Privacy Policy

Privacy Policy

Data protection is a high priority for Saphe. Careful and responsible handling of your data comes naturally to us. In the following policy, we explain the personal and user-related data that we collect from you and the purpose for which we store and use them.

Our contact details:
Saphe A/S
CVR: 36704586
Address: Lyngvej 1, 9000 Aalborg
Telephone no.: +45 42 90 33 11
E-mail: info@saphe.dk

1. Personal data

Personal data are data relating to a person’s identity such as name, address, e-mail address, telephone number etc.

As soon as you register with Saphe as a customer, we store your name, address, telephone number and e-mail address in an electronic customer database which is only accessible to Saphe employees. Before you disclose your personal data, we ask you for your explicit consent and ensure that you know precisely what kind of data we are storing. We store your personal data in order to send you the goods you have ordered, communicate with you and comply with commercial regulations which, pursuant to Danish accounting legislation, must be stored for five years. To process your order, we disclose certain personal data to selected third parties. These include the service providers we use for logistics, transport and banking services to whom we disclose the necessary customer data for the purposes of packaging, delivery and payment. These service providers are only permitted to use your personal data to fulfil these tasks. Any other use of your data is prohibited. Confidential information is not stored by us and is therefore never disclosed.

As a Saphe customer, you are entitled to withdraw your consent at any time. You are also entitled to view the personal data about you that we store. These rights are regarded as being a part of GDPR. For further information, please send us e-mail at info@saphe.dk.

1.A Customer account and login

All registered customers have access to a personal, password-protected customer account. An e-mail address and password are required to log into this customer account. The password is selected by the customer in the first step of the registration process and is not visible to Saphe employees or others. The customer account contains your personal details, information about your orders and your membership. You yourself have access to correcting your personal data if they should be incorrect.

1.B Order confirmation and shipping confirmation

When you have completed a purchase on Saphe, we immediately send an automated order confirmation to the e-mail address you have given us. This includes your contact details (name and address) to which goods are sent and your order number, payment method and a list of the goods you have ordered. This e-mail also contains extracts from our General Terms and Conditions such as cancellation rules and warranty information.

When the goods have been dispatched, you receive an automated shipping confirmation sent to the e-mail address you have given us. The shipping confirmation contains your order number and tracking number (Track & Trace no.) which allow you to track your package.

1.C Disclosure of data to third parties

Personal data will only be collected and used by Saphe as data controller. Your personal data will never be disclosed or sold to third parties or external markets or for market research purposes. Only the data required for logistics, transport/delivery and payment are disclosed to the service providers involved.

These service providers are only permitted to use your personal data for their specific purposes. Any other use is prohibited and will under no circumstances take place. Find out more under third-party services.

2. Application data

Application data are data that can be collected when you visit a website. When customers visit Saphe, we register the way in which our customers navigate our website and the way in which our customers arrive on our website, the pages they view etc. We also register the goods that customers purchase from us. We do this in order to understand our customers’ behaviour to allow us to enhance and optimise the features and offering available on our website for the benefit of all our customers.

3. Cookies and IP address

A cookie is a file that contains information about whether you are a new or existing customer, the products you click on and the way in which you navigate our website. We usually store cookies for 12 months. Cookies are saved on your PC/laptop, tablet or smartphone. A cookie cannot identify you as a person. A cookie only recognises your PC/laptop, tablet or smartphone and shows an adapted version of our website.

You are able to set your browser to warn you when a website uses cookies. You also have the ability to deactivate cookies in your browser. If you want to delete your cookies, this can be done in your browser settings. If you have questions about your cookies, you are welcome to send an e-mail to info@saphe.dk.

Your IP address is the address of the computer you use for your visit. The IP address is registered to ensure that Saphe is always able to return to the computer used if any misuse or illegalities related to your visit have occurred.

4. Third-party services

We work with various third-party suppliers who place cookies on our behalf and register usage data. This covers e.g. the way in which you arrived on the Saphe website and the type of online advertising you click on. In this way we are able to provide usage-based online advertising that is customised to your personal preferences. All this takes place anonymously; Saphe does not store personal data such as name, address or e-mail address for this purpose. Any detected IP address is also anonymised.

Marketing
Saphe works with the following third-party suppliers for analysis and remarketing purposes:

A) GOOGLE ANALYTICS
Google Analytics is a service offered by Google Inc. which provides professional and complex web analysis. Find out more about Google Analytics.

B) GOOGLE ADWORDS
Google AdWords is an advertising system offered by Google Inc. which allows advertisers (in this case, Saphe) to target their advertising. Saphe uses Google AdWords for retargeting purposes. Find out more about Google AdWords.

C) FACEBOOK CUSTOM AUDIENCES
Facebook Custom Audiences is a Facebook tool enabling advertising targeted at particular groups. Saphe uses this Facebook tool for retargeting purposes. Find out more about Facebook Custom Audiences.

D) TRUSTPILOT
Saphe works with Trustpilot to help enhance people’s purchasing experiences. We only share your order confirmation with Trustpilot. Find out more at Trustpilot.

Logistics
Saphe offers delivery options from the following third-party suppliers:

A) POSTNORD
Saphe uses PostNord to ship our orders. We share order and delivery details, e-mail address and telephone number with PakkecenterNord. Find out more at PostNord.

Communication
Saphe further uses the following third-party suppliers:

A) SENDGRID
SendGrid is an e-mail dispatch service that handles all the e-mails Saphe sends to customers. We share e-mail addresses with SendGrid. Find out more at SendGrid.

Payment
Saphe does not store customer payment details. This is done by the respective payment provider used when customers make a purchase on our website. Saphe exchanges an ID with the payment provider who thereby identifies the payment method used. This payment ID is unique between Saphe, the payment provider and the user and cannot be used elsewhere.

Saphe uses the following payment providers/payment gateways:

  • Bambora (ePay)
  • MobilePay

If you have questions about the storage of your payment details, please write to the payment provider used for your Saphe payment. If you want to know which payment provider has been used for a specific order, please write to info@saphe.dk.

5. NO LIABILITY FOR THIRD-PARTY WEBSITES AND PARTNERS

Saphe assumes no responsibility for the privacy policies of third parties and partners. If you are interested in the privacy policies of the above, please contact them directly.

6. DATA SECURITY

Saphe takes the protection of your personal data extremely seriously. That is why we always take all reasonable precautions – technical as well as organisational – to ensure that the collection, use and storage of your data are correct. These technical and organisational procedures protect the data that we collect about you against unauthorised access and illegal disclosure. Nonetheless, Saphe cannot be held liable for errors in data transfer or unauthorised access by external unauthorised persons or organisations.

7. QUESTIONS AND SUGGESTIONS

If you have questions or comments about our data protection procedures, we are always available. Please contact customer service on info@saphe.dk.

8. CHANGES TO OUR PRIVACY POLICY

Saphe reserves the right to change the above Privacy Policy at any time pursuant to applicable data protection legislation.

9. TRANSFER TO THIRD COUNTRIES

As part of our processing of data, we transfer your personal data to recipients in the United States, but only to companies that are part of the EU Privacy Shield and thereby deemed secure according to the provisions contained in the General Data Protection Regulation (EU) 2016/679 of 27 April 2016.

During this processing of your personal data we will not transfer your personal data to recipients in the United States or other third countries which have been characterised as insecure third countries by the European Commission.

If we should need to transfer data to insecure third countries at a later date, this will only take place if the company in the third country in question has provided the required guarantees that the recipient’s level of personal data protection complies with this Privacy Policy and applicable EU legislation.

Transfers will therefore take place on one of the following bases:

  • That the recipient is certified to comply with the principles for protection of personal data under the US-EU Privacy Shield Framework (called ‘Privacy Shield’)
  • That we have entered into standard provisions on data protection with the recipient who, in the opinion of the European Commission, offers sufficient guarantees for the protection of privacy, basic rights and freedoms as well as the exercise of associated rights.

10. YOUR RIGHTS

If you wish to exercise the rights set out below, please contact us using the details listed at the top of this Privacy Policy.

We will process and respond to your enquiry as quickly as possible and no later than one month after having received your enquiry unless the complexity and scope of your request mean that we are unable to respond within one month. If this should be the case, we may take up to three months to respond, cf. Article 12 of the General Data Protection Regulation.

A) The right of access
You are entitled to access the personal data that Saphe A/S processes about you, cf. Article 15 of the General Data Protection Regulation. Access may be restricted due to considerations of commercial confidentiality and/or copyright.

B) The right to rectify or erase personal data
If you believe that the data that Saphe A/S processes about you are incorrect or contain errors, you are entitled to have these rectified or erased, cf. Articles 16 and 17 of the General Data Protection Regulation.

If we agree that the data we process are incorrect or contain errors, we will rectify or erase these data as soon as possible.

Rectification or erasure of personal data will, however, not be performed if Saphe A/S has a legal obligation to store all or some of your personal data or it is necessary to store these personal data in order to establish or defend a legal claim. If this should be the case, Saphe A/S will only store those data which Saphe A/S is legally obligated or entitled to and will delete other personal data about you.

C) The right to withdraw consent
You are at any time entitled in whole or in part to withdraw your consent to Saphe A/S processing your personal data, cf. Article 7 of the General Data Protection Regulation.

If you withdraw your consent, Saphe A/S will cease to process the personal data from which you have withdrawn your consent unless Saphe A/S is under legal obligation or entitled to store all or some of your personal data. If this should be the case, Saphe A/S will only store those data which Saphe A/S is legal obligated to store and will delete other personal data about you. Your withdrawal of consent does not affect the legality of the processing that Saphe A/S has performed until the date of withdrawal of your consent.

If you withdraw your consent to the processing of data that is required in order to use Saphe, we may have to delete all your data as your profile will no longer work without the required data.

D) The right to object
You are at all times entitled to object to Saphe A/S’s processing of your personal data. You are likewise entitled to object if you believe that your personal data are being processed in contravention of applicable regulations or the consent that you have given Saphe A/S, cf. Article 21 of the General Data Protection Regulation.

E) The right to restrict processing
You are entitled to restrict Saphe A/S’s processing of your personal data under the following circumstances, cf. Article 18 of the General Data Protection Regulation:

While Saphe A/S processes an objection that you have submitted to the correctness of the personal data that Saphe A/S processes about you or to the legality of such processing. Restriction of the processing applies until Saphe A/S has completed processing your objection.

Saphe A/S’s processing is incorrect, but you do not want to erase your data, but just restrict the use of your personal data.

F) The right to data portability
As our processing of your personal data is based on consent or a contract and our processing takes place automatically, you have the right to data portability. The right to data portability means that you are entitled to have the data with which you have provided us sent to you in a structured, commonly used and machine-readable format which you are then entitled to transfer to another service provider, cf. Article 20 of the General Data Protection Regulation.

11. COMPLAINTS

Danish Data Protection Agency
Address: Borgergade 28, 5, 1300 Copenhagen K
Telephone no.: 33 19 32 00
E-mail: dt@datatilsynet.dk
Website: www.datatilsynet.dk
* The European Parliament’s and the Council’s Regulation (EU) 2016/679 of 27 April 2016 on protection of physical persons in the processing of personal data and on free exchange of such information and on the repeal of Directive 95/46/EC.

As of 29 May 2018