Personal Data and Cookies Policy

 

Our information

Kwadusa ApS

CVR.: 25 52 68 72

Gråbrødretorv 5, 1154 København K.

Tel: +45 31 90 60 20

Email: kwadusa@kwadusa.com

 

Protection of personal data

Data privacy is of high importance for us and we want to be open and transparent about how we collect, store and process your personal data. Thus, we have produced a personal data policy on how your personal data will be processed and protected.

 

The purpose

Our purpose of collecting personal data is to be able to send and bill orders correctly and to communicate with our customers during sales, process and follow-up. Furthermore, we use personal data in order to send out newsletters to the customers who have signed up.

 

The data we collect

We collect the following data:

Name, address, email, telephone number, payment method.

 

Data Controller

It is our Data Controller who is responsible for the processing of your personal data. We always process your personal data under applicable data protection law. Our Data Controller is:

 

Vibeke Kjeldsholm

Email: Kwadusa@kwadusa.com

 

How do we collect your data?

We collect your personal data when you purchase a product from our webshop or when you contact us through telephone, email or forms. On our website, two contact forms exist which ask you to provide your personal data in order for us to contact you, as required, or to process any returns. We ensure that you must provide your definite, explicit consent before we collect and process any of your personal data. We can also collect your personal data when you visit us at our address.

Additionally, we make use of newsletters to which people sign up to by accepting our terms and conditions and personal data policy. You need to complete two steps to sign up to the newsletter, and you can unsubscribe at any time. You can also sign up for the newsletter by purchasing a product on our webshop.

 

How do we store your data?

Your personal data is stored on our website and on our email, which both are encrypted through a security certificate. If you purchase any product or use the contact forms on our website, your personal data will be stored on the encrypted website or email. The personal data we collect physically will be stored under secure conditions.

Furthermore, your personal data is stored within the European Economic Area (“EEA”) but may also be transferred to and processed in a country outside of the EEA. Any such transfer of your personal data will be carried out in compliance with applicable laws. For transfers outside the EEA, we will use Standard Contractual Clauses and Shields as safeguards for countries without adequacy decisions from the European Commission. This will be the case concerning Google (including Gmail) and Microsoft (including OneDrive), both located in the United States of America.

 

Who can access your data?

Your personal data may be shared with employees at Kwadusa.com, who need your data to perform their daily work tasks. The personal data will not be shared with more employees than necessary to correctly deliver an order to the customer.

At Kwadusa.com, we never pass on, sell or swap your data for marketing purposes to third parties outside the company. If your personal data is shared with third parties, the purpose is only the delivery of packages or documents.

Your personal data may be shared with external business partners who process your data on our behalf. We use external business partners for technical operation etc. These external business partners are our data processors and do only act on instruction from us, meaning they are not allowed to use your data for anything else than the processing on our behalf. As our external business partners have signed data processor agreements, they are subject to confidentiality.

We use data processors established in the United States of America, including Google. The necessary guarantees for the transfer of data to the United States is ensured through the data processor’s certification under the EU-US. Privacy Shield, cf. article 45 of the Personal Data Regulation. If we use other data processors established outside the EU than those mentioned, it will always be in compliance with valid transfer guarantees.

We use the services of Mailchimp, Google and Webhosting, as well as web developers.

 

What are your rights?

As a registered, that is someone we have registered personal data about, you have a number of rights following below.

 

Right to access

You have the right to request information about the personal data we hold on you at any time.

 

Right to correction

You have the right to request correction of any incorrect personal data and to request an update of any incomplete personal data.

 

Right to erasure

You have the right to erase any personal data processed at any time except for the following situations:

  • If the processing is necessary to exercise our right to freedom of speech
  • If our processing is necessary to comply with a legal obligation
  • If our processing is necessary for the sake of archival purposes in the public interest or scientific or historical research or statistical purposes
  • If our processing is necessary for a legal claim to be established, enforced or defended

 

Right to restriction of processing

You have the right to request restriction of the processing of your personal data in the following situations:

  • You dispute the correctness of the personal data
  • If we process the data illegally and you oppose the erasure of the data
  • If we no longer need your personal data for processing, but they are necessary for a legal claim to be settled, enforced or defended
  • You have objected to the processing

 

Right to data portability

You have the right to receive a copy of the personal data you provided to us in a structured and regular manner, as well as in a machine-readable format for either you or another data controller, provided our processing of your information is automatic and based on consent, or is necessary to meet a contract.

 

Right to object

At all times, you have the right to object to an otherwise lawful processing of your personal data if we process personal data on one of the following grounds:

  • The processing is necessary for the purpose of performing a task in the interests of society or falling under public authority
  • The processing is necessary for us to pursue legitimate interests

 

Right to not being subject to a decision based solely on automatic processing, including profiling

You have the right not to be subject to a decision based solely on automatic processing that has legal effect or similarly significantly affects you.

 

How do you exercise your rights?

You may request the exercise of one or more of the above mentioned rights by using this form. We will process your request without unnecessary delay and no later than one month after we have received the request.

 

Legitimate legal basis for processing

Our processing of your personal data takes place on the basis of the Personal Data Regulation’s article 6 (a) regarding consent, and article 6 (b) concerning contract. Thus, we always obtain a legitimate consent for us to collect, store and process your personal data, or that we treat your personal data based on a contract between us and the customer.

 

Erasure of data

We erase your personal data when we no longer need them and no later than 5 years after your last purchase. Data can be stored for a longer period if we have a legitimate need for them, e.g. if it is necessary for us to meet a legal requirement.

 

Complaints

If you believe that we are processing your personal data in an incorrect or illegal manner, please contact our Data Controller. We always do our best to make you feel comfortable leaving your personal data to us. You also have the opportunity to complain to the Danish supervisory authority.

 

Changes

We may continuously need to update our Personal Data Policy. You will always be able to find our latest edition on the website.

 

Safety

We make sure to carry out appropriate technical and organisational security measures on an ongoing basis to prevent your personal data from being accidentally or illegally destroyed, lost, altered, or impaired, and against the knowledge or misuse of any unauthorised person.

 

Cookies

Cookies are small text files that can be used by websites to make the user experience more effective.

We use cookies to adapt our content to your wishes, to save your preferences, and to analyse our traffic.

According to legislation, we are allowed to store cookies on your device if they are strictly necessary to ensure the delivery of the service you have explicitly requested. If we wish to use other cookies, we need your consent.

Predominantly, we use necessary cookies, however, we also use Google Analytics to collect statistics from the users on our website. It can be turned off here.

We request your consent to use cookies when you visit the website. There will be a visible cookie box, to which you must press “Accept” if you allow our collection of cookies. If you press “Reject” you will be transferred to a page with an explanation. You can also choose to “Read more”.

We do not share your data with third parties.

You can delete cookies at any time. See how here.