you have any questions relating to our handling of your personal data or our use of cookies or if you would like to invoke any of your rights under applicable privacy legislation, please contact us at: support@astridsweden.com.

changes to this website’s PRIvacy policy 

If we change how we handle your personal data or how we use cookies, we will promptly update this website privacy policy and publish it on this website.

Last updated: 19th March 2021