1. What our data policy covers
Responsible for your data is Nallebjörn (2438711-5) – Hereafter referred to as Nallebjörn.
On Nallebjörn’s website, there are links to third party websites which are out of our control. Please ensure you read their privacy policies since our organisation does not control these.
2. Data collected by Nallebjörn
Here it is described what data we collect when using our services. When you register as a customer or place an order we collect:
3. Use of personal data
We make use of personal data:
Besides for the above mentioned reasons, we use personal data to understand customer behaviour in order to improve our services in for instance online marketing or regarding products that might interest you.
4. Sharing of personal data
Sharing inside the Nallebjörn organisation
Personal information is available to employees inside Nallebjörn.
Sharing with vendors and partners
Nallebjörn can share your personal information with vendors and partners.
Sharing with service providers
We share only information that is necessary for service providers to fulfil their service.
To improve and optimise the user experience on our website, we use so-called tracking technologies. Nallebjörn uses them to see which pages and products customers have visited to improve the quality of the content and products we provide. For those purposes, Nallebjörn uses two main services: Google Analytics & Console and Facebook.
Nallebjörn website uses Google (Universal) Analytics from Google Inc. Google Analytics can read certain text files (cookies) located on the client’s computer. Nallebjörn does not share or get any customer information, such as name or contact details through Google Analytics. Location of the client is roughly determined by IP address in use. The data provided through Google Analytics is encrypted. For better marketing analysis Google Analytics will store cookie information for 38 months.
To prevent the transmission of cookie-generated information, the client can install a browser plug-in. But in doing so, the customer will opt-out not only from Nallebjörn but also from any other website which uses Google Analytics. You can get the plug-in from this link.
Marketing and advertisement
Sharing with other organisations
We might share your data with other organisations under exceptional circumstances, for instance if:
5. Protection of your personal data
All personal data is stored on our own servers and backup systems. We use encryption and firewall to minimise the risk of leaks of personal data. Servers and a backup systems have limited physical access. All data transferred from customer devices are transferred via HTTPS so its encrypted between your device and our servers.
Personal data might be transferred and stored outside EEA (European Economic Area) by our service providers.
6. Period personal data is stored and deletion of personal data
We store personal data until you ask for its removal.
We might also be limited for technical, legal, or regulatory reasons to delete your data. We remove your personal data on request by you.
7. Your rights to access to your personal information we have
You have the right to access what personal information we have on you. The easiest way to access this is to log on to your user account. Please correct or inform us if any personal data is incorrect. You have the right to have your personal data transferred to a third party of your choice. You can upon request ask us to limit the use of personal data if it has been used illegally, it’s no longer up to date, it’s incorrect or during the process of deletion of data.
You can also contact our customer service to get a statement on what information we have on you and request a transfer. We might ask you for proof of identity and details about our relationship to ensure that you’re the right person. Someone else can on your behalf also ask for your personal data. We will apart from in rare cases respond to you with your personal information within 20 working days after receiving and approving your request. We will evaluate each application separately to ensure it does not violate any other compliances we might have towards for instance authorities.
9. Change of data policy
Nallebjörn has the right to change data protection policy. Changes will be posted on our Data Protection Policy page (this is where you are now) a minimum of three days before it takes effect. Nallebjörn will always comply with EU Regulation 2016/679 – General Data Protection Regulation (GDPR). Full agreement can be found here.
If you have any questions regarding our Data Protection Policy please contact us by email.