susanne-buch@outlook.dk
+45 2484 5684
Cart
0
0.00 kr.

General Provisions

1 The data controller for personal data, in accordance with the GDPR (hereinafter referred to as the "Regulation"), is Sanne Buch (hereinafter referred to as the "Data Controller");

2 The contact details for the Data Controller are: see contact information

3 Personal data is any information relating to an identified or identifiable natural person.

Source of Personal Data

1 The Data Controller processes personal data obtained with the customer's consent and collected through the purchase agreement and fulfilment of electronic orders created in the webshop.

2 The Data Controller only processes the customer's identification and contact details that are necessary to fulfil the purchase agreement;

3 The Data Controller processes personal data for shipping and accounting purposes, and for the necessary communication between the contracting parties within the legal period required by law. Personal data will not be published and will not be transferred to other countries.

Purpose of Data Processing

The Data Controller processes the customer's personal data for the following purposes:

1 Registration on the website in accordance with Chapter 4, Section 2 of the GDPR;

2 To fulfil the electronic order created by the customer (name, address, email, telephone number);

3 To comply with laws and regulations resulting from the contractual relationship between the Customer and the Data Controller;

4 Personal data is required for fulfilling the purchase agreement. The agreement cannot be concluded without the personal data.

Duration of Personal Data Storage

1 The Data Controller stores personal data for the period necessary to fulfil rights and obligations arising from the contractual relationship between the Data Controller and the Customer, and for 3 years after the conclusion of the contractual relationship;

2 The Data Controller shall delete all personal data after the expiry of the period required for personal data retention.

Customer Rights

In accordance with the Regulation, the customer is entitled to:

1 the right to access personal data;

2 the right to rectify personal data;

3 the right to erase personal data;

4 the right to object to the processing of personal data;

5 the right to data portability;

6 the right to withdraw consent to the processing of personal data in writing or by email sent to: see contact information

7 the right to lodge a complaint with the supervisory authority in case of suspected violation of the Regulation.

Security of Personal Data

1 The Data Controller declares that they take all technical and organisational measures necessary for the protection of personal data;

2 The Data Controller has taken technical measures to secure data storage facilities, particularly ensuring access to computers with a password, using antivirus software, and regular maintenance of computers.