§1. What is Considered Personal Data??
Personal data includes all information that can be used to identify a specific, living individual, either directly or indirectly. Digital images and/or sound recordings are also included in this definition, even if the individual is not named. Furthermore, encrypted data and different forms of digital identifiers such as IP addresses are considered personal data if they can be used to identify a natural person.
§2. What Personal Data Do We Collect and for What Purposes?
Care of Carl AB (Swedish Organisation Number 556800-5739) is responsible for the collection and processing of the personal data you share with us such as:
Administrating orders and your account with us (My Profile).
Physical marketing such as gifts and invitations.
Collection of the above personal data is necessary to allow us to fulfil the obligations stipulated in our Terms of Sale. If the above information is not shared with us, we are unable to fulfil our obligations and are required to annul your order.
Administrating orders and your account with us (My Profile).
Development of our products and services.
Marketing communications such as newsletters and informational e-mails. Receiving such marketing communications is dependent on the user actively consenting to do so by subscribing to our mailing list either on our homepage or when placing an order.
Only when using our personal style consultancy service.
§3 How Long is Your Personal Data Stored?
Your personal data will never be stored for longer than necessary for the above purposes.
Your personal data will be stored for three (3) years or until you actively choose to delete your information. At this point, only information necessary to comply with the Swedish Accountancy Act.
§4 How Do We Protect Your Personal Data?
We are the sole owners of the data collected via our website. Your personally identifiable information will not be sold or shared with any third-party company without your explicit consent. Your data may however be shared with our subcontractors (data processors).
§4.1. Who Will Have Access to Your Personal Data?
Your personal data may be shared and processed by selected partners such as our hosting provider or social media for the purposes stipulated in (2). Where necessary for our products and services, your personal data will be shared with our data processors. A data processor is an organisation with whom we have a personal data processing agreement to ensure maximal protection of our customers’ data.
§4.2 Who Will Have Access to Your Personal Data?
Your information is only shared with data processors when it is necessary to do regarding the purpose for which it has been collected (e.g., the fulfilment obligations stipulated in the terms of sale or in the membership terms of our loyalty programme). We thoroughly assess and verify all of our data processors to ensure the security of our customers’ personal data. Written contracts are in place with each of our data processors in which they guarantee that all personal data will be stored and processed in a secure manner meeting our stringent privacy requirements.
We take many different steps to protect your personal data. Personal data is only shared with those employees for whom it is necessary (e.g., customer service or billing) and all personally identifiable information is securely stored. Your data will not be stored longer than the time stipulated in (3).
Personal data may also be shared with our suppliers if deemed necessary to fulfil our obligations to you as a customer. All of our suppliers are required to sign a personal data processing agreement with Care of Carl AB to ensure the highest levels of protection.
§5 Cancelling Your Subscription
The e-mail address you provide may be used to send you information regarding your order as well as our newsletter. If you no longer wish to receive such communications, you can easily unsubscribe by clicking on the link at the bottom of every e-mail. If you need help, please contact us at email@example.com.
§6 Your Rights as a Registered Customer
The right to request information.
The right to access your personal data.
The right to rectification.
The right to erasure (“right to be forgotten”)
The right to object.
The right of data portability.
The right to lodge a complaint.
The right to compensation.
As a customer, you have the right to request to see how much of your personal data has been stored with us once a year without incurring any charges. This can be done by sending a written request to the address provided. You also retain the right to ask us to correct or remove any incorrect information we may hold about you.
As a customer, you have the right to be forgotten and have your personal data deleted from our systems. Necessary information such as your name and address will however be stored in our accounting system for the sole purpose of fulfilling our obligations according to the Swedish Accountancy Act. Data such as your telephone number, e-mail address, IP address and, where applicable, personal or national registration number will be removed. We would also like to remind you that advertising based on browser cookies must be inactivated by you the user in your web browser’s settings.
To be removed from our systems, please send an e-mail to firstname.lastname@example.org in which you clearly state that you wish for us to delete all personal data relating to you as an individual. You will then receive written confirmation when this has been done. Please Note: If you choose to be removed from our systems, it is up to you to provide evidence of prior purchases where necessary.
As a customer, you also retain the right to data portability, meaning that personal data collected through active consent or through the fulfilment of an agreement with us can, following an explicit request by the user themselves, be transferred to another data collector.
You also have the right to object to the way in which your personal information is processed and used in our systems. The right to object is relevant in circumstances where personal data is used in purposes deemed to be in the public interest or in the exercise of official authority and other legitimate interests.
If you believe that we as a data collector have used your data in a way that breaches GDPR regulations, you can make an official complaint to your country’s data protection authority, who will decide whether an inspection is required.
Regarding the right to compensation, the European Commission explains that “[you]” can claim compensation if a company or organisation hasn’t respected the data protection law and you’ve suffered material damages (for example financial loss) or non-material damages (for example distress or loss of reputation)”. Claims can be filed directly with the company or organisation concerned or before the national courts of each EU Member State.
For more information on your rights as a customer pertaining to the collection and processing of personal data, please see the website of your national data protection authority.
§7 What are Cookies and How Do We Use Them?
Cookies are used to maximise the functionality of a website and thereby improve your shopping experience, for example to keep track of which items you have added to your basket. Cookies are text files that are stored locally on your device which help websites to identify each individual customer.
There are two main types of cookies, both of which are used by Careofcarl.com. The first type is permanently stored on your device and provides us with information about how you as a customer navigate our website.
The second type are known as “session cookies”: When visiting our website, our server will ascribe your device a unique identification string in order to avoid confusing you with other visitors. Such session cookies are erased as soon as you close your web browser and are never permanently stored on your device. Care of Carl AB also makes use of third-party cookies to provide the optimal shopping experience. The functionality of our website is dependent on having cookies activated.
§7.1 Can Users Control How Cookies are Used?
Yes. If you do not wish to receive cookies, the function can be inactivated in your web browser’s security settings. The way in which this can be done depends on which browser you are using. Inactivating cookies will, however, limit the functionality of our website.
More information about cookies can be found at https://gdpr.eu/cookies.
The following describes how to deactivate interest-based advertising that takes place on other platforms, but please note that this can only be done by you the user.
To deactivate interest-based advertising on Facebook:
https://www.facebook.com/ads/preferences, under the heading “Ad Preferences”.
To deactivate interest-based advertising on Google:
If you are not logged in to a Google account, visit https://adssettings.google.com/anonymous and click on the two blue toggles next to the relevant headings so that they are greyed out before choosing “Deactivate” in the message boxes that appear.
If you are logged in to your Google account, visit https://adssettings.google.com/authenticated and click on the blue toggle to the right of the heading so that it is greyed out before choosing “Deactivate” in the message box that appears.
To deactivate interest-based advertising from Criteo:
Visit https://www.criteo.com/privacy. Under the heading “2/ Criteo Sponsored Products” click on both boxes next to turn the “Opt-out” setting to “on”.
§8 Minors (Under 18 Years of Age)
We do not consciously collect personal data from those under 18 years of age. If you fall into this category, you will need permission from a parent or guardian to shop with us. If we are made aware that we have collected personal data from those under 18 years of age without consent from a parent or guardian, steps will be taken to ensure it is deleted.
The duration of your agreement with us begins at the moment you place an order or register an account with us. An account will be created automatically when you place your first order.
§10 Questions Regarding Data Protection and the Use of Personal Data?
If you have any questions, our customer service team can be reached by e-mail at email@example.com or by telephone at +46 (0)10-707 95 80 Mon-Fri 08:00-17:00 CET (intl. rates apply)