As the person responsible for personal data, I , Pratik Sankhe or the company is responsible for ensuring that all processing of your personal data takes place in accordance with the Data Protection Ordinance (GDPR). This personal data policy explains in more detail which personal data we process and what the purpose of the personal data processing is. The policy also describes what rights you have and how you enforce them and what we do to securely handle your personal data.
a) What is personal data and what does the processing of personal data mean?
All kinds of information that is directly or indirectly attributable to a natural person who is alive constitutes personal data. Examples can be names, address information, pictures but also encrypted information or various types of electronic identities such as IP numbers constitute personal information. Processing means everything we do with your personal data. Processing can be, for example, collection, storage, registration, sorting, processing, transfer or deletion of the data.
b) Who is responsible for personal data and what does this mean?
Pratik Vinod Sankhe (with Swedish organization number 870826-5379) is responsible for personal data for the company’s processing of personal data. This means that I have a responsibility to process your personal data in accordance with applicable privacy protection legislation, including the Data Protection Regulation (GDPR). If we hire a subcontractor to process your personal data, the subcontractor is a personal data assistant.
c) What personal data we collect and why we collect it
When you register as a customer with us, we ask you to provide information about name, address, e-mail address and telephone number. We do this to be able to administer the customer relationship, process your reports and orders, compile statistics, meet the legislator’s requirements for accounting, market our offer to you, conduct customer surveys and to be able to contact you if necessary. When we conduct customer surveys, all personal data is de-identified.
In addition, we may collect certain personal information from external sources in the form of credit information and address updates.
If you provide your personal information to us in connection with the purchase and registration, your personal information is used to handle these specific matters. We will also use the information to communicate with you and to fulfill our obligations to you. We thus make the assessment that there is a legal basis for the processing of personal data so that we can fulfill our contractual relationship with you as a customer. We may contact you for marketing purposes by letter or e-mail unless you have notified us that you do not wish to be contacted. In doing so, we assess in a balance of interests that there is a legitimate interest in communicating with you about our products that outweigh the need for protection of your personal data.
After your customer relationship has ended, we will save your information about name, address, e-mail address, telephone number and order history in order to inform you about offers and news about our products that we believe may be of interest to you. However, this does not apply if you have informed us that you do not want to be contacted for the said purpose.
All personal data processing that takes place after the purpose has been achieved is based solely on requirements according to law or consent from you. The company is required by law to process certain personal data in connection with bookkeeping and accounting. In accordance with the Accounting Act, the company has an obligation to save certain information, e.g. information on payment transactions, for seven years after the end of the financial year.
Your personal data can also be used for accounting, invoicing and auditing, payment verification, administrative and legal issues, statistics and marketing analyzes in order to improve our services, our website and its user-friendliness, our systems and their development and maintenance and for customer surveys.
If you are under 18 years of age and are to enter into a purchase, you must have the consent of the guardian before you provide your personal information and include the purchase.
By submitting your personal data to us in connection with the purchase or registration, you are deemed to consent to the above processing of personal data. However, you have the right to withdraw your consent to the processing of personal data at any time.
Our policy includes not requesting or processing sensitive information from our customers. Therefore, do not provide us with any sensitive information (information about, for example, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health or sexual life).
d) How we have taken your information?
The personal data processed by us has been obtained from you through registration in the manner specified in point (a) above and from external sources in the form of credit information and address updates. If you contact us by e-mail, we will make an assessment of whether we need to follow up your case later for legal or service-oriented reasons. Otherwise, the email will be deleted after we reply to you.
e) If you make a purchase by card
In order for our payment service provider to be able to make payment for what you buy from us, information about your payment card will be transferred to them. This information is processed exclusively by our supplier and in accordance with our personal data assistant agreement with the supplier.
We only process your payment details (but not credit card numbers) to the extent and for as long as necessary to ensure efficient handling of any problems with debiting, cancellation of purchases and credit.
f) Direct marketing through electronic communication
As stated in point (c) above, we may use your personal information to send newsletters and offers about our products that we believe may be of interest to you. We offer all our customers the opportunity to receive marketing regarding our products and services. If you do not wish to receive any marketing from us, you can follow the instructions that come with each e-mail or by contacting us at email@example.com
g) Security and how we protect your personal information
All personal data is processed in a secure environment. Our website uses SSL encryption.
h) What are cookies and how do we use them?
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
(k) Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
(l) Correction and deletion of personal data
Incorrect or incomplete personal data, or such data we have no legal basis for processing, will be corrected or deleted on the Company’s own initiative or at your request. All data that is no longer needed to fulfill the purposes of the processing of personal data specified in point 3 above will be deleted.
(m) Storage period
Your personal data will be stored for as long as is necessary for the purposes set out in point (c)above. However, the company will not store your personal information for longer than two (2) years after the customer membership has ended.
(n) Your rights and regulatory information
You have the right to receive information about what data we process about you as well as the right to request correction, deletion or transfer of personal data and the right to request restriction of the processing of your personal data. You also have the right to request an extract from the register of the information stored about you.
If you have questions about the information we process about you or want to exercise any of your rights, you can contact us, see our contact information below.
If you have complaints regarding our processing of your personal data, you always have the right to contact the supervisory authority: Datainspektionen, Box 8114, 104 20 Stockholm, firstname.lastname@example.org.
(o) Contact details of the personal data controller
Responsible for the processing of your personal data is Pratik Vinod Sankhe (organization number 870826–5379), Klostergatan 3, Strängnäs
If you want to update or change the information provided or have questions or comments regarding our products and services, the information we process or your rights, you are welcome to contact us via e-mail: email@example.com
(p) Updates to the personal data policy
We may change this personal data policy. We do this to be able to adapt the policy to changes in applicable legislation, commercial needs or to satisfy the needs of our customers, marketing partners and service providers. Updated versions will be published on our website.