Last revised: 2019-09-03
1. GENERAL INFORMATION
2. PROCESSED DATA
2.1 We are using sub-contractors as cloud-based servers for processing of our data and we are using our best endeavour to ensure they are compliant with the relevant legal framework.
2.2 We will process personal data as below when the Customer register and use the Application
(some of the information will be collected during the usage):
(a) first name and last name;
(b) email address;
(c) IP address;
(f) cup size;
(g) body measurements generated from scanning results;
(h) information about the Customer’s use of the Application, including purchase history;
(i) technical data, which may include unique device type & ID, network, language and operating system version and system performance information.
2.3 Personal data used for the scanning process (such as pictures of the Customer) is immediately deleted when the scanning is completed.
2.5 We will process the following personal data when you visit our Website:
(a) information about your use of the Website;
(b) content that you choose to provide us with on the Website, such as information you provide when completing forms;
(c) technical data, which may include the URL you are redirected to the Website from, your IP address, unique device ID, network and computer performance, browser type, language and identifying information and operating system.
3. PURPOSES OF PROCESSING
3.1 We will process the personal data set out above for the following purposes:
(a) to create a personal body ID which can be used for style- and size recommendations;
(b) to provide personal and relevant recommendations to you;
(e) to improve and develop the Application and Website and to analyse your use of the Application and Website;
(f) to ensure the technical functioning of the Application and Website and to prevent use of in breach of the terms and conditions; and
(g) to enforce the terms and conditions, including to protect our rights, property and safety and also the rights, property and safety of third parties if necessary.
4. LEGAL GROUND
5. DISCLOSURE OF PERSONAL DATA
5.1 We may share and disclose your personal data to a third party (e.g. retailers, payment service providers, and service providers hosting the Website) in order to provide you with the Application as required to deliver our services. Information will always be shared on an aggregate no-name basis.
5.2 Your information may be transferred outside the EU/EEA as some of our service providers are located outside the EU/EEA, but only to a country deemed adequate by the European Commission or if we have a transfer mechanism in place in accordance with the legislation of the EU. Please contact us for further information regarding such transfer.
6. RESPONDING TO LEGAL REQUESTS AND PREVENTING HARM
We may access, preserve and share your personal data in response to a legal request (like a search warrant, court order or a subpoena or the like), or when necessary to detect, prevent and address fraud and other illegal activity, to protect ourselves, you and other users, including as part of investigations.
7. COOKIES, PIXELS AND OTHER SYSTEM TECHNOLOGIES
We collect information by using technology such as cookies, pixels and tags (on your browser or device).
The services provided through the Application or the Website are not directed to persons under the age of 13. If you are a parent or guardian of a person under the age of 13 and you become aware of that your child has provided personal data to us without your consent, please contact email@example.com to exercise your access, rectification, erasure, limiting of processing and objection rights.
10. YOUR RIGHTS
10.1 You have an absolute right to object to the processing of your personal data for direct marketing. You also have the right to recall your prior given consent. The withdrawal of your consent does not affect the lawfulness of the processing based on the consent before its withdrawal, and we may continue processing your personal data based on other legal grounds, except for direct marketing.
10.2 You have the right to request access and further information concerning the processing of your personal data, or request that we correct, rectify, complete, erase or restrict the processing of your personal data. You have the right to obtain a copy of the personal data that we process relating to you free of charge once (1) every calendar year. For any additional copies requested by you, we may charge a reasonable fee based on administrative costs.
10.3 If the processing is based on the legal grounds consent or fulfilment of contract you have the right to data portability. Data portability means that you can receive the personal data that you have provided to us, in a structured, commonly used and machine-readable format, and have the right to transfer such data to another data controller.
11. CONTACT INFORMATION
11.1 To exercise your rights, or if you have any questions regarding our processing of your personal data, please contact us at the following address firstname.lastname@example.org or The Fit Sweden AB, Energivägen 11, 952 31 Kalix. In your letter/email please state your full name and email address you have signed up with in our services. Note that you should sign the request to receive information of the processing of your personal data yourself.
11.2 If you have any complaints regarding our processing of your personal data, you may file a complaint to the competent data protection authority. You can find out more about the local data protection authorities under the following link http://ec.europa.eu/justice/dataprotection/bodies/authorities/index_en.html.
4128-0713-5006, v. 5