GDS Butiken

Data protection and privacy policy

Data protection and privacy policy

The personal data we collect about you may come from GDS Butiken’s websites (both owned and third-party sites as well as social networks), our apps, emails, SMS and other electronic messages, customer service calls, physical stores, printed and digital registration forms for competitions, promotions, events, etc. We also gather publicly available information from social networks.

The data we collect

We collect personal contact information such as name, postal address, email address, social media information, or phone number. Additionally, we may require information to grant access to your specific account profile, such as login name/email address, screen name, irrevocable passwords, or security questions and answers. Demographic data includes birthdate, age or age range, gender, geographic location (e.g., postal code), favorite products, hobbies, and lifestyle information. Consent to process personal data is valid only for individuals aged 18 and above.

Technical Data

Details about the devices you use to access our websites or apps, including the IP address of your computer or device, operating system type, and browser type and version. If you access a GDS Butiken website or app via a smartphone or another mobile device, we may also collect data such as the device’s unique ID, advertising ID, geographic location, and similar information.

Data on Website Usage

When you visit or interact with our websites or newsletters, we use automatic data collection technology to gather specific information about your activities. This includes data on which links you click, which pages or content you view and for how long, as well as other similar data and statistics, such as response times to content, file download errors, and visit durations on specific pages. This data is automatically gathered using cookies (browser cookies, flash cookies) and web beacons as well as through third-party tracking services. For more details, see the sections “Customize Your Personal Data” and “Cookies/Similar Technologies.”

Consumer Feedback

Voluntary feedback you provide regarding your experiences with our products and services.

User-Generated Content

Content you create and share with us by uploading it to one of our websites or apps, including apps on social networks like Facebook. This could include photographs, videos, personal stories, or other content. Where permitted, we may collect and publish user-generated content in connection with various activities, including competitions, promotions, community activities, and participation in third-party social networks.

Information on Social Networks

Publicly shared information on a social network or details from your profile on a third-party social network (e.g., Facebook) that you permit the network to share with us. This includes basic account information (name, email address, gender, birthday, hometown, profile picture, username, friend list, etc.) and additional data or activities that you allow the social network to share. Every time you access or communicate with a GDS Butiken web application via a social network, or use a social networking feature integrated into a GDS Butiken website, or interact with us on a social network, we may obtain data from your profile. To learn more or to withdraw consent, consult the social network’s privacy policy.

Payment and Financial Data

This includes all necessary data to complete an order or that you use to make a purchase, such as payment or credit card information (cardholder name, card number, expiry date) or other payment methods. We do not handle banking information like credit card details directly; these are managed by affiliated banking providers. Regardless of the method, we handle payment and financial data in compliance with applicable laws and standards, such as PCI DSS.

Customer Service Calls

Calls to our customer service may be recorded as permitted by applicable law for operational purposes (e.g., for quality or training purposes) and, in some cases, to document consent for direct marketing and profiling. Payment card details are not recorded. If required by law, you will be informed of the recording at the start of the call and given the option to decline.

Methods of Data Collection:

Log Files

We collect data in the form of log files that track activity on the websites and collect statistics about your browsing habits. These files are automatically generated and help us troubleshoot, improve performance, and maintain website security.

Web Beacons

Web beacons are small strings of code that create a graphic image on a web page or in an email and are used to transmit data back to us. Information collected through web beacons may include technical details like IP addresses and data on your response to email campaigns (e.g., when the email was opened and which links were clicked). We may use web beacons on our websites or embed them in emails you receive from us.

Customer Service Calls

Calls to our customer service may be recorded as permitted by applicable law for operational purposes (e.g., for quality or training purposes) and, in some cases, to document consent for direct marketing and profiling. Payment card details are not recorded. If required by law, you will be informed of the recording at the start of the call and given the option to decline.

Competitions, Marketing, and Other Promotions

With your consent (if required), we use your personal data to provide information about products or services (e.g., marketing materials, promotions, or offers). This could be via email, ads, SMS, calls, or postal mail, as permitted by applicable laws. Some promotions may be run on third-party websites and/or social networks. Participation is voluntary, and you may opt out of processing for these purposes. For details on specific promotions, see the official rules or associated information.

Social Networks

We use your personal data to send you advertisements and communicate with you on social networks when you interact with third-party social network features, such as “like” buttons. Review the social network’s privacy policy for more details on these functions, what profile data we may access, and how to manage or restrict sharing.

Personalized Experiences (Offline and Online)

With your consent (if required), we use your personal data to analyze your preferences and habits, anticipate your needs, improve and tailor your experience on our websites and apps, and ensure that content is optimized for your device. For instance, we may remember your username, email address, or screen name to streamline your login process or help you find previously selected items. We may also display tailored GDS Butiken content or promotions.

Order Fulfillment

We use your personal data to process and deliver your orders, inform you about your order status, verify addresses, confirm your identity, and conduct fraud prevention activities. This involves using certain personal contact details and payment information.

General Purposes (Including Internal Research, Analysis, and Security)

In accordance with applicable laws, we use your information for general business purposes, such as internal marketing research, demographic studies, and measuring the effectiveness of advertising campaigns. If you have multiple accounts, we may consolidate them into one. Additionally, we use your personal data to ensure our own security.

Information Shared with Third Parties

We are committed to protecting your personal data. Except where you have provided consent, we do not license or sell your personal data to third parties for their own marketing purposes.

Service Providers

This includes external companies we hire to help us operate our business (e.g., order fulfillment, payment processing, fraud prevention, identity verification, debt collection, website operations, support services, promotions, web development, customer service, etc.). Service providers and their staff may only use your personal data on our behalf and for the specific tasks they have been assigned. They are obligated to keep your personal data confidential and secure. Where required by law, you may request a list of the service providers that process your personal data.

Legal Obligations

If GDS Butiken or its assets are acquired or merged with another company, including through bankruptcy, we may share your personal data with our successors. We may also disclose your personal data to third parties as required by law, during legal proceedings (e.g., responding to requests from competent law enforcement authorities), to protect our rights, privacy, safety, property, or the public, or to enforce the terms and conditions of our website.

How Your Personal Data Is Protected

In accordance with applicable legislation, we use your personal data for as long as necessary to fulfill the purposes for which your personal data was collected (or to comply with applicable legal requirements). Personal data used to provide you with a personalized experience is retained for as long as permitted under applicable legislation.

Access to Your Personal Data

Your personal data is only processed by authorized personnel as required to perform their duties and depending on the purposes for which your personal data was collected (e.g., customer service staff may access your customer records).

Operational Measures

We store your personal data in operating environments that employ adequate security measures to prevent unauthorized access. We adhere to reasonable standards for the protection of personal data. However, data transmission over the internet is not entirely secure. While we strive to protect your personal data, we cannot guarantee the security of data transmitted through our websites.

If we detect a data breach, GDS Butiken will notify the Data Protection Authority and affected customers.

Measures You Can Take

It is crucial for you to help keep your personal data safe. For instance, choose a password that is hard to guess. Never share your password with anyone. You are responsible for keeping your password confidential and for any activity that occurs on your account. If using a shared or public computer, ensure that your account credentials are not saved and always log out after use. Utilize the privacy settings or controls provided on our website or app.

Transfer of Your Personal Data

The storage and processing of your personal data as outlined above may involve transferring your personal data to and/or storing it in a location outside your home country, often in Switzerland or Luxembourg. Transfers of data to countries outside the EU require that the receiving country has an agreement with the EU (e.g., Privacy Shield in the USA) or is deemed to have adequate data protection laws. By accepting this policy, you consent, as far as the law allows, to the transfer, storage, and processing of your personal data. You also acknowledge that this may occur in countries with lower levels of data protection than your home country.

Customize Your Personal Data:

Cookies/Similar Technologies

You can set your browser to block all or certain cookies or to notify you when a website uses cookies.

Advertising, Marketing, and Promotions

You may opt out of marketing communications from any medium, including third-party social networks, at any time by contacting customer service. Please note that even if you opt out of marketing messages, you may still receive administrative messages, such as order confirmations, account activity notifications, and other critical communications.

Interest-Based Advertising

We may collaborate with advertising networks and other advertising service providers (“advertising providers”) that we and other unrelated companies use to produce internet advertising. Some of these advertisements are tailored to your interests based on data collected on GDS Butiken’s websites or unrelated websites over time.

Accessing Your Data

Where provided by law, you, your successors, representatives, and/or agents have the right to access, review, and request a physical or electronic copy of the data we have about you. You may also have the right to request information about the source of your personal data. You can exercise these rights by contacting us, after which we will verify your identity. Requests submitted by someone other than you without proof of authorization will be rejected. All submitted data will be treated in accordance with applicable laws.

Modification and Deletion of Personal Data

Where provided by law, you, your successors, representatives, and/or agents may request the deletion, correction, or modification of your personal data, object to its processing, restrict its use and disclosure, and revoke consent for its processing. Note that in some cases, we may not be able to delete your personal data without also deleting your account. Certain personal data may need to be retained after a deletion request to meet our legal or contractual obligations. Applicable law may also permit us to retain specific personal data to meet our business needs. Some of our websites feature a function to review and edit the personal data you provided. Registered customers must verify their identity (e.g., login name/email address, password) to access and modify account information. This helps prevent unauthorized access.

Changes to the Policy

GDS Butiken reserves the right to amend the data protection and privacy policy. If significant changes are made, members will be informed in advance.

Contact Us

If you have questions or wish to provide feedback about the policy and our privacy practices, contact us at: kundtjanst@gdsbutiken.se