PROCESSING OF PERSONAL DATA - FULFILMENT OF CONTRACT

1. GENERAL
1.1
This policy on the processing of personal data ("Privacy Policy") describes how svenskoedegaard.dk collects and processes information about you.
1.2
This privacy policy applies to personal data that you provide to us in connection with a purchase at svenskoedegaard.dk or an enquiry regarding one of our products, or that we collect via our website www.svenskoedegaard.dk
1.3
Svenskoedegaard.dk is the data controller for your personal data. All enquiries to svensoedegegaard.dk can be made via the contact details listed in section 7.
2. WHAT PERSONAL DATA DO WE COLLECT, FOR WHAT PURPOSES AND WHAT IS THE LEGAL BASIS FOR PROCESSING?
2.1
When you visit svenskoedegaard.dk, we automatically collect information about you and your use of svenskoedegaard.dk, such as the type of browser you use, the search terms you use on svenskoedegaard.dk, your IP address, including your network location, and information about your computer. In addition, our Cookie Policy applies when you use svenskoedegaard.dk.
2.1.1
The purpose is to optimise the user experience and the function of svenskoedegaard.dk and to carry out targeted marketing, including retargeting via e.g. Facebook and Google. This processing of information is necessary for us to fulfil our interests in improving svenskoedegaard.dk and showing you relevant offers.
2.1.2
The legal basis for the processing is Article 6(1)(f) of the EU General Data Protection Regulation.
2.2
When you purchase a product or communicate with us, we collect the information you provide, such as name, address, e-mail address, telephone number, payment method, information about which products you purchase and possibly have returned, delivery requests, and information about the IP address from which the order was placed if the order is placed on svenskoedegaard.dk.
2.2.1
The purpose is to enable us to deliver the products you have ordered and otherwise fulfil our agreement with you, including to administer your rights to complain and, if necessary, to contact you regarding relevant information about the product you have purchased. We may also process information about your booking to comply with legal requirements, including product withdrawal, bookkeeping and accounting. When booking on svenskoedegaard.dk, the IP address is collected for the purpose of our interest in preventing fraud.
2.2.2
The legal basis for the processing is Article 6(1)(b), (c) and (f) of the EU General Data Protection Regulation.
2.3
When you sign up for our newsletter, we collect information about your name and email address.
2.3.1
The purpose is to fulfil our interest in delivering newsletters to you.
2.3.2
The legal basis for the processing is Article 6(1)(f) of the EU General Data Protection Regulation.
RECIPIENTS OF PERSONAL DATA
3.1
Information may be transferred to external partners who process the information on our behalf. We use external partners for, among other things, technical operation of systems and improvements to svensoedegaard.dk, sending newsletters and targeted marketing, including retargeting, and for your assessment of our company and products. These companies are data processors who are under our instructions and process data for which we are the data controller. The data processors may not use the data for any purpose other than fulfilment of the agreement with us and are subject to confidentiality. We have entered into written data processing agreements with all data processors who process personal data on our behalf.
3.2
Some of these data processors, such as Google Analytics v/Google LLC. and Facebook Inc. are established in the USA. The necessary guarantees for the transfer of data to the USA are ensured through the data processor's certification under the EU-U.S. Privacy Shield, cf. Article 45 of the EU Personal Data Regulation. To the extent that we use data processors other than those mentioned that are established outside the EU, this will always be done in compliance with valid transfer guarantees.
3.2.1
Copy of Google LLC's certification can be found here
3.2.2
Copy of Facebook Inc. certification can be found here
4.
YOUR RIGHTS
4.2
The right of access
4.2.1
You are entitled at any time to request information about, among other things, what information we have registered about you, what purpose the registration serves, what categories of personal data and recipients of information there may be, and information about the origin of the information.
4.2.2
You have the right to receive a copy of the personal data we process about you. If you would like a copy of your personal data, please send a written request to boafallbb@gmail.com. You will be asked to prove that you are who you say you are.
4.3
The right to rectification
4.3.1
You have the right to have incorrect personal data about you rectified by us. If you become aware that there are errors in the information we have registered about you, you are encouraged to contact us in writing so that the information can be corrected. You will be asked to document that you are who you say you are.
4.4
The right to erasure
4.4.1
In certain cases, you have the right to have all or some of your personal data erased by us, e.g. if you withdraw your consent and we have no other legal basis to continue processing. To the extent that continued processing of your data is necessary, for example in order for us to comply with our legal obligations or for the establishment, exercise or defence of legal claims, we are not obliged to delete your personal data. You will be asked to document that you are who you claim to be.
4.5
The right to restrict processing to storage
4.5.1
In certain cases, you have the right to have the processing of your personal data restricted to storage only, for example if you believe that the data we process about you is incorrect.
4.6
The right to data portability
4.6.1
In certain cases, you have the right to receive personal data that you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller.
4.7
The right to object
4.7.1
You have the right to object at any time to our processing of your personal data for direct marketing purposes, including profiling carried out in order to target our direct marketing, as this processing is carried out on the basis of our legitimate interests, cf. sections 2.1 and 2.3. If you do not want us to use your personal data for direct marketing and profiling, you must delete your cookies as mentioned in section 5.1 below.
4.8
The right to withdraw consent
4.8.1
You have the right at any time to withdraw any consent you have given us for a given processing of personal data, including for the sending of newsletters.
4.9
The right to complain
5.
ERASURE OF PERSONAL DATA
5.1
Information collected about your use of svenskoedegaard.dk in accordance with section 2.1 is deleted according to the rules in our Cookie Policy. The cookies that we provide ourselves are deleted no later than one year after you last visited the site, while third-party cookies have varying expiry dates. You can also read how you can delete your cookies yourself if you wish.
5.2
Information collected in connection with a booking you have made on svensoedegaard.dk, cf. section 2.2, will generally be deleted after 2 years after your booking. However, data may be stored for longer if we have a legitimate need for longer storage, for example if it is necessary for legal claims to be established, enforced or defended, or if storage is necessary for us to fulfil legal requirements.
5.3
Data collected in connection with your subscription to our newsletter, cf. section 2.3, will be deleted when your consent to the newsletter is withdrawn, unless we have another basis for processing the data.
6.
SAFETY
6.1
We have implemented appropriate technical and organisational security measures against accidental or unlawful destruction, loss, alteration or deterioration of personal data and against unauthorised disclosure or misuse.
6.2
Only employees who have a genuine need to access your personal data in order to perform their work will have access to it. 7.
CONTACT DETAILS
7.1
www.svenskoedegaard.dk by Mads Kramer is the data controller for the personal data collected via svenskoedegaard.dk.
7.2
If you have any questions or comments about this Privacy Policy, or if you wish to exercise one or more of your rights described in section 4, please contact
Svenskoedegaard.dk
Boafallsvägen 339-45, 29392 Jämshög, Sveringe
Phone number: 0046 76 262 89 56
Email: info@svenskoedegaard.dk
8.
CHANGES TO THE PRIVACY POLICY
8.1
If we make changes to the Privacy Policy, you will be informed of this on your next visit to svensoedegaard.dk.
If you wish to complain about Boafall Lodge Handelsbolag's processing of your personal data, this can be done to the Swedish Authority for Privacy Protection at Box 8114, 104 20 Stockholm, telephone 0046 (0) 8-657 61 00 - e-mail: imy@imy.se.