Privacy Policy

Purpose of collection

We collect personal information primarily to provide products and services to you, assist you with shopping online with us, and to deal with your enquiries. We hope that by doing this, we can strive to continue to improve the level of customer service that we offer to you (Purpose).

In particular, we collect your personal information so that we can carry out the following actions:

  • to provide you with products and information that you have requested from us;
  • to communicate with you, including about products, services and events which might interest you;
  • to provide you with information or advice;
  • process payments by you to us for our products;
  • to create accounts, tax invoices or receipts;
  • to provide your personal information to third parties that assist us in providing and/or delivering the products you or they have requested;
  • to consider and respond to feedback from you;
  • to comply with laws or regulations or to comply with any directions given by regulators or authorities.

We may disclose additional purposes for collection of your personal information in collection statements at the point of collection.


Personal information we collect

When we collect personal data through our website, we make sure that it happens with your consent, so that you are informed about what kind of information we collect and why. All data is treated according to Danish Law, Persondataloven.

We may collect the following types of personal information from you:

  • name;
  • residential or business address;
  • email address;
  • post code;
  • financial and payment information;
  • gender;
  • shopping preferences;
  • age and date of birth;
  • signature;
  • telephone number.


Sensitive information

Sensitive information is information about you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs or affiliations, membership of a professional or trade association, membership of a trade union, details of health, disability, sexual orientation or criminal record.

It is our policy to only collect your sensitive information where it is necessary for our functions or activities and either you have consented or we are required or authorised under law to do so.

How we collect your personal information

Collection of your personal information can occur through the following interactions:

  • when you communicate with us directly (by email, telephone, direct mail or any other means); 
  • when we interact with you during the course of providing you with products; and/or,
  • when you create a customer account;
  • when you review our website or one of our products;
  • when you sign up for our newsletter, and/or
  • when you visit our website and social media pages, or access or contribute to digital platforms and applications managed by us (Online Platforms).


Cookies

We may use temporary (session) cookies or permanent cookies when you access our Online Platforms.  This allows us to recognise your browser and track the web pages you have visited. Please read more about this in our Cookie Policy.


How we hold your personal information

The personal information is registered with SOWco A/S (Boody), and will be stored for 5 years, calculated from the end of the financial year in which the transaction has been completed, after this the information is deleted. The information is stored in accordance with section 10 of the Danish Accounting Law (Bogføringslovens § 10). The information is stored securely and confidentially on a computer with limited access in controlled facilities.


Security

The security control is continuously revised to always be able to handle user information properly and in accordance with your rights as a user. 100% security can never be guaranteed for data transfers via the Internet. There may be a risk that others unjustifiably force access to information when data is sent and stored electronically - which is why you provide your personal information at your own risk.

The rapid development of the Internet means that changes in our handling of personal data may become necessary, which is why we reserve the right to update / change these guidelines for handling personal data. If this becomes relevant, the date of "last updated" is corrected at the bottom of the page. In the event of extensive changes, a visible notice is given on the website.

Who has access to your personal information

The data responsible for the collection, processing and use of your personal information on www.boody.se is:

Sowco A/S
Literbuen 11, 2740 Skovlunde
CVR: 19047296.

The Logistics department and the Marketing department at Sowco A/S have access to the information that is registered about you.

Third party

Information submitted to (www.boody.se) is not passed on or sold in any way to third parties, unless this is done in connection with a restructuring or a full or partial sale of the company. Any disclosure in such a situation will take place in accordance with the personal data legislation in force in the area at any given time.

We do not record any personally sensitive information.

If you have ordered delivery, the information about your name, address, telephone number and e-mail address will be handed over to our shipping company for the purpose of delivering your purchases.

We have our webshop and payment system through Shopify Inc., which acts as our data processor. All personal data that you provide on our website will be stored in Shopify's data centers on secure servers that are protected behind firewalls

We have entered into data processor agreements with our data processors, which is our guarantee that they comply with applicable rules on the protection of your personal data.

If you choose a direct debit port to complete your purchase, Shopify will store your card information. It is encrypted via the payment card industry's data security standard (PCI-DSS). Your purchase transaction data is only stored for as long as is necessary to complete your purchase transaction. Your purchase transaction information will then be deleted. All direct payment gateways comply with the standards set by PCI-DSS, which is managed by the PCI Security Standards Council, which is a joint effort of brands such as Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure secure handling of credit card information from our store and its providers.

If we are unable to collect your personal information

If we are unable to collect your personal information, some or all of the following may occur:

  • we may be unable to provide products to you;
  • we may be unable to communicate with you to provide information about products that you have procured from us, or may intend to procure in the future;
  • we may be unable to tailor the content of our marketing communications to suit your preferences;
  • your experience when interacting with us may be delayed or not as efficient as you may expect.


Disclosure of your personal information

Your personal information may be disclosed in connection with any Purpose to any of the following:

  • our employees, contractors or service providers, to the extent reasonably necessary to fulfil our obligations to you;
  • our business advisors, including lawyers, accountants or other professional service providers, to the extent reasonably required;
  • suppliers, clients and other third parties with whom we have commercial relationships, for business, payment processing, delivery, marketing and related purposes;
  • if required by law, to any person authorised by such law. 


Overseas disclosure of personal information

We may disclose your personal information to third parties and service providers located overseas in connection with any Purpose, including to overseas cloud computing hosts. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.


Links

Links from our Online Platforms to third party websites that we do not operate or control are provided for your convenience. We are not responsible for the privacy or security practices of websites that are not covered by this Privacy Policy. Third party websites should have their own privacy and security policies which we encourage you to read before supplying any personal information to them.


Direct Marketing

We may contact you with direct marketing communications and information about products or services offered by us or our partners via telephone, email, SMS, or regular mail.

If you have indicated a preference for a method of communication, we will endeavour to use that method wherever practical to do so.

You may opt out of receiving marketing communications at any time by responding via the channel in which you received the marketing communication, or by contacting us (using the contact form or by emailing us at support@boody.se). You can unsubscribe from emails by clicking the unsubscribe link on the footer of the email communication you have received. 


How you may access your information

You may access your personal information held by Boody by making a request to us. 

You can get in touch with us via our contact us page.

 

Correction of your personal information

If you would like us to update or amend your personal information, please contact us and we will make the requested amendments.

We may ask you to verify your identity to ensure that personal information we hold is not improperly accessed.


Complaints

If you feel your privacy has been breached, please contact us using the contact information above setting out the circumstances and reasons for your complaint. 

If you want to complain about our processing of your personal data, you also have the opportunity to contact the Danish Data Protection Agency (Datatilsynet).