Personal Data Policy / Cookies
1. In general
1.1 This policy on the processing of personal data ("Personal Data Policy") describes how Fetish.dk ("FMode", "Fetish.dk", "us", "our", "we") collects and processes information about you.
1.2 The Personal Data Policy applies to personal information that you provide to us or that we collect via Fetish.dk's website, www.Fetish.dk (the "Website").
1.3 Fetish.dk is data responsible for your personal information. All inquiries to Fetish.dk can be made via the contact information listed under pkt. 7
2. What personal information do we collect, for what purposes and the legal basis for the processing
2.1 When you visit the Website, we automatically collect information about you and your use of the Website, such as the type of browser you use, the search terms you use on the Website, your IP address, including your network location, and information about your computer.
2.1.1 The purpose is to optimize the user experience and the Website's function, as well as carry out targeted marketing, including retargeting via Facebook and Google. This processing of information is necessary so that we can take care of our interests in improving the Website and show you relevant offers.
2.1.2 The legal basis for the processing is Article 6 (1) of the EU Personal Data Regulation. 1, letter f.
2.2 When you buy a product or communicate with us on the Website, we collect the information you provide, eg name, address, e-mail address, telephone number, payment method, information about which products you buy and possibly have returned, delivery requests, and information about the IP address from which the order was made.
2.2.1 The purpose is that we can deliver the products you have ordered and otherwise fulfill our agreement with you, including to be able to manage your rights to return and advertise. We can also process information about your purchases to comply with legal requirements, including for bookkeeping and accounting. When purchasing, the IP address is collected for that purpose and to serve our interest in being able to prevent fraud.
2.2.2 The legal basis for the processing is Article 6 (1) of the EU Personal Data Regulation. 1, letters b, c and f.
2.3 When you sign up for our newsletter, we collect information about your name and email address.
2.3.1 The purpose is to take care of our interest in being able to deliver newsletters to you.
2.3.2 The legal basis for the processing is Article 6 (1) of the EU Personal Data Regulation. 1, letter f.
Recipients of personal data
3.1 Information about your name, address, e-mail, telephone number and order number and specific delivery requests are passed on to PostNord, GLS or a carrier who delivers the purchased goods to you. When purchasing non-stocked goods, the mentioned information can be passed on to the manufacturer or seller of the product in question, who in that case will be responsible for the delivery.
3.2 Information may be left to external partners who process the information on our behalf. We use external partners for, among other things, technical operation and improvements of the Website, distribution of newsletters and targeted marketing, including retargeting, as well as for your assessment of our company and products. Among other things, information about your name and e-mail is passed on to TrustPilot so that an invitation can be sent on our behalf to assess us on TrustPilot's website. If you choose to make a review, TrustPilot will be data responsible for the information provided. These companies are data processors and under our instruction and process data for which we are the data controller. The data processors may not use the information for any purpose other than fulfilling the agreement with us, and are subject to confidentiality about this. We have entered into written data processor agreements with all data processors who process personal data on our behalf.
3.3 Two of these data processors, Google Analytics v / Google LLC. And Facebook Inc. is established in the United States. The necessary guarantees for the transfer of information to the United States are secured through the certification of the data processor under the EU-U.S. Privacy Shield, cf. EU Personal Data Regulation Art. 45.
3.3.1 copy of Google LLC's certification can be found here: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
3.3.2 copy of Facebook Inc.'s certification can be found here: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
3.3.3 A copy of Klaviyo's certification can be found here: https://www.privacyshield.gov/participant?id=a2zt00000008RNFAA2&status=Active
4. Your rights
4.1 In order to create transparency regarding the processing of your information, we, as the data controller, must inform you of your rights.
4.2 The right of access
4.2.1 You are at all times entitled to ask us for information about, among other things, what information we have registered about you, what purpose the registration serves, what categories of personal information and recipients of information that may. may be, as well as information on where the information comes from.
4.2.2 You have the right to receive a copy of the personal data that we process about you. If you want a copy of your personal information, you must send a written request to email@example.com You may be asked to document that you are who you pretend to be.
4.3 The right of rectification
4.3.1 You have the right to have incorrect personal information about yourself corrected by us. If you become aware that there are errors in the information that we have registered about you, you are encouraged to contact us in writing so that the information can be corrected.
4.4 The right to delete
4.4.1 In certain cases, you have the right to have all or some of your personal data deleted by us, eg if you revoke your consent and we do not have another legal basis to continue the processing. To the extent that continued processing of your information is necessary, eg for us to comply with our legal obligations, or for legal claims to be established, asserted or defended, we are not obliged to delete your personal information.
4.5 The right to limit the treatment to storage
4.5.1 In certain cases, you have the right to have the processing of your personal data limited to only storage, eg if you believe that the information we process about you is incorrect.
4.6 The right to data portability
4.6.1 In certain cases, you have the right to have personal information that you have provided to us provided in a structured, commonly used and machine-readable format and have the right to transfer this information to another data controller.
4.7 Right of objection
4.7.1 You have the right at any time to object to our processing of your personal data, with a view to direct marketing, including the profiling carried out in order to be able to target our direct marketing.
4.7.2 You also have the right at any time, for reasons relating to your personal situation, to object to the processing of your personal data, which we carry out on the basis of our legitimate interests, cf. pkt. 2.1 and 2.3.
4.8 The right to withdraw consent
4.8.1 You have the right at any time to revoke a consent you have given us for a given processing of personal data. If you wish to revoke your consent, please contact us at firstname.lastname@example.org.
4.9 The right to complain
4.9.1 You have the right at all times to submit a complaint to the Danish Data Protection Agency, Borgergade 28, 5, 1300 Copenhagen K about our processing of your personal data. Complaints can, among other things, be submitted by email email@example.com or telephone +45 33 19 32 00.
5. Deletion of personal data
5.1 Information collected about your use of the Website, cf. pkt. 2.1. deleted at the latest when you have not used the Website for 2 years.
5.2 Information collected in connection with your subscription to our newsletter will be deleted when your consent to the newsletter is withdrawn, unless we have another basis for processing the information.
5.3 Information collected in connection with purchases you have made on the Website, cf. pkt. 2.2 will in principle be deleted 5 years after the end of the calendar year in which you have made your purchase. However, information can be stored for a longer period of time if we have a legitimate need for longer storage, eg if it is necessary for legal claims to be established, asserted or defended, or if storage is necessary for us to meet legal requirements. Accounting material is stored for 5 years until the end of a financial year to meet the requirements of the Accounting Act.
6.1 We have implemented appropriate technical and organizational security measures against the accidental or unlawful destruction, loss, alteration or deterioration of personal data and against the disclosure or misuse of unauthorized persons.
6.2 Only employees who have a real need to access your personal information in order to perform their work have access to it.
7. Contact information
7.1 Fetish.dk is data responsible for the personal data collected via the Website.
7.2 If you have any questions or comments about this Personal Data Policy or wish to make use of one or more of your rights described in section 4, you can contact:
Phone: 0045 20814047
8. Changes in personal data policy
8.1 If we make changes to the Personal Data Policy, you will be informed of this on your next visit to the Website.
9.1 This is version 1 of Fetish.dk's personal data policy dated 15 April 2019.