Privacy policy
Cookie & Privacy Policy
Comfydence AB is responsible (personal data controller) for cookies and the processing of your personal data as described below. This information about cookies explains how Comfydence AB uses cookies to recognize you when you visit our websites that link to this information.
What is a cookie?
Cookies are small text files that are saved by the browser and stored on the device you use to surf the Internet. When you visit our website, certain information may be stored using cookies. When we refer to cookies, we mean first- and third-party cookies, tracking pixels and plug-in programs and other tracking technologies.
Information collected and why
Cookies are sometimes used to collect information that is considered to be personal data, such as IP addresses and information linked to the IP address, but no personal data that is directly attributable to you as a person.
We use cookies to improve your user experience. Through the use of cookies, we can obtain information about when and how long you visited our website, which website you visited before ours and which internet provider you use. The purpose of this is to optimize your visit and constantly improve our website. The information is also used to evaluate and improve any advertising.
Legal basis for use of Cookies
Since the website does not function without strictly necessary cookies, this category of cookies is always allowed when you visit the website. The legal basis for using strictly necessary cookies is our legitimate interest in providing you with a functioning website.
For functional, statistical and marketing cookies, we rely on your consent. When you enter the website for the first time, you will see a banner with information about our use of cookies and we ask you to accept the use of cookies. You are not required to consent to functional, statistical and marketing cookies to access the website, but some services and features require the use of cookies and may be restricted or unavailable without your consent. You can choose your own settings and revoke or change your consent at any time by emailing hey@comfydence.se
Types of Cookies used on the website
Mainly two types of cookies are used, "session cookies" and "permanent cookies". Session cookies are automatically deleted as soon as you as a user close your browser. Permanent cookies are stored on your device to facilitate future visits. However, permanent cookies are also deleted after a certain time.
The Comfydence website uses first-party cookies and to a certain extent also third-party cookies. All cookies have a publisher, which shows who the cookie belongs to. The publisher is the owner of the domain specified in the cookie. When you visit our website, we place cookies on your device for various reasons. Such cookies are called first-party cookies. Cookies placed by a third-party company, such as social media platforms or ad network or ad technology providers, are called third-party cookies.
From Comfydence's point of view, the uses of third-party cookies are the same as stated above, but in some cases these are also used for the third party's own purposes. For example, they can be used to measure traffic, determine which websites you last visited or for targeted marketing on other websites.
Below you will find a list of the types of cookies we at Comfydence have on our website and get more information about them.
|
Essential cookies |
||
|
Name |
Description |
Declared as |
|
_ab |
Used in connection with access to admin. |
Essential |
|
_secure_session_id |
Used in connection with navigation through a storefront. |
Essential |
|
__cfduid |
The _cfduid cookie helps Cloudflare detect malicious visitors to our Customers’ websites and minimizes blocking legitimate users. |
Essential |
|
Cart |
Used in connection with shopping cart. |
Essential |
|
cart |
Used in connection with shopping cart. |
Essential |
|
cart_sig |
Used in connection with checkout. |
Essential |
|
cart_ts |
Used in connection with checkout. |
Essential |
|
cart_ver |
Used in connection with shopping cart. |
Essential |
|
checkout_token |
Used in connection with checkout. |
Essential |
|
Secret |
Used in connection with checkout. |
Essential |
|
secure_customer_sig |
Used in connection with customer login. |
Essential |
|
storefront_digest |
Used in connection with customer login. |
Essential |
|
_shopify_u |
Used to facilitate updating customer account information. |
Essential |
|
XSRF-TOKEN |
Used in connection with GDPR legal Cookie. |
Essential |
|
gdpr_legal_cookie_session |
Used in connection with GDPR legal Cookie. |
Essential |
|
_bc_c_set |
Used in connection with GDPR legal Cookie. |
Essential |
|
_tracking_consent |
For Shopify User Consent Tracking. |
Essential |
|
_shopify_m |
Used for managing customer privacy settings. |
Essential |
|
_shopify_tm |
Used for managing customer privacy settings. |
Essential |
|
_shopify_tw |
Used for managing customer privacy settings. |
Essential |
|
_storefront_u |
Used to facilitate updating customer account information. |
Essential |
|
cart_currency |
Used in connection with cart and checkout. |
Essential |
|
Statistical and Marketing Cookies |
||
|
|
|
|
|
Name |
Description |
Declared as |
|
_orig_referrer |
Used in connection with shopping cart. |
Marketing & Analytics |
|
_landing_page |
Track landing pages. |
Marketing & Analytics |
|
_s |
Shopify analytics. |
Marketing & Analytics |
|
_shopify_d |
Shopify analytics. |
Marketing & Analytics |
|
_shopify_fs |
Shopify analytics. |
Marketing & Analytics |
|
_shopify_s |
Shopify analytics. |
Marketing & Analytics |
|
_shopify_y |
Shopify analytics. |
Marketing & Analytics |
|
_y |
Shopify analytics. |
Marketing & Analytics |
|
_shopify_sa_p |
Shopify analytics relating to marketing & referrals. |
Marketing & Analytics |
|
_shopify_sa_t |
Shopify analytics relating to marketing & referrals. |
Marketing & Analytics |
|
_shopify_uniq |
Shopify analytics. |
Marketing & Analytics |
|
_shopify_visit |
Shopify analytics. |
Marketing & Analytics |
|
tracked_start_checkout |
Shopify analytics relating to checkout. |
Marketing & Analytics |
|
ki_r |
Shopify analytics. |
Marketing & Analytics |
|
ki_t |
Shopify analytics. |
Marketing & Analytics |
|
ab_test_* |
Shopify analytics. |
Marketing & Analytics |
These cookies enable your use of the website and collect information that we must have in order for you to be able to access certain services. An example is that we should be able to verify your information when you place an order, remember which products you put in your shopping cart and how far you have come in your order. The website does not work without necessary cookies.
Functional cookies
These cookies enable our website to remember information that affects how the website behaves or looks, in order to adapt the website to your needs. For example, your preferred language or the region you are in.
Statistical cookies
These cookies enable us to count the number of visits and how you found our website. We can measure and improve our website. They help us know which pages are more or less popular and how visitors navigate around the website. The information these cookies collect is aggregated. Some statistics cookies are third-party cookies, which means that we will transfer the information to such third parties.
Marketing cookies
These cookies are used to track visitors to various websites. The intention is to show ads that are relevant and engaging to the individual user and thus more valuable to publishers and third-party advertisers. We collect data about how our websites are used. The information is used for customer segmentation, marketing and online advertising. The goal is to communicate and advertise the most relevant products and services for you as possible. If you do not allow these cookies, we will not carry out any targeted marketing online. If you have consented to "Statistics cookies", we save this data, but we only use it if you consent to this.
Your consent applies to the following domains: www.comfydence.se, www.comfydence.eu
How to remove cookies
If you do not accept the use of cookies, your browser can be set so that it automatically refuses the storage of cookies or informs you each time a website requests to store a cookie. Through the browser, previously stored cookies can also be deleted.
If your browser rejects cookies, it may mean that the functionality of the website is limited. You can turn off the use of cookies under the settings tab in your browser (see the browsers' help pages for more information). In the browser, you can also delete previously stored cookies from websites you have visited.
For more information about cookies and what you can do to protect your personal data on the internet, see the following link: http://www.youronlinechoices.eu/
More information
You will find more information about the processing of your personal data and how to exercise your rights in our privacy policy.
Privacy policy
SECTION 1 – INTRODUCTION
It is important to us at Comfydence to ensure the privacy of those who use our services and we want to ensure that your personal data is protected in the best possible way. With this policy, we want to explain what personal data we collect about you and what it may be used for in order to show how we ensure that your personal data is handled in accordance with applicable legislation
Personal data controller: Comfydence AB
Org: 559257-8123
Address: Luntmakargatan 70, 113 51 Stockholm. Sweden.
Epost: hey@comfydence.se
Who do I contact with questions and when I want to exercise my rights?
If you have any questions about our processing of your personal data, you are welcome to contact us via email hey@comfydence.se
Complaints
If you have comments on our treatment or are not satisfied with the answer you have received, you have the right to file a complaint with the Swedish Data Protection Authority (IMY). www.imy.se
SECTION 2 - INFORMATION TO REGISTRANT
We process the personal data provided to us, for example in connection with an order or by people contacting us via email or through a contact form. Personal data processed are:
- Identifying information – Name, social security number, email address, mobile phone number, address.
- Organizational information – Title, company name, company address and invoice and delivery address.
- Information about services - Details relating to the goods or services you have purchased or ordered. For example, type of product, delivery tracking number, payment information, information on returns and deliveries and other purchase information.
- Information about devices - IP address, language settings, browser settings, time zone, operating system, platform, screen resolution and similar information about your device settings.
For what purposes do we process your personal data?
Private customers
Purpose of the processing and legal basis
If you are a natural person and enter into an agreement with us, your personal data will be processed to the extent necessary for the following purposes:
- To manage your orders and purchases,
In order for us to be able to register you as a customer in our systems, plan our work and carry out the work covered by our agreement, for invoicing and invoice processing, to monitor, manage and remedy any errors and fulfill our possible warranty liability under our agreement, to test and improve our processes and systems, to prevent misuse or inappropriate use of our services. for marketing mailings and transmission of newsletters and text messages.
Personal data processed for these purposes is identifying information and information about services. The processing of your personal data that is required for us to be able to fulfill the agreement with you is based on the agreement between Comfydence and you. We must process some of your personal data according to law, for example the Accounting Act, the processing is based in those cases on a legal obligation. Processing of your personal data that takes place to test and improve our processes and systems takes place in support of our legitimate interest in being able to improve the services and products we provide you. We also have a legitimate interest in processing your personal data to prevent misuse or inappropriate use of our services and products. We will also process your personal data to market our products, for example through marketing mailings and the transmission of newsletters and text messages, the legal basis in those cases being your consent or our legitimate interest in marketing our products.
Recipient of personal data
The data may be disclosed to authorities in accordance with what is prescribed by law, to possible collaboration partners who deliver support services to the company, including marketing, finance and IT services and in the manner and to the extent required for us to be able fulfill our commitments to our customer.
Storing of personal data
Your personal data is saved as long as the customer relationship remains and thereafter for the time required or permitted according to the legislation and practice in force at the time. If your personal data is available as a reference in invoice documents, it will be kept for seven years according to the Accounting Act, and information that is necessary for us to be able to fulfill our guarantee obligations will be kept for as long as the guarantee is valid.
Visitors of our website
We may process your personal data when you visit our website. If and what personal data that is processed depends on your browser settings as well as the settings that you choose on our website. Our website uses cookies, which are small data files which are saved and downloaded onto the device that you are using to browse the internet. While visiting our website certain information may be collected through the use of cookies, for example regarding how you use our website. Further information about which cookies we use and how we use them is found in our Cookie Policy.
Moreover, we process your personal data when you contact us through our website, for example filling out a contact form on our website.
The purposes and legal basis of the processing
We use your personal data for the development and improvement of our website, to understand how the visitors are using it and to ensure the functionality of the website. This personal data that is processed for these purposes is device information. We are relying on the legal basis of legitimate interest regarding the use of necessary cookies, since they are necessary in order for us to provide a functioning website. The processing of personal data through analytical cookies is based on consent as the legal basis. You have no obligation to consent to analytical cookies to gain access to the website, although some services require the use of these types of cookies. Some functions may therefore be limited or inaccessible if you choose to not consent to the use of these cookies. You may change the settings, withdraw, or alter your consent at any time by emailing hey@comfydence.se
When contacting us through the website your personal data is processed on the basis of our legitimate interest of managing your request or order and being able to communicate with you. Personal data processed for this purpose is contact and identification data as well as other information that you may have provided.
Recipient of personal data
Personal data may further be disclosed with partners providing services to the company, including marketing, finance, and IT services, to the extent that is required in order for us to provide the website.
Storing of personal data
Further information is found in our Cookie Policy.
Visitors of our social network pages
We are the controller regarding personal data that is published in our social network pages (LinkedIn, TikTok, Facebook and Instagram). We are responsible for making sure that no inappropriate or offensive posts are published in our social network channels. In such a case, the post in question will be deleted.
The purposes and legal basis of the processing
The purpose of our social network channels is to inform and market our business and our products to existing and potential customers. The types of personal data processed regarding this purpose are contact and identification data as well as organizational information. If you choose to interact with any of our social network pages, you have consented to receiving our social network posts in you feed. You have the option at any time to stop liking the page or to hide individual or all of our posts. We may use the information in order to contact you or the company or organization that you represent in order to inform you about our products. The legal basis for this is our legitimate interest.
For further information about how your personal data is processed we refer you to the social network in question: LinkedIn, TikTok, Facebook and Instagram.
Recipient of personal data
Personal data may be disclosed with partners providing services to the company, for example marketing services.
Storing of personal data
The personal data that you as an individual provide by interacting or commenting will be stored for the time being or until you delete the interaction or comment yourself. This applies under the premise that the interaction or comment appears to be made by you as a sender. Unwanted comments will be deleted on an ongoing basis.
Subscriptions to our Newsletter and text messages
The purposes and legal basis of the processing
The purpose of the processing is for you to be able to receive Comfydence newsletter and text messages. We may use your personal data to market our products, services, events etc. in the newsletter. The personal data that is being processed is contact and identification data. The legal basis for the processing is your consent. You may at any time withdraw your consent by unsubscribing from the newsletter, using the attached link in the newsletter.
Recipient of personal data
Personal data may be disclosed with partners providing services to the company, including IT services or services regarding the administration of newsletters and text messages.
Storing of personal data
Your personal data will be saved for as long as you remain a subscriber to our newsletter. Comfydence will delete your personal data when you unsubscribe. You unsubscribe by using the attached link, or by sending an email to hey@comfydence.se
Contact persons of our business customers, distributors or suppliers
The purposes and legal basis of the processing
If you are a contact person and an employee of any of our customers, distributors, or suppliers your personal data will be processed to the extent that is necessary for us to be able to contact the customer, distributor or supplier in question. Personal data will also be processed to administrate the contractual relationship and for us to be able to fulfill the obligations towards the party in question. The personal data that is being processed is contact and identification data and organizational information. The legal basis for the processing of this type of information is our legitimate interest in being able to carry out the agreement or the contractual relationship that arises due to an order from a customer or distributor, or a purchase from a supplier. Moreover, we will process personal data of the contact persons of our business customers to market our products, on the basis of our legitimate interest.
Recipient of personal data
Personal data may be disclosed to a public authority in accordance with what is prescribed by law, as well as to any partners providing services to the company. Regarding contact persons of businnes customers this includes marketing, finance, and IT services, to the extent that is required in order for us to fulfill our commitments towards the customer. Regarding contact persons of distributors or suppliers the disclosure includes IT services, in a way and to an extent that is demanded in order for us to fulfill our commitments towards you as a data subject.
Storing of personal data
Your personal data will be saved for as long as the customer relationship persists and thereafter for as long as the legal retention period requires or allows. If your personal data is processed in the invoice documentation, it will be retained for seven years in accordance with the Swedish Book-keeping Act. If you terminate your employment with our customer, distributor, or supplier, your contact information will be deleted and replaced with your successor´s information. This will be done as soon as we receive the updated information from you or your employer.
SECTION 3: Transfer of personal data outside the EU/EES
If we need to transfer personal data to a country or company outside the EU/EES, we will take appropriate measures to protect your personal data in the most efficient way.
- We are using third-party cookies on our website. The use of third-party cookies means that your personal data may be transferred to a third party which is located in a third country, for example the United States.
- We are using social network channels. The use of social network channels means that your personal data may be transferred to a third party which is located in a third country, for example the United States.
- We publish a newsletter via email and text messages. The service of publishing and administering the newsletter means that your personal data may be transferred to a third party which is located in a third country, for example the United States.
In the case of personal data being transferred to a third country, we will take appropriate measures to protect your personal data in the most efficient way. Such appropriate measures may include:
- making sure that the EU commission has decided that the country in question offers an adequate level of data protection, corresponding to the level of protection provided by the GDPR.
- using the Standard Contractual Clauses (SCC) issued by the EU commission. When personal data is transferred to a third country on the basis of SCC:s we assess whether there is legislation in the receiving country that affects the protection of your personal data. If it is required, we will undertake technical and organizational measures to ensure the protection of your personal data for the transfer outside the EU/EES. Due to the United States security legislation, there is a risk that US authorities may be granted access to personal data transferred to the United States with the purpose of fighting crime or protect national security. This risk exists even though we are taking technical and organizational security measures.
You may contact us through hello@underyourskin.se to receive a copy of our security measures.
SECTION 4: YOUR RIGHTS
As data subject you have certain rights. The rights in question are based on the GDPR. The rights are stated below in this document. You are welcome to contact us when you want to exercise your rights. Our contact details are stated in section 1 of this policy document.
When exercising your rights, we have as an objective to process and return to you within a month from when you first contacted us. The process may take up to three months if the extent or complexity of the matter so requires. If that is the case, you will be notified by us. We will always answer your requests in writing.
Below there is a description of the different rights that applies when we process personal data about you.
Depending on the legal basis and purpose of the processing, there may be exceptions or limitations in your possibility of exercising your rights.
If the request is manifestly unreasonable or unfounded, we may either charge a fee or refuse to comply with the request. This may especially be the case if the request in question takes place on a recurring basis. However, we must in such a case be able to show that the request is manifestly unreasonable or unfounded.
- The right of access to your personal data, data extract
You may request a confirmation from us as to whether personal data about you is being processed and how it is being processed. You also have a right to request access to the personal data that we are processing, a so-called data extract.
- The right to rectification of inaccurate information
You have the right to obtain rectification of inaccurate personal data. You also have the right to have any incomplete personal data completed.
- The right to be forgotten
You have the right to have your personal data deleted. Upon such a request, data will be deleted if it is no longer necessary to process or keep due to the purpose that the data was collected for. We will also delete your personal data if you withdraw your consent to the processing. In some cases, we do not have the possibility of deleting your personal data. The reason for this is if the data is still necessary due to the purpose that it was collected, or that our interest in processing the personal data outweighs your interest of having it erased. Moreover, there may in some cases exist legal requirements for us to keep the information.
- The right to restriction of processing
You have the right to request the processing to be restricted under certain circumstances.
The possibility of restriction applies if: a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data; b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead; c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims; or d) the data subject has objected to processing pursuant to article 21.1 of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject
- The right to data portability
When we process personal data in order to fulfill an agreement with you or based on your consent, you have the right to request the personal data concerning you. This applies under the condition that you have provided the personal data to us in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
- The right to object to processing
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you and which is based on point (f) of article 6.1 in the GDPR, legitimate interest. The right to object includes processing that includes profiling.
- The right to object to decision-making based on automatic processing
You have the right to not be the subject of a decision based on automatic processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
SECTION 5: CHANGES TO THIS PRIVACY POLICY
We reserve the right to make changes to this policy at any time, to the extent we find necessary. This may be done based on if we change how we process personal data, and in order to fulfill new legal requirements, interpretations of legal requirements, technical requirements or to remedy problems or disruptions. Former policies will be kept available on our website.
