This personal data policy, together with our terms of sale, explains the processing of personal data that Trollbeads undertakes in connection with your use of our homepage www.trollbeads.com, buying of our products and signing up for our newsletters. The personal data policy aims to clarify what data we collect, why we collect it and what we use it for.
We reserve the right to update this personal data policy at any given time, and therefore you should visit this page on a regular basis to ensure that you are familiar with any potential changes to it.
The data that we collect
Personal data is information that can, in one way or another, be used to identify you such as, for example, your address, gender, name, etc.
We collect and store the data you have provided us with in connection with the use of our homepage, signing up for a user account and placing your order or giving us your consent to send you our newsletters.
The collected personal data will typically include your first and last name, address, email, phone number, payment information, etc.
Cookies are small text files that we use to improve and streamline your user experience and for website statistical purposes. The files are stored in your browser and allows us to recognise you when you revisit our homepage.
You can always reject cookies or delete existing ones by changing your browser settings. How you reject cookies varies from browser to browser. You should note, however, that if you reject cookies there may be certain functions and services that will be disabled when using the internet.
You can find more information on the individual cookies we use and the purposes we use them for in our cookie declaration in the footer on our website.
The list of cookies in the cookie declaration is continuously being updated.
How we use your personal data
The personal data you provide us with are used to complete your order, including to communicate with you concerning your order and to provide you with information and special deals, including special deals on similar products as the one(s) you have purchased (unless you have told us you do not want to receive such information). The personal data is also used to send you newsletters (hereinafter all of the above are referred to as "the Purpose").
We only process personal data on you that is relevant and sufficient to fulfil the Purpose.
How we store your personal data
Your personal data are stored on servers inside the EU, and your personal data will therefore always be covered by the General Data Protection Regulation. We only use data sub-processors from EU member states or from countries that can guarantee that your data is protected sufficiently.
Security and protection
We are continually monitoring that both we and our data processors have implemented the necessary technical and organisational security measures to ensure that your personal data are not accidentally or illegal destroyed, lost or degraded. In addition, we ensure that they are not shared with or accessed by unauthorised parties, misused or otherwise processed in violation of the rules in effect at any given time concerning the processing of personal data.
If we are exposed to a security breach where we assess that there is a high risk of your personal data being misused, we will inform you of this security breach without undue delay. We will also inform you of the measures we have undertaken to reduce the risk of your personal data being misused.
Sharing of your personal data
We can pass on your personal data to third parties when we believe this to be necessary in order to:
- comply with legislation, including if we are obliged to pass on or share your personal data with law enforcement authorities
- to apply or use our own terms of sale or
- to protect our rights, property, security, employees or others.
- Unless otherwise stated above, you will be informed when your personal data is shared with third parties and you will be able to prevent the sharing of this data.
Deletion of your personal data
Your personal data is stored for the period of time wherein it is allowed to do so under the General Data Protection Regulation, and we will delete your data when it is no longer necessary to retain it to fulfil the Purpose. The length of the period of time where your data will be stored depends on the nature of the data and the basis for storing it.
If you wish to delete your account along with your personal information, please login to your account, go to “Personal Data” section and “Delete my account”. Please note, this will permanently erase your personal information and we will not be able to reinstate your account.
If you wish to receive a copy of your personal data that we have on our records, you can make a request via email@example.com. Once we receive your request, we will send the data to you via e-mail within seven working days.
Pursuant to the provisions of the General Data Protection Regulation, you can always request information about and insight into what registered data we have on you and to object to this registration.
If you have created a user account on our homepage, you can at any time log in to your account and request a download copy of the information that we have stored on you. You can also send us an email at data@firstname.lastname@example.org
You can at any time demand that we rectify the data, object to our storing it or demand that we limit our processing of your personal data.
If you wish to complain about the processing of your personal data by us, please contact your local data protection authority:
Borgergade 28, 5
1300 Copenhagen K
Tel. +45 33 19 32 00
Fax +45 33 19 32 18
Your personal data is collected and processed by:
CVR no.: 28717024
1253 Copenhagen K