As the data controller, Alba Health ApS Filial ("The Company," "we," or "us") is committed to ensuring that all processing of your personal data is carried out in accordance with the General Data Protection Regulation (GDPR). This personal data policy provides detailed information on the personal data we process, the purpose of such processing, and outlines your rights and how to exercise them. Additionally, we explain the measures we undertake to ensure the secure processing of your personal data.
Definition of Personal Data and Processing:
Personal data refers to any information, whether direct or indirect, that pertains to a living individual. This includes but is not limited to names, addresses, photos, encrypted data, and electronic identifiers such as IP numbers. We exclusively process your personal data. Processing encompasses various activities, such as data collection, storage, registration, organisation, compilation, transfer, or deletion.
Data Controller and its Responsibilities:
Alba Health ApS Filial, registered under Swedish organisation number 516413-0691, assumes the role of data controller for the company's personal data processing. This signifies our responsibility to process your personal data in compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR). If we engage a service provider to process your personal data, that provider is recognized as a personal data processor.
Processing of Personal Data and Purpose:
When you become a customer, or sign up to participate in a study, we may collect personal data, such as your name, address, email address and telephone number. This information is necessary for managing our customer relationships, processing orders and returns, generating statistics, complying with legal accounting requirements, promoting our products to you, and contacting you when necessary.
Additionally, we may obtain certain personal data from external sources, such as credit reports and address updates, to ensure the accuracy and completeness of our records.
Legal Basis for Processing:
When you provide us with your personal data during a purchase and registration, we utilise this information to facilitate these specific processes. We also use the data to communicate with you and fulfil our obligations to you. Therefore, we consider the processing of personal data as necessary for the performance of our contractual relationship with you as a customer, establishing a legal basis for such processing.
In the course of our business activities, we may contact you for marketing purposes through emails unless you have explicitly notified us of your preference not to be contacted. We believe that there is a legitimate interest in communicating with you about our products, which outweighs the need for personal data protection when balancing interests.
Any further processing of personal data beyond the stated objectives will be carried out in compliance with legal requirements or with your explicit consent.
Processing of Personal Data and Purpose:
As required by applicable legislation, Alba Health ApS (with Swedish organisation number 516413-0691), is obligated to process certain personal data for accounting and auditing purposes. In accordance with the Swedish Bookkeeping Act, we are legally required to retain specific data, such as payment transaction information, for a period of seven years from the end of the accounting year.
Your personal data may also be utilised for account statements, invoicing and auditing, payment verification, administrative and legal matters, statistical and marketing analysis to improve our services, website accessibility, system development and maintenance.
If you are under the age of 18 and wish to make a purchase, you must obtain consent from your legal guardian before providing us with your personal data and proceeding with the purchase.
Please note that if you voluntarily provide us with your personal data during a purchase or registration process, we will use this information solely for the purpose of facilitating these specific processes. However, you have the right to withdraw your consent for personal data processing at any time.
It is important to emphasise that we do not request or process sensitive information from our customers. Therefore, please refrain from disclosing such information (such as details about ethnic background, political views, religious beliefs, trade union membership, health status, or sexual activity) to us, as it is not necessary for our services.
Data Collection and Processing:
The personal data processed by Alba Health ApS Filial (with Swedish organisation no516413-0691) has been obtained from you during the buying process or the sign-up process, as mentioned above. Additionally, we may collect personal data from external sources, such as credit reports and address updates. When you contact us via email, we assess the need for follow-up based on legal or service-related reasons, such as initiating a complaints procedure or tracking lost shipments. In cases where follow-up is not required, we delete the email after providing a response. Any information disclosed via email is not transferred to other databases unless specifically requested by you.
To process payment for your products on our website, our payment services provider requires information about your payment card. This information is solely processed by our service provider, in compliance with our personal data processor agreement. We only process your payment information, excluding the credit card number, when necessary to ensure effective handling of issues related to charges, purchase cancellations, and refunds.
Transfer of Personal Data to Third Parties:
In certain cases, we may engage personal data processors located outside the EU/EEA to handle the collected personal data. Before transferring personal data to these third parties, we implement appropriate protective measures to ensure they have adequate security measures in place. We do not transfer your personal data to third parties in any other manner than described above.
Direct Marketing via Electronic Communication:
As mentioned in point above, we may utilise your personal data to send newsletters and offers regarding our products that we believe may be of interest to you. We provide all our customers with the option to receive marketing materials about our products. We strive to customise such information to suit your preferences. If you prefer not to receive any marketing materials from us, you can opt-out through our marketing preferences. Alternatively, you can contact us at email@example.com to request exclusion from marketing communications.
Security and Protection of Your Personal Data:
All personal data is processed in a secure environment, and our website utilises SSL encryption to ensure the protection of your information.
Understanding Cookies and Their Usage:
Rectification or Erasure of Personal Data:
We take the responsibility to rectify or erase incorrect, incomplete, or unlawfully processed personal data. At the Company's own initiative or upon your request, we will promptly correct or delete such data. Any personal data that is no longer required for the purposes stated above will be erased.
Data Retention Period:
Your personal data is stored for as long as it is necessary to fulfil the objectives mentioned above.
Your Rights and Information on the Regulatory Authority:
You have the right to access information about the personal data we process, request rectification, erasure, or transfer of your personal data, and request restriction of processing. Additionally, you have the right to request an extract of the data register containing information about you. If you have any questions or wish to exercise your rights, please contact us using the contact details provided below.
Contact Details of the Data Controller:
The data controller for your personal data is Alba Health ApS Filial (org. no516413-0691) located in Nybrogatan 8, 114 36 Stockholm, Sweden. You can reach us via email at firstname.lastname@example.org . If you need to update or amend your disclosed information, have any questions, or wish to express your opinions about our products or the information we process, please feel free to contact our customer services team via email at email@example.com.
Updates to the Personal Data Policy:
We may update this personal data policy to align with changes in applicable legislation, address commercial needs, or meet the requirements of our customers, marketing partners, and service providers. Any updated versions of the policy will be published on our website, clearly indicating the date of the last update.