Privacy Policy

This Privacy Policy describes how and when I collect, use, and share information when you use my services on this site.

Cookies

Cookies are text files with small pieces of data that are used to identify your computer and improve your web browsing experience. This data is labeled with an ID unique to you and your computer.
They are a reliable mechanism for websites to remember stateful information, to record the user’s browsing activity or to remember pieces of information that the user previously entered into form fields etc.

If you visit the login page, a temporary cookie will be set to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, several cookies will also be set up to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

A StatCounter analytics cookie is set in your browser when you visit this site. This cookie is used only to determine first-time and returning visitors and to estimate unique visits to the site. No personal information is stored in the cookie. Cookie duration is 5 years.

Information I collect

  • Email addresses and names of people who have used the contact form, emailed me or signed up to my mailing list via the opt-in link on my website.
  • Information such as your name, email address, postal address, payment information, and the details of ordered products, of people who have bought something from my webshop.

Why I need your information and how I use it

I rely on a number of legal bases to collect, use, and share your information, including:
as needed to provide my services, such as when I use your information to fulfil your order, to settle disputes, or to provide customer support;

  • when you have provided your affirmative consent, which you may revoke at any time, such as by signing up for my mailing list;
  • if necessary to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law; and
  • as necessary for the purpose of my legitimate interests, if those legitimate interests are not overridden by your rights or interests, such as providing and improving my services.

Who I share your data with

Information about my customers is important to my business. I share your personal information for very limited reasons and in limited circumstances. I engage certain trusted third parties to perform functions and provide services to my shop, such as delivery companies (PostNord). I will share your personal information with these third parties, but only to the extent necessary to perform these services.

  • If you pay via credit card in my shop, data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information. See Stripes privacy policy here.
  • If you at check-out click to agree to receive an invitation to review your shop order, your data will be shared with Customer Reviews LTDsee CusRev terms and conditions here.
  • If you contact me via the contact form or email me, your email address will be shared with my webhost service provider (Inleed) and e-mail program (Mozilla Thunderbird).
  • If you sign up to my email list, your email address and name will be shared with Mailchimp. See Mailchimps Privacy Policy and Terms.
  • If I sell or merge my business, I may disclose your information as part of that transaction, only to the extent permitted by law.
  • To comply with laws, I may collect, use, retain, and share your information if I have a good faith belief that it is reasonably necessary to: (a) respond to legal process or to government requests; (b) enforce my agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of my customers, or others.
  • If you request a password reset, your IP address will be included in the reset email.’
  • Visitor comments may be checked through an automated spam detection service.

How long I retain your data

I retain your personal information only for as long as necessary to provide you with my services and as described in my Privacy Policy. However, I may also be required to retain this information to comply with my legal and regulatory obligations, to resolve disputes, and to enforce my agreements.
I generally keep your data for the following time period: 7 years. This is the required period I must keep my book-keeping documents according to Swedish law.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so WordPress can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on this website, WordPress also stores the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

You can object to (i) my processing of some of your information based on my legitimate interests and (ii) receiving marketing messages from me after providing your express consent to receive them (meaning, if you sign up to my email list you can at any time unsubscribe through the link in the footer of all my emails). In such cases, I will delete your personal information unless I have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data that’s hold about you, including any data you have provided. You can also request that I erase any personal data I hold about you. This does not include any data I am obliged to keep for administrative, legal, or security purposes.

Images

If you upload images to the website (such as in product reviews), you can make sure to remove the embedded location data (EXIF GPS) before uploading. Visitors to the website can download and extract any location data from images on the website.
Uploaded media files are stored on Amazon S3. 

How to contact me

For purposes of EU data protection law, I, Caroline Eklund / Nymla, am the data controller of your personal information. If you have any questions or concerns, you may contact me at mail [!at] nymla.se

My business details:
Corporate ID number: 870611****

Nymla
Norra Fiskarg. 14A
80310 Gävle
Sweden