Integritetspolicy

Senast uppdaterad: 2018-05-25

Integritet och marknadsföringspolicy

1. Generellt

Om du är kund, prenumerant eller bara besöker vår webbplats, gäller denna policy för dig. Denna sekretesspolicy förklarar hur vi samlar in, använder, lämnar och lagrar din personliga information, samt hur vi säkerställer att dina personuppgifter behandlas i enlighet med gällande lagstiftning.

2. Vem är ansvarig för personuppgifterna?

XTZ Group Aktiebolag, med organisationsnummer 556504-4947 och postadress GAMLA NISSASTIGEN 17, 314 41 Torup (i denna policy kallas "XTZ Group Aktiebolag" eller "Vi") är personligt ansvarig för behandling av dina personuppgifter när XTZ Group Aktiebolag tillhandahåller och marknadsför produkter och tjänster samt i andra kontakter med XTZ Group Aktiebolag, till exempel besök i vår webbutik eller servicefall via e -post och telefon. Som personuppgiftsansvarig är det XTZ Group Aktiebolags ansvar att se till att din information hanteras korrekt och säkert i enlighet med tillämplig lag.

3. Vilka personuppgifter om dig samlar vi in?

XTZ Group Aktiebolag samlar in och behandlar följande kategorier av personuppgifter om dig som kund eller potentiell kund i samband med köp och användning av våra tjänster och att vi marknadsför och marknadsför våra produkter och tjänster.

• Contact details such as name, surname, e-mail address, shipping address, invoice address and phone number.
  
  
• Account Information such as customer number, username, password and when the account was registered.
  
  
• Identification Number , i.e. social security number or organization number.
  
  
• Orderinformation such as order numbers, ordered products or services, order date, price, discount and purchase history.
  
  
• Payment details such as payment method, cardholder, transaction date, amount, IP address and payment history.
  
  
• Correspondence and other information about support issues such as notes and e-mail at the point of customer service.
  
  
• User generated data about your interaction with XTZ Group Aktiebolags market communications and websites, such as IP address, device information (technical information about computer, mobile phone and other devices that you use ex. browser settings, time zone, operating system), site information, questionnaire replies, clicks and visit history - which show, among other things, which of our products or offers you've been interested in, how you interact with our newsletters and which of your events you've signed up for and participated in, as well as results from customer satisfaction or market research.

4. Från vilka källor samlar vi in information om dig som kund?

1. Information about you is collected on these occasions in order for you to enter into an agreement with XTZ Group Aktiebolag and so that XTZ Group Aktiebolag shall be able to provide their products and services to you.
   
   When you:
   
   
   1. Make an order
      
      
   2. Viewing XTZ Group Aktiebolags website
      
      
   3. Fill in forms on our website, such as contact form, surveys or competitions
      
      
   4. Clicking links in digital marketing communications that we have sent to you
      
      
   5. Are in touch with our customer service and when you otherwise have contact with XTZ Group Aktiebolag and provide information about you.
2. If you have a member account then XTZ Group Aktiebolag also collect personal information about you when registering the account as well as while you are account holder, for example your purchase history.
3. In addition to the information XTZ Group Aktiebolag collect from you, we can also collect personal information from someone else, ie. from third parties. We retrieve information from third-party directory updates for address update, ex. Klarna, to automatically fill the checkout with your information. We retrieve credit rating data from credit rating agencies, disclosure companies or banks .ex. UC.
4. We also collect certain personal information through cookies that log how to use our site to order our products and services. You will find more information on how to use cookies in our cookiepolicy .

5. Varför samlar vi in personuppgifter om dig?

XTZ Group Aktiebolag samlar in och hanterar information om dig för olika ändamål. Dessa syften sätter gränser för vad vi får använda dina personuppgifter till. Nedan förklarar vi de olika syftena med vår samling och ger exempel på de behandlingsaktiviteter som sker för varje ändamål. Observera att vissa av dina personuppgifter kan behandlas för flera ändamål.

1. Manage orders and purchase
   
   Processing of personal data for this purpose includes activities such as identifying and checking your age, sending order confirmation, handling payment for ordered products and goods, and assessing the payment methods we can offer you (based on contact details, order items, payment history and financial information), deliver orders, notify of delivery as well as handling complaints and warranty issues regarding purchased products and services.
   
   The collection of data we do to handle your orders and purchases is required in order to fulfill our obligations under XTZ Group Aktiebolag general sales conditions . If the information is not provided by you, our obligations can not be fulfilled and the order can not be completed.
2. Provide and manage membership account
   
   We process personal data for this purpose in order to ex. give you permission to log in to your account, ensure your identity, create your personal pages, maintain correct contact information, facilitate you to shop in our online store through pre-filled data and saved digital shopping carts, facilitate you to handle cases and complaints as well as enable you to follow your order and payment history.
   
   Read more about registering an account in Membership terms . The collection of information we do to provide and manage your account is required to fulfill our obligations under the Account Terms and Conditions. If the information is not provided, our obligations can not be met and we may refuse your account registration or terminate your account..
3. Manage issues that come into our support features
   
   Processing of personal data for this purpose includes activities for: ex. communicate, ensure the customer's identity, investigate complaints and support cases, answer questions that come in to customer service or other support features via email, phone or digital channels, correct incorrect data, provide technical support and care for the customer relationship.
4. Completing legal obligations required by the business
   
   Personal data is processed for this purpose so that XTZ Group Aktiebolag should be able to meet the requirements of laws, judgments or government decisions. Examples of such requirements are product liability and product safety such as the development of communications and product alert information and product recalls (ex in case of defective or health hazardous product) and obligations to save certain information according to the accounting laws that can be attributed to an specific individual. If the information such as XTZ Group Aktiebolag collects in this context is not disclosed, our legal obligation can not be fulfilled and we may refuse your order., the purchase or the activity that gives rise to our legal obligations.
5. Prevent and stop crimes within our business
   
   Processing of personal data for this purpose is, inter alia, to prevent misuse of Member Accounts and to prevent and investigate suspicion of theft and fraud. Therefore, when you want to pay for goods on invoice, we conduct a fraud check where we analyze what products you want to buy, shipping address, value of products, etc. We flag action patterns that often occur in the context of fraud, and then a manual review is conducted to investigate the risk that it may be a fraud attempt. Suspected crimes and attempts at crimes may be reported to the police.
6. Evaluate, develop and improve services, products and systems for our customers in general
   
   Processing of personal data for this purpose includes activities to make our online store and other services more user-friendly, develop or highlight digital features, improve our customer offering (ex. development of services and products), develop support to improve product and logistics flows (ex. in order to forecast purchases, stocks and deliveries), develop and improve the company's product range and resource efficiency, and improve our IT system to enhance security, obtain statistics for market and customer analysis as well as business tracking and business and method development related to orders and purchases, automatically archive behaviors that may need to be reviewed for security reasons and allow customers to influence the range that XTZ Group Aktiebolag provide. In order to fulfill this purpose, XTZ Group Aktiebolag performs general analyzes in aggregated form, ie. not at the individual level, relating, among other things, to click and visitor behavior, device information, order history, payment history, geographic location, and individual customer feedback.

6. Enligt vilka rättsliga grunder behandlar vi dina personuppgifter?

För att XTZ Group Aktiebolag ska ha rätt att samla in och behandla dina personuppgifter måste det finnas en rättslig grund för varje ändamål som uppgifterna behandlas för. De rättsliga grunderna som vi bygger vår behandling på beskrivs i detta avsnitt. Observera att flera rättsliga grunder kan gälla för samma behandling.

1. Legal obligation
   
   This reason means that our treatment is necessary to fulfill a legal obligation required by XTZ Group Aktiebolag, for example, documenting payment information to meet the requirements of the accounting act.
2. Contractual obligations
   
   This reason means that processing is necessary to fulfill an agreement with you as a customer or to be able to enter into a contract at a later date. For you who hold a member account you have, by accepting the Terms of membership account , entered into an agreement with XTZ Group Aktiebolag which sets the limits for the processing of your personal information that may be provided to provide, manage and administer our services associated with the account. When ordering or purchasing, we process your information to fulfill obligations under XTZ Group Aktiebolags general terms of sale. Then it can ex. be necessary for XTZ Group Aktiebolag to register your contact details so that we can fulfill our obligation to deliver the product or service and that we make a credit check if you choose invoice as payment method so we can ensure your payment ability.
3. Legitimate interest
   
   This reason means that our treatment is based on one s.k. interest balance of legitimate interest. This means that the processing is done because XTZ Group Aktiebolag judge that we have legitimate interests in processing your personal data that weighs heavier than your interest in not having your data processed. For this reason, we processess your personal information, among other things, to prevent misuse of Membership Accounts, and to stop, prevent and investigate crime within the scope of our business. If we judge that crimes or attempts have been committed and we make a police report, XTZ Group Aktiebolag will continue to process your personal information in order to determine, defend or enforce legal claims.

7. Hur länge sparar vi din personliga information?

7.1 XTZ Group Aktiebolag sparar dina personuppgifter så länge det är nödvändigt för att uppfylla de syften för vilka uppgifterna behandlas. Lagringstiden beror på i vilket syfte uppgifterna behandlas. Dessutom kan XTZ Group Aktiebolag spara data längre om det behövs för att fastställa, försvara eller verkställa rättsliga anspråk, ex. om en tvist pågår eller om ett kriminalregister har lämnats till polismyndigheten. Vi gör regelbundet gallringar och tar bort personlig information som inte längre är nödvändig.

7.2 XTZ Group Aktiebolag sparar personlig information som är kopplad till ditt medlemskonto så länge du är aktiv genom att interagera med XTZ Group Aktiebolag på olika sätt. Om du har varit inaktiv under en viss period kommer kontot automatiskt att avslutas och personuppgifterna som vi har samlat in och behandlat för att tillhandahålla ett medlemskonto och de tjänster som är kopplade till kontoinnehavaren kommer att raderas. Läs mer om detta och hur vi definierar inaktiva kunder i Villkor för medlemskonto .

8. Översikt över vår behandling av personuppgifter

Nedan har vi gjort en sammanfattning av vår behandling av personuppgifter för att tydligt förklara vilka kategorier av personuppgifter vi behandlar för våra olika ändamål, den rättsliga grund som vår behandling bygger på och hur länge vi lagrar uppgifterna.

9. Vem delar vi dina personuppgifter med?

1. XTZ Group Aktiebolag may disclose your information to other companies in order to share our offers, products and services. The recipients of your personal information can be data processors to XTZ Group Aktiebolag, ex. companies that process your information on our behalf and according to our instructions, or independently Data controllers, ex. Companies who are responsible for processing your information as they have a direct relationship with you as a customer such as Klarna.
2. XTZ Group Aktiebolag may also disclose your information to authorities if it is necessary to comply with law, regulation or authority decision or so that XTZ Group Aktiebolag shall be able to determine, defend or enforce legal claims.
3. Depending on what contacts you have had with XTZ Group Aktiebolag, ex if you are a member of a member account or receive market communication, then XTZ Group Aktiebolag can submit your personal information to the following recipients:
   
   
   1. Companies providing information from the public records or other public records to ensure that we have the correct contact information so that we can handle your orders and purchases as well as your Member Account and the services associated with your account. The information provided is the identification number and contact details based on our contractual obligations to you on a legal basis.
      
      
   2. Analysis and marketing companies that provide services such as automated marketing tools, analysis, communication, print and distribution. These recipients help XTZ Group Aktiebolag to analyze your information, as well as to inform about and promote the products and services that XTZ Group Aktiebolag sell. The information provided is contact information, account information, customer settings, order details and user-generated data based on legitimate interest as well as our contractual obligations to you as the holder of a Member Account on a legal basis.
      
      
   3. Government agencies, such as the Swedish Police Office or the Swedish Tax Agency, which we are obliged to disclose your personal data according to law or authority decision or which we provide personal data due to suspicion of crime or attempted crime. The categories of information provided are contact details, identification numbers, account information, order information, payment information, user-generated data and video recordings based on legal obligations that are due to XTZ Group Aktiebolag or for us to determine, defend or enforce legal claims.
4. In addition, if you place an order or make purchases from XTZ Group Aktiebolag, we may disclose your personal information to the following recipients in the context of handling your orders and purchases based on our contractual obligations to you as a legal basis:
   
   
   1. Suppliers, manufacturers, distributors and subcontractors of products and services that XTZ Group Aktiebolag sells, among other things, providing the products and services as well as assisting us with support services such as maintenance, repair and disposal of returned products. The information provided is contact information and order information.
      
      
   2. Logistics companies and shipping providers who help us with shipping so that we can deliver our products and services to you. We provide contact information and order information to these recipients.
      
      
   3. Insurers who provide insurance for some of our products and services. The information given when you choose to take out insurance is contact information and order information.
      
      
   4. Collaborators and payment solutions, such as card issuers, banks, credit institutions and other financial partners, who make payments and offer you different financing solutions. The information provided is contact information, identification number and payment details.
      
      
   5. Credit rating agencies, credit reporting agencies or banks providing us with information to ensure your payment ability, ex, credit reports, when applying for credit in the context of managing your orders and purchases.
      
      
   6. Businesses that provide financial services such as bank balances and debt collection services that ensure XTZ Group Aktiebolag are paid for delivered products and services in the context of managing your orders and purchases. The information provided is contact information, identification number, order information and payment details.
5. XTZ Group Aktiebolag will not sell your personal information to third parties unless we have your permission.

10. Var lagrar vi dina personuppgifter?

XTZ Group Aktiebolag kommer främst att hantera dina personuppgifter inom EU/EES. Vi kan dock också överföra dina personuppgifter till ett land utanför EU om vi behöver dela din information med XTZ Group Aktiebolags leverantörer eller partners utanför eller lagra personuppgifter i ett land utanför EU.

Om dina personuppgifter överförs till något land utanför EU/EES kommer XTZ Group Aktiebolag att vidta nödvändiga åtgärder för att lagligt överföra dina personuppgifter genom att säkerställa att dina personuppgifter hanteras säkert och med en tillräcklig skyddsnivå som är jämförbar med det skydd som erbjuds inom EU/EES, till exempel genom att ingå avtal med mottagaren som inkluderar EU -kommissionens standardavtalsklausuler eller, om de överförs till USA, genom att mottagaren intygar att principerna för Privacy Shield följs.

11. Vilka rättigheter har du som registrerad kund?

XTZ Group Aktiebolag ansvarar för behandling av dina personuppgifter i enlighet med tillämplig lagstiftning. Detta avsnitt beskriver dina rättigheter relaterade till vår behandling av dina personuppgifter. På din begäran eller på eget initiativ kommer vi att korrigera, anonymisera, radera eller komplettera information som befunnits vara felaktig, ofullständig eller vilseledande. Om du har frågor om detta eller vill utöva några rättigheter, vänligen kontakta oss med informationen längst ner i denna policy.

1. Right to your personal information
   
   XTZ Group Aktiebolag want to be open with how we handle your personal information. If you want to understand the processing we do about you, you are entitled to request information about the processing, including a copy of your personal data being processed, a so-called "transcript". Please note that upon request for access, we may ask for further information about you to ensure that we provide the information to the correct person and the information you wish to receive. We complete data requests within 30 days, depending on the current load of our staff.
2. Right to correct your personal information
   
   If the information we have about you is incorrect, you are entitled to request that they be corrected. You are also entitled to supplement any incomplete personal data, for example, if we have the correct street address but do not have street numbers. At your request, we will correct the incorrect or incomplete information we process about you as quickly as possible.
3. Right to be forgotten (deletion of your personal data)
   
   You are entitled to request that we remove your personal information when:
   
   
   1. The data was processed illegally
      
      
   2. Must be deleted to comply with a legal obligation that XTZ Group Aktiebolag is covered by
      
      
   3. No longer necessary for the purposes for which they have been treated
      
      
   4. or when you object to a balance of interest of legitimate interest that XTZ Group Aktiebolag have done and there is no legitimate interest for XTZ Group Aktiebolag or third party who weighs heavier.
      
      However, we can not always accommodate your request as there may be grounds for giving us the right to continue processing, for example, if personal data is processed to fulfill a legal obligation as a legal basis (as per the requirements of the Accounting Act) or if the information is necessary for us to determine, enforce or defend legal claims.
4. Right to data portability
   
   You are entitled to receive a copy of the personal data relating to you in a structured format and, in some cases, transfer the data to another data controller. However, this right only includes information that you have provided to XTZ Group Aktiebolag and which we treat with the support of consent or contractual obligation to you as a legal basis. We complete data requests within 30 days, depending on the current load of our staff.
5. Right to limit processing of your data
   
   You are entitled to request that our processing of your personal data be limited in certain situations, which means that the data may only be processed for certain purposes. For example, you may request a restriction of incorrect information when you have requested a correction. Meanwhile, when XTZ Group Aktiebolag investigating the correctness of the data, their treatment will be limited.
6. Right to object to certain types of data processing
   
   When XTZ Group Aktiebolag is processing your personal data based on interest weighing of legitimate interest as a legal basis or for direct marketing, you are rightly opposed to our processing.
   
   Opposition to XTZ Group Aktiebolags balancing of interests can be done when you have personal reasons regarding the situation. In such objection, XTZ Group Aktiebolag assesses if our legitimate reasons for processing, weigh heavier in interest than protecting your privacy. If so, XTZ Group Aktiebolag will continue to process your personal information even though you have opposed your processing.
   
   Additionally, you are given the opportunity to object to promotion at each individual digital mail by selecting to unsubscribe. If you oppose direct marketing, we will discontinue processing of your personal information for that purpose as well as all types of direct marketing measures such as sending newsletters.

Om du upptäcker att vi hanterar dina personuppgifter felaktigt är du välkommen att kontakta oss. Kontaktinformation finns längst ner i denna policy. Du har också rätt att lämna in klagomål angående behandlingen av dina personuppgifter till Datainspektionen som ansvarar för övervakningen av personuppgifter i Sverige.

12. Personuppgifter om barn

XTZ Group Aktiebolag samlar inte in eller behandlar inte personuppgifter för barn under 16 år. Om barn under 16 år har gett oss personuppgifter raderar vi dem så snart vi har blivit varnade. Alla vårdnadshavare kan kontakta oss nedan.

13. Hur skyddar vi din personliga information?

Du bör alltid kunna känna dig trygg när du lämnar dina personuppgifter till oss. XTZ Group Aktiebolag har därför vidtagit lämpliga tekniska och organisatoriska säkerhetsåtgärder för att skydda dina personuppgifter mot olämplig eller ofrivillig avslöjande, användning, felaktig åtkomst, radering, ändring eller skada på dina personuppgifter.

Till exempel lagras all kundinformation bakom en brandvägg och databaser för behörighetshantering, så att endast anställda i XTZ Group Aktiebolag och partners genom överenskommelse - som behöver åtkomst till dina uppgifter för att utföra specifika uppgifter - har sådan åtkomst.

14. Tillämpning och ändring av sekretesspolicyn

Den senaste versionen av XTZ Group Aktiebolags sekretesspolicy är alltid tillgänglig på vår webbplats. Vår sekretesspolicy gäller när som helst i vilken form som helst och för innehållet som publiceras på webbplatsen.

XTZ Group Aktiebolag har rätt att när som helst uppdatera sekretesspolicyn. Om sekretesspolicyn ändras kommer den uppdaterade policyn att publiceras på webbplatsen XTZ Group Aktiebolag. Du kommer också att informeras om att sekretesspolicyn har ändrats nästa gång du loggar in på ditt medlemskonto. Vi kan också informera dig via e -post om det sker stora ändringar av sekretesspolicyn. Om du inte vill acceptera den ändrade policyn kan du avsluta ditt medlemskonto genom att kontakta kundsupport, se kontaktuppgifterna längst ner i denna policy.

15. Kontaktuppgifter

Tveka inte att kontakta oss om du har frågor om denna sekretesspolicy eller om du vill ha mer information om vår behandling av dina personuppgifter eller om någon information skulle vara felaktig och du vill att vi ska korrigera den.

Företagsnamn: XTZ Group Aktiebolag
Företags-ID: 556504-4947
Adress: GAMLA NISSASTIGEN 17
Postnummer & Stad: 314 41 Torup
Telefonnummer: +46 (0) 345-20049
E-post: [email protected]