When you shop from an online store, ours or someone else, you leave your information about yourself. Where you live, what email address you have and what you shop. Here we describe how we handle your personal data.
The basis of everything we do is to treat our customers as we ourselves want to be treated, always. This also applies when it comes to information.
We hope you feel safe with how we treat your personal data and want to continue shopping with us.
GDPR – YOUR RIGHTS
General Data Protection Regulation is an EU regulation that regulates how we may process personal data. It replaces PUL (the Personal Data Act) from May 25, 2018.
You can read more about the law and your rights on the Swedish Data Inspection’s website.
SUMMARY OF OUR INFORMATION MANAGEMENT
We collect as little information as possible. The information we collect is the information that is required to fulfill our commitment to you and to enable you to fulfill your commitment to us (i.e. pay for your order).
When you pay by card, you must state your credit card number. It goes via a secure server and Ecster handles card payments for us.
We also need to know which products you order and we need your e-mail address and phone number to be able to contact you with delivery message, changed information etc.
HOW DO WE USE THIS INFORMATION?
We use the information to dispatch your order. We use your email address to send you information if you have requested it. If you no longer want information from us then you can easily cancel an information letter via a link in the information email and will not be contacted by us again.
WHY DO WE SAVE INFORMATION?
We save information for accounting reasons. We need to be able to report the basis for the tax authority.
REMOVE YOUR INFORMATION FROM OUR DATABASE
The information we save is only available as a basis for the financial transaction and is retained for legal reasons and therefore cannot be deleted.
If you have any questions, please contact us at email@example.com
WHAT SYSTEMS ARE IN PLAY?
When you shop with us, your order goes through several steps to enable us to process and send your goods to you.
The following systems / suppliers we work with and your information may need to be processed by some of these.
- One.com – the webservice provider for our domain, webserver and mail management system
- Ecster – when you pay at the checkout
- Visma – our accounting and business system
- Posten – if we send your delivery traceable through the service of Posten
If you have chosen to receive our newsletter, we also use a database through Amazon Web Services and a program called Sendy.
We use WooCommerce installed on a server at One.com. It contains a database where our products, our pages with text and everything else (including this page) you see in the webshop are saved. When you place an order at www.lovinlegs.com, this is done in WooCommerce.
Your order will then be placed in a database at One.com that we, One.com technicians and our technical consultants at Xponent.se have access to. One.com keeps the information for us but does not use it any way without our permission and without our request, the same goes for Xponent. It can happen if an order for some reason has not gone through or been doubled. Then our technicians can investigate the order and troubleshoot.
The order contains information about which products (for example, support socks or pantyhose) you bought from us, how you paid (but no information about credit card, social security number or similar) and the address we should send the goods to.
It is from One.com that you receive an e-mail notification that we have received your order and when we have sent your order.
If you make the change or send back goods to, we usually note it in WooCommerce. For example, such a note may look like this:
“170918: Customer had entered the wrong size, wants to change to a size larger.”
Here we can also save and post mail conversations linked to order and exchange. The purpose of this is to provide you with better service as a customer.
ECSTER AND SWISH
When you get to the checkout you have to pay for your goods. There you can choose between several different payment methods. Depending on the payment method, an external payment intermediary will receive information about your purchase.
VISMA – ACCOUNTING AND BUSINESS SYSTEMS
We use Visma for accounting. From Visma we take out invoice records that are used as accounting records. The invoice records contain names of the buyer, invoice number and amount. There is no information about the address, e-mail, telephone number or which goods are ordered.
We save the information in accordance with the Accounting Act, where you can read the following: “They must be preserved until the seventh year after the end of the calendar year when the fiscal year ended.”
In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
DATA PROTECTION RESPONSIBILITY AT LOVIN LEGS DESIGN AB
Our CEO is responsible for data protection and is responsible for ensuring that all employees are aware of how we process information. If you would like to contact our Data Protection Officer, please email us.
INFORMATION FOR OTHER ACTORS
We never leave your information to anyone else (except the above mentioned required to fulfill our commitment to you).
Exceptions are made if for some reason we are compelled by law or court decision.
You have several rights with GDPR. We have always respected our customers so for us it does not play such a big role except that it is now legal claims.
- You have the right to be forgotten / your data deleted
- You are entitled to register extracts
- You have the right to get any information corrected
- You have the right to data portability
- You have the right to withdraw your consent for the processing of data
- You have the right to file any complaints regarding the processing of personal data to the Data Inspectorate