EU DATA PROTECTION REGULATION, GDPR.
GDPR places higher demands on how we as a company handle your personal data. At House of FAB AB, we protect your personal integrity and always strive to maintain a high level of data protection. In order for you to feel safe in our handling of your personal data, we have therefore produced a privacy policy that shows how we ensure that your personal data is processed in accordance with current legislation. The privacy policy describes how we collect, use, save, disclose and protect your personal data and what rights you have. The privacy policy applies when House of FAB provides products in connection with purchases and other contact, such as website visits.
PERSONAL DATA
In the policy, we define the term “personal data” as information that can, directly or indirectly, identify a natural person. The term does not include information that has been anonymized so that it cannot be linked to, or identify a natural person.
PERSONAL DATA CONTROLLER
Responsible for the handling of personal data is House of FAB AB (559175-0301).
PERSONAL DATA WE COLLECT
Order and delivery information In connection with purchases, we only ask you to provide information that is necessary for us to be able to fulfill our agreement, provide you with correct service and ensure safe delivery. When you complete your purchase and select a payment method, you are therefore asked:
• Name
• Email address
• Postal code
• Social security number (only stored by external payment provider when required for selected payment method)
• Civil registration address
• Mobile number
• Payment details
In connection with a purchase, the information required for the selected payment method is provided, for example social security number and/or account details. We use external payment providers that are clearly stated at the time of purchase, who handle all our payments and we therefore never store any of your payment details in our systems.
TECHNICAL DATA
Information about the equipment you use when visiting our website, such as IP address, your device, operating system and browser and version.
CUSTOMER INFORMATION
We also collect information about your visitor statistics, which goods or offers you have shown interest in and how you interact with our newsletters. We save information about your historical purchases in order to provide you with better service.
CONTACT WITH CUSTOMER SERVICE
Information that you provide in connection with contacting customer service via e-mail or call may be used to administer your purchase, for example to correct incomplete personal data. We urge you as a customer not to provide sensitive personal data to us in an unstructured format (e.g. free text in e-mail).
PURPOSE AND LEGAL BASIS
In order for our processing of your personal data to be permitted, it is required that we have a legal basis for our processing. Below are some examples of categories of the personal data that we collect and the legal basis for our processing. Your personal data will never be used for a purpose other than that for which it was initially collected without our obtaining your consent.
EXAMPLES OF CATEGORIES OF PERSONAL DATA THAT WE PROCESS
| Category | Explanation | Exemples of personal data | Legal basis |
|---|---|---|---|
| Offers | Information about which offers you have received from us, when you received offers and whether you used them or not. | Offer, validity, redeemed or not | Legitimate interest |
| Order- & delivery information | Information about goods and delivery for the purchase of a product or service. | Product, price, order date, delivery address & delivery method. | Fulfillment of agreement |
| Subscription information | Information about your subscriptions with us, for example newsletters. | Date of subscription signed and subscription ID. | Legitimate interest |
| Purchase information | Information about your previously completed purchases. | Purchased products, amount, payment method, transaction ID, delivery address & date. | Legitimate interest |
| User-generated data | Data that you have provided through your behavior and use of our internal & external digital channels. | Click history, website behavior, opening frequency of newsletters and favorite products. | Legitimate interest |
| Customer segment | Information about which customer segments / customer groups you belong to. | Segment name and segment ID. | Legitimate interest |
| Identity data | Data that can potentially identify a person. | Name, username, email address, delivery address and IP address. | Fulfillment of agreement |
We use your personal data to provide you with information about goods or services (such as marketing materials, promotions or offers). This can be through e-mail, advertisements, SMS and postal mailings to the extent permitted by current legislation. For more information about our contests and other promotions, please see the rules or details attached to each contest/promotion.
YOUR RIGHTS
In connection with the entry into force of the GDPR, you have several rights in relation to the processing of personal data about you. You can exercise these rights by contacting us.
RIGHT OF ACCESS
In accordance with the law, you have the right to request information from us free of charge about which of your personal data we process and the purpose of our processing. In cases where we are unable to fulfill your wishes, we will notify you of this and state why. In the event of an inquiry, we may request information that proves your identity to ensure that your personal data does not reach unauthorized persons. We will send the register extract to your civil registry address or verified e-mail address.
RIGHT TO CORRECTION
You have the right to request that your personal data be corrected without undue delay if the data is incorrect or incomplete.
RIGHT TO ERASURE
You have the right to request the deletion of your personal data provided that:
• The data are no longer necessary for the purposes for which they have been collected or processed.
• You have withdrawn a consent on which the processing is based and there is then no longer any legal basis for the processing.
• You object to an interest balancing of legitimate interest that the Company has done, and there is no legitimate interest for the Company that outweighs the risk to you as an individual (you have the right to see how the balancing has been done by the Company).
• The personal data has been collected or processed in an illegal manner.
• The personal data must be deleted to fulfill a legal obligation to which the Company is subject.
We cannot always comply with your request for deletion, for example if: The processing is needed to exercise someone’s right to freedom of expression and information, To fulfill a legal obligation to which we are subject, To be able to establish, enforce or defend legal claims.
RIGHT TO RESTRICTION
In some cases, you have the right to request that our processing of your personal data be restricted. Restriction means that the information is marked and in the future may only be used for certain limiting purposes. For example, this may apply if you believe that your personal data is incorrect and request correction. Then the use of your personal data can be limited during the time that accuracy is investigated. When any restriction ends, you will be informed of this. Right to object to a certain type of treatment: As a matter of law, you have the right to object to a certain type of treatment.
LEGITIMATE INTEREST
You have the right to object to processing, which is based on a legitimate interest that we have, for reasons relating to your specific situation. We may continue to process data, even though you have objected to the processing, if we have compelling legitimate reasons for the processing that outweigh your privacy interest.
ADVERTISING, MARKETING AND PROMOTIONS
You can cancel communications and marketing at any time by contacting us. Please note that even if you opt out of marketing communications, you will still receive administrative communications from us, such as order confirmations or other transactional information, notifications about account activities (account confirmations, password changes, etc.) and other important communications.
RIGHT TO DATA PORTABILITY
You have the right to receive a copy of the personal data processed about you in a structured format (data portability). The right to data portability only covers information that you yourself have provided to us and that we process with the support of certain legal grounds, for example a contract with you.
PROTECTION OF YOUR PERSONAL DATA
LIMITED ACCESS
Only authorized personnel have access to your personal data during working hours. Which personal data is handled is determined by the purpose and scope of the work task.
STORAGE OF PERSONAL DATA
In accordance with current legislation, we only process your personal data for as long as is necessary to fulfill the purposes for which your personal data was collected or to fulfill our legal obligations. Your personal data will be securely stored within the group, in a structured format and we strive to store data within the EU/EEA. If any of our partners are located outside the EU/EEA, protective measures will be taken to ensure that the personal data continues to be protected and that any transfer takes place in accordance with the law to countries outside the EU/EEA.
ACTION BY US
We store your personal data in systems that use appropriate security measures to prevent unauthorized access. We follow reasonable standards for the protection of personal data. We inform all employees about how we work together as a company to protect the personal data we process. In the event of a data breach or loss of sensitive personal data, the supervisory authority will be notified and in cases where the loss poses a particular risk to individuals, they will also be informed. We use secure method of data transfer. Data you provide when ordering is encrypted using the TLS method before being transmitted. TLS, Transport Layer Security, is the most proven method on the Internet to protect data and ensure safe data transmission. We always use the TLS method when transferring sensitive data.
ACTIONS BY YOU
We ask you as a customer to join in and work for safe and secure data handling. Do not disclose information to unauthorized persons and never provide more information than necessary. Choose a difficult password and change it regularly. Log out of your account every time you leave the computer (be extra careful when using a shared or public computer). Avoid writing sensitive personal data in plain text, for example via e-mail to customer service.
INFORMATION TO THIRD PARTIES
It is important to us that you feel secure in our handling of your personal data. We undertake to process and store your personal data in accordance with current legislation and we will never disclose your personal data to unauthorized parties or resell your personal data to third parties.
COOPERATION PARTNERS
In order for us to be able to fulfill our part of the agreement, we use subcontractors and partners. These help us, among other things, with delivery, payment and invoicing services, customer service, etc. Only the personal data that is necessary to be able to complete the agreement will be provided to the parties concerned.
KLARNA’S DATA PROTECTION POLICY
In order to be able to offer you Klarna’s payment methods, we may share your personal data in the form of contact details and order information with Klarna at checkout, so that Klarna can assess whether you can choose the payment methods, as well as to adapt them for you. Your shared personal data is processed according to Klarna’s own data protection information.
PAYPAL’S PRIVACY POLICY
The same applies to PayPal. In order to be able to offer you PayPal’s payment methods, at checkout we may share your personal information in the form of contact details and order information with PayPal, so that PayPal can assess whether you can choose the payment methods, as well as to adapt them for you. Your personal data that is shared is processed in accordance with PayPal’s own Privacy Notice.
LEGAL REASONS
In the event of suspicion of criminal activity, we may share your personal data with us in order to answer questions in connection with, for example, a criminal investigation. In accordance with existing laws, information is provided to the police or other competent authority to fulfill our legal obligations.
FAB UNDERWEAR’S COOKIES
Fabunderwear.com uses cookies. A cookie is a small text file that a visited website requests to save on your computer. Cookies are used to give visitors access to various functions, the information can also be used to follow a visitor’s browsing.
There are two main types of cookies: Session cookies and Persistent Cookies.
• Session cookies are deleted from the computer as soon as you close the browser.
• Persistent cookies are stored on the computer until they are deleted or reach their expiration date.
Your browser must accept cookies in order for you to add items to the shopping cart. Session cookies store a unique ID for the visit to fabunderwear.com. Cookies on fabunderwear.com are used to identify your shopping cart, save information about you in an order, to keep statistics on visitors to fabunderwear.com and to display ads on fabunderwear.com and on other websites. The session cookie disappears during inactivity or when the browser is closed. If you object to the storage of cookies, you can deactivate the function by going to “settings” in your browser. House of FAB AB cannot guarantee that all functions on fabunderwear.com will then work as intended. FAB Underwear uses cookies on this website for the following purposes:
• To collect data about the user via the Google Analytics tools.
• To enable sharing to our social media.
• To show recommendations to users who have already visited the website.
• To enable JavaScript for the social sharing website AddThis on the client side so that the user can see the updated count if a page is shared.
GOOGLE’S COOKIES
FAB Underwear uses Google Analytics to analyze the use of this website. Google Analytics generates statistics and other information about the use of the website with the help of cookies, which are stored on users’ computers. The information generated for our website is used to create reports on website usage. In short, Google’s cookies do the following:
• They determine which domain is to be measured.
• They distinguish unique users.
• They store the number and time of previous visits.
• They store information about traffic sources.
• They determine the beginning and end of a session.
• They store the values of custom variables at the customer level.
Google stores and uses this information for between 30 minutes and 2 years, depending on the type of cookie.
Source: Google privacy policy https://policies.google.com/privacy
REFUSE COOKIES
In most browsers, you can refuse to accept cookies.
INTERNET EXPLORER: Refuse by clicking “Tools” – “Internet Options” – “Privacy” – and select “Block all cookies” with the slider.
FIREFOX: Refuse cookies by clicking “Tools” – “Options” – “Privacy”. SAFARI: Adjust by clicking “Settings” – “Privacy”.
CHROME: Here they are adjusted by clicking on “Settings” and “Privacy”. However, blocking cookies will have a negative impact on the usability of some websites.
CHANGES, VIEWS, COMPLAINTS AND CONTACT
CHANGES
Fab Underwear reserves the right to make changes to the privacy policy. Changes of a significant nature are communicated in good time before they come into force and you then have the right to terminate the agreement with us before the change comes into force.
COMPLAINT
If you have views on, objections to our processing of your personal data based on applicable laws and regulations, we ask that you report this to us as soon as possible. You also have the right to contact the Swedish Data Protection Authority in case of complaints about our handling of personal data.
CONTACT DETAILS
House of FAB AB, Email: contact@fabunderwear.com