Privacy Policy
Privacy and Marketing Policy
Latest update: 2023-08-22
General
We at Nattiluxe Sweden want you to feel secure when you provide your personal data to us. This privacy policy explains how we collect, use, disclose, and store your personal data and how we otherwise ensure that your personal data is processed in accordance with applicable legislation. It is important for us that you read and understand this privacy policy and feel secure about how we process your personal data.
Who is responsible for your personal data?
2.1 Nattiluxe Sweden, with org. nr 5590740824 and postal address Lill-jans plan 6, 11425 Stockholm (in this policy called "Nattiluxe Sweden") is responsible for the processing of your personal data when Nattiluxe Sweden provides and markets products and services and in other contacts with Nattiluxe Sweden, such as visits to our web store or service matters via email and phone. As the data controller, it is Nattiluxe Sweden's responsibility to ensure that your data is handled correctly and securely in accordance with applicable legislation.
2.2 Nattiluxe Sweden has a joint IT infrastructure with certain companies within the Nattiluxe Sweden group. Business transactions with our customers and the associated personal data and databases covered by this infrastructure are managed and owned centrally by Nattiluxe Sweden. Nattiluxe Sweden, therefore, has the decisive influence over your personal data and has ensured control and secure handling of your personal data through agreements with other group companies.
What personal data about you do we process?
Nattiluxe Sweden collects and processes the following categories of personal data about you as a customer or potential customer in connection with your purchases, use of our services, and when we market and sell our products and services.
Contact details such as name, title and signing authority, email address, delivery address, invoice address, and phone number.
Age
Account information such as customer number, username, password, and when the account was registered or changed.
Customer preferences regarding settings for marketing communication and personal offers
Identification numbers, i.e., social security number or organization number.
Order information such as order number, ordered products or services, order date, price, any discount, and purchase history.
Payment details such as payment method, card number, cardholder, transaction time, amount, IP address, and payment history.
Financial information such as credit reports.
Correspondence and other information about support matters such as recordings of calls, notes, and emails when contacting customer service.
User-generated data about your interaction with Nattiluxe Sweden's marketing communication and websites, such as IP address, device information (technical information about computer, mobile phone, and other devices you use e.g., browser settings, time zone, operating system), location information, responses to surveys, and click and visit history which among other things shows which of our goods or offers you have been interested in, how you interact with our newsletters and which of our events you have registered for and participated in, as well as results from customer satisfaction or market surveys.
Behavior and/or preferences such as participation in events, reviews of customer experience at Nattiluxe Sweden, and activity patterns in store to evaluate suspicion of crime.
If you are entitled to use various offers or discounts through membership in various associations or organizations that have negotiated agreements with Nattiluxe Sweden for their members.
Information provided in competition entries and registration for and evaluation of events or other marketing measures including health data such as information about allergies.
Video recordings from camera surveillance in our stores.
From what sources do we collect data about you as a customer?
4.1 Nattiluxe Sweden collects your personal data directly from you when you place an order, visit Nattiluxe Sweden's website, participate in our events, click on links in digital marketing communication that we have sent to you, are in contact with our customer service, and when you otherwise have contact with Nattiluxe Sweden and provide information about yourself. Information about you is collected at these times so that you can enter into an agreement with Nattiluxe Sweden and so that Nattiluxe Sweden can provide its products and services to you.
4.2 If you are the holder of a Nattiluxe Sweden account, Nattiluxe Sweden also collects personal data about you during the registration of the account and as long as you are an account holder, e.g., your purchase history, your behavior on Nattiluxe Sweden's website, your customer preferences for receiving marketing communication, and which offers you have been interested in by visiting our web store and by reading or clicking on links in our digital mailings.
4.3 In addition to the data that Nattiluxe Sweden collects from you, we may also collect personal data from someone else, i.e., from a third party. We obtain information from public registers via third-party services for address updates, to check that we have the correct contact
information for you. We obtain data about creditworthiness from credit rating agencies, information companies, or banks. We also obtain information for marketing purposes from social media.
"4.4 Nattiluxe Sweden also collects certain personal data through cookies that log how you use our website and thus which content you prefer.
Why do we process personal data about you?
Nattiluxe Sweden collects and manages information about you for various purposes. These purposes set the outer limits for what we can use your personal data for. Below we explain the purposes of our processing and give examples of which processing activities take place for each purpose. Please note that some of your personal data may be processed for several purposes.
a) Manage orders and purchases
Processing of personal data for this purpose includes activities to identify you, send order confirmation, handle payment for ordered products and goods, and assess which payment methods we can offer you (based on contact information, ordered goods, payment history, and financial information), deliver orders, notify about delivery, and handle complaints and warranty cases regarding purchased products and services.
The collection of information that we do to manage your orders and purchases is necessary for us to fulfill our obligations according to Nattiluxe Sweden's sales terms. If the information is not provided by you, our obligations cannot be fulfilled and we may then deny you the order or purchase.
b) Provide and manage Nattiluxe Sweden account
We process personal data for this purpose to, for example, give you authorization to log into the account, verify your identity, create your personal pages, maintain correct contact information, manage your settings for market communication and personalized offers, facilitate your shopping in our web store with prefilled information and saved digital shopping carts, facilitate handling of cases and complaints, and enable you to follow your order and payment history.
Read more about the registration of Nattiluxe Sweden account in the terms for Nattiluxe account. The collection of information that we do to provide and administer your Nattiluxe Sweden account is required for us to fulfill our obligations according to the Terms for Nattiluxe Sweden account. If the information is not provided, our obligations cannot be fulfilled and we may then deny you account registration or terminate the Nattiluxe Sweden account.
c) Provide customized information, benefits, and offers as well as a personal experience of our web store to you who have Nattiluxe Sweden account
We at Nattiluxe Sweden want you to have the best possible experience when you visit our website and when we communicate with you. Therefore, we process personal data for this purpose so we can improve your user experience with the aim of creating, offering, and giving you personally customized content in communication and marketing via mail, email, SMS/MMS, and phone with individual benefits and offers, recommendations, invitations to events, and other information that we believe is relevant to you, as well as remind about abandoned digital shopping carts. To enable this, analyses are performed on the data that Nattiluxe Sweden collects such as age, place of residence, order history, and user-generated data.
Read more about how we customize our offers and communication according to your personal characteristics and how you decline personal offers in the terms for Nattiluxe Account. The collection of information that we do for the purpose is required for us to fulfill our commitments according to these terms. If the information is not provided, our commitments cannot be fulfilled and we may then have to limit certain benefits and other advantages associated with your account.
d) Provide customized information, benefits, and offers as well as a personal experience when we communicate with you who do not have Nattiluxe Sweden account
We at Nattiluxe Sweden want you to have the best possible experience when you visit our website and when we communicate with you. Therefore, we process personal data for this purpose so we can improve your user experience with the aim of creating, offering, and giving you personally customized content in communication and marketing via mail, email, SMS/MMS, and phone with individual benefits and offers, recommendations, invitations to events, and other information that we believe is relevant to you. To enable this, analyses are performed on the data that Nattiluxe Sweden collects such as age, place of residence, order history, and user-generated data.
The collection of information that we do for the purpose is based on consent. The consent can be withdrawn at any time by contacting us at sleep@nattiluxe.com
e) Provide information about and market products and services
We process personal data for this purpose to inform and market the products, services, and offers that the Nattiluxe Sweden group sells via mail, email, SMS/MMS, and phone, show recommendations, remind about abandoned digital shopping carts, and invite to events, competitions, and market and customer satisfaction surveys.
f) Conduct and manage participation in events, competitions, and other marketing measures
Processing of personal data for this purpose includes actions to, for example, identify participants, communicate with
participants in a competition, and appoint winners and mediate prizes, verify participants' age, and communicate with participants before and after an event (such as confirmations of registrations, reminders, and evaluations). Please note that information about your participation in events falls under the category of user-generated data that is processed for other purposes.
g) Handle cases that come to Nattiluxe Sweden's customer service or other support functions
Processing of personal data for this purpose includes Nattiluxe Sweden's activities to, for example, communicate, verify the customer's identity, investigate complaints and support cases, answer questions that come to customer service or other support functions via email, phone, or digital channels, correct incorrect information, provide technical support, and nurture the customer relationship.
h) Fulfill legal obligations required by the Nattiluxe Sweden group
Personal data is processed for this purpose for the Nattiluxe Sweden group to fulfill requirements in laws, judgments, or government decisions. Examples of such requirements include product liability and product safety such as the production of communication and information about product alarms and product recalls (e.g., in the case of a defective or health-hazardous product) and obligations to save certain information according to the accounting law that can be attributed to an individual. If the data that Nattiluxe Sweden collects within the framework of this purpose is not provided, our legal obligation cannot be fulfilled and we may then deny you the order, purchase, or the activity that gives rise to our legal obligations.
i) Prevent misuse of Nattiluxe Sweden accounts and prevent, prevent, and investigate crimes within the framework of our operations and establish, defend, or assert legal claims
Processing of personal data for this purpose is done, among other things, to prevent misuse of Nattiluxe Sweden accounts and prevent and investigate suspicions of theft and fraud. Therefore, we have camera surveillance in our physical stores and when you want to pay for goods by invoice, we perform a fraud check where we analyze which products you want to buy, delivery address, the value of the products, etc. We flag action patterns that often occur in connection with fraud and then a manual review is carried out to investigate the risk that it may be a fraud attempt. Suspected crimes and attempts at crimes may be reported to the police.
j) Evaluate, develop, and improve the Nattiluxe Sweden group's services, products, and systems for our customers in general
Processing of personal data for this purpose includes activities to, among other things, make our web store and other services more user-friendly, develop or highlight digital functions, improve our customer offer (e.g., development of services and products), produce documentation with the aim of improving goods and logistics flows (e.g., to be able to forecast purchases, stock, and deliveries), develop and improve the company's range and resource efficiency, and improve our IT system to increase security, produce statistics for market and customer analyses as well as business follow-up and business and method development related to orders and purchases, automatically archive behaviors that may later need to be reviewed for security reasons, and give customers the opportunity to influence the range that Nattiluxe Sweden offers. To be able to fulfill this purpose, Nattiluxe Sweden performs general analyses in aggregated form, i.e., not at the individual level, regarding, among other things, click and visit behavior, device information, order history, payment history, geographic location, and individual customer feedback.
What are the legal bases for our processing of your personal data?
For Nattiluxe Sweden to be entitled to collect and process your personal data, there must be a legal basis for each purpose for which the data is processed. The legal bases on which we base our processing are described in this section. Please note that several legal bases may be applicable for the same processing.
a) Legal obligation
This basis means that our processing is necessary to fulfill a legal obligation required by Nattiluxe Sweden, for example, to document payment details to meet the requirements of the accounting law.
Here is the translated text with the specified replacements:
```
b) Provide and manage Nattiluxe Sweden account
We process personal data for this purpose in order to, for example, give you authorization to log in to the account, ensure your identity, create your personal pages, maintain accurate contact information, manage your market communication settings and personalized offers, facilitate shopping in our web store through pre-filled details and saved digital shopping carts, facilitate the handling of cases and complaints, and enable you to follow your order and payment history.
Read more about the registration of Nattiluxe Sweden account in the terms for Nattiluxe account. The collection of data that we do to provide and manage your Nattiluxe Sweden account is required for us to fulfill our obligations according to the Terms for Nattiluxe Sweden account. If the data is not provided, our obligations cannot be fulfilled and in such case, we may deny you the registration of an account or terminate the Nattiluxe Sweden account.
c) Provide personalized information, benefits, and offers, and give a personalized experience of our web store to you who have a Nattiluxe Sweden account
We at Nattiluxe Sweden want you to have the best possible experience when you visit our website and when we communicate with you. Therefore, we process personal data for this purpose so we can improve your user experience in order to create, offer, and provide you with personalized content in communication and marketing via mail, email, SMS/MMS, and phone with individual benefits and offers, recommendations, invitations to events, and other information that we believe is relevant to you, and remind you of abandoned digital shopping carts. To enable this, analyses are performed on the data that Nattiluxe Sweden collects such as age, residence, order history, and user-generated data.
Read more about how we tailor our offers and communication to your personal characteristics and how you decline personal offers in the terms for Nattiluxe Account. The collection of data that we do for the purpose is required for us to fulfill our commitments according to these terms. If the data is not provided, our commitments cannot be fulfilled and in that case, we need to limit certain benefits and other advantages linked to your account.
d) Provide personalized information, benefits, and offers, and give a personal experience when we communicate with you who do not have a Nattiluxe Sweden account
We at Nattiluxe Sweden want you to have the best possible experience when you visit our website and when we communicate with you. Therefore, we process personal data for this purpose so we can improve your user experience in order to create, offer, and provide you with personalized content in communication and marketing via mail, email, SMS/MMS, and phone with individual benefits and offers, recommendations, invitations to events, and other information that we believe is relevant to you. To enable this, analyses are performed on the data that Nattiluxe Sweden collects such as age, residence, order history, and user-generated data.
The collection of data that we do for the purpose is based on consent. Consent can be withdrawn at any time by contacting us at sleep@nattiluxe.com
e) Provide information about and market products and services
We process personal data for this purpose to inform you via mail, email, SMS/MMS, and phone about and market the products, services, and offers that the Nattiluxe Sweden group sells, show recommendations, remind you of abandoned digital shopping carts, and invite you to events, competitions, and market and customer satisfaction surveys.
f) Conduct and manage participation in events, competitions, and other marketing actions
Processing of personal data for this purpose includes actions to, for example, identify participants, communicate with participants in a competition, appoint winners and mediate prizes, check participants' ages, and communicate with participants before and after an event (such as confirmations of registrations, reminders, and evaluations). Please note that information about your participation in events is covered by the category of user-generated data processed for other purposes.
g) Handle cases that come into Nattiluxe Sweden's customer service or other support functions
Processing of personal data for this purpose includes Nattiluxe Sweden's activities to, for example, communicate, ensure the customer's identity, investigate complaints and support cases, answer questions that come into customer service or other support functions via email, phone, or digital channels, correct incorrect information, provide technical support, and nurture the customer relationship.
h) Fulfill legal obligations required by the Nattiluxe Sweden group
Personal data is processed for this purpose so that the Nattiluxe Sweden group can meet requirements in laws, judgments, or government decisions. Examples of such requirements are product liability and product safety such as the production of communication and information about product alarms and product recalls (e.g., in the case of a defective or health-hazardous product) and obligations to save certain information according to the accounting law that can be attributed to an individual. If the data that Nattiluxe Sweden collects within the
scope of this purpose is not provided, our legal obligation cannot be fulfilled and we may in that case deny you the order, purchase, or the activity that gives rise to our legal obligations.
i) Prevent abuse of Nattiluxe Sweden accounts and prevent, prevent, and investigate crimes within the scope of our business and to establish, defend, or assert legal claims
Processing of personal data for this purpose is done, among other things, to prevent abuse of Nattiluxe Sweden accounts and prevent and investigate suspicion of theft and fraud. Therefore, in our physical stores, we have camera surveillance, and when you want to pay for goods on invoice, we therefore carry out a fraud check where we analyze which products you want to buy, delivery address, the value of the products, etc. We flag behavioral patterns that often occur in connection with fraud and then a manual review is carried out to investigate the risk that it may be a question of a fraud attempt. Suspected crimes and attempts at crimes may be reported to the police.
j) Evaluate, develop, and improve the Nattiluxe Sweden group's services, products, and systems for our customers in general
Processing of personal data for this purpose includes activities to, among other things, make our web store and other services more user-friendly, develop or highlight digital functions, improve our customer offering (e.g., development of services and products), produce documentation for the purpose of improving goods and logistics flows (e.g., to be able to predict purchases, inventory, and deliveries), develop and improve the company's range and resource efficiency, and improve our IT system to increase security, produce statistics for market and customer analyses and business follow-up as well as business and method development related to orders and purchases, automatically archive behaviors that may later need to be reviewed for security reasons, and give customers the opportunity to influence the range that Nattiluxe Sweden offers. To be able to fulfill this purpose, Nattiluxe Sweden performs general analyzes in aggregated form, i.e., not at the individual level, regarding, among other things, click and visit behaviors, device information, order history, payment history, geographic location, and individual customer feedback.
What are the legal bases for our processing of your personal data?
For Nattiluxe Sweden to have the right to collect and process your personal data, there must be a legal basis for each purpose for which the data is processed. The legal bases on which we base our processing are described in this section. Please note that several legal bases may apply to the same processing.
a) Legal obligation
This basis means that our processing is necessary to fulfill a legal obligation required by Nattiluxe Sweden, such as documenting payment details to meet the requirements of the accounting law.
b) Contractual obligations
This basis means that the processing is necessary to fulfill a contract with you as a customer or to be able to enter into a contract at a later stage. For you who are the holder of a Nattiluxe Sweden account, you have, by accepting the terms for Nattiluxe account, entered into an agreement with Nattiluxe Sweden that sets the framework for which processing of your personal data can take place to provide, manage, and administer our services linked to the Nattiluxe Sweden account, e.g., analysis of your personal characteristics to give you personally adapted benefits and offers. When ordering or purchasing, we process your data to fulfill obligations according to Nattiluxe Sweden's general terms of sale. Then, for example, it may be necessary for Nattiluxe Sweden to register your contact information so we can fulfill our obligation to deliver the product or service and that we conduct a credit check if you choose invoice as the payment method so we can ensure your payment ability.
c) Legitimate interest
This basis means that our processing is based on a so-called balance of interests of legitimate interest. This means that the processing takes place because Nattiluxe Sweden assesses that we have legitimate interests in processing your personal data that outweigh your interest in not having the personal data processed. On this basis, we process, among other things, your personal data to prevent abuse of Nattiluxe Sweden account and to prevent, prevent, and investigate crimes within the scope of our business. If we assess that a crime or an attempt at a crime has been committed and we make a police report, Nattiluxe Sweden will also continue to process your personal data so that we can establish, defend, or assert legal claims.
d) Consent
This basis means that we process your personal data when you have given your explicit consent to our processing. For example, Nattiluxe Sweden obtains your consent to process personal data about allergies when ordering food for an event. You have the right to withdraw your consent at any time. The withdrawal of consent should not affect the legality of processing based on consent before it is withdrawn.
How long do we store your personal data?
7.1 Nattiluxe Sweden will store your personal data as long as necessary to fulfill the purposes for which the data is processed. The duration of the storage period depends on the purpose for which the data is processed. Additionally, Nattiluxe Sweden may store the data longer if necessary to establish, defend, or assert legal claims, for example, if there is an ongoing dispute or if a report of a crime has been submitted to the Police Authority. We regularly carry out purges and delete personal data that is no longer necessary.
7.2 Nattiluxe Sweden stores personal data associated with your Nattiluxe Sweden account as long as you are active by interacting with Nattiluxe Sweden in various ways. If you have been inactive for a certain period, the Nattiluxe Sweden account will automatically be terminated, and the personal data that we have collected and processed to provide the Nattiluxe Sweden account and services linked to the account ownership will be deleted.
Overview of our personal data processing
Below, we have made an overview compilation of our processing of personal data to clearly explain which categories of personal data we process for our different purposes, the legal basis for our processing, and how long we store the data.
Purpose
- Legal Basis
Categories of Personal Data
Storage Time
To manage your orders and purchases
Contractual obligations according to Nattiluxe Sweden's general sales terms
Contact information
Account information
Identification number
Order information
Payment details
Financial information
Five years after your order is paid and delivered, or as long as a complaint about a defective product has not been concluded. If the warranty period for the purchased product or service is longer, after that period has expired or as long as a warranty claim is ongoing.
To provide and manage your Nattiluxe Sweden account
Contractual obligations according to the Terms for Nattiluxe Sweden account
Contact information
Account information
Identification number
Order information
Payment details
User-generated data
Customer choices
As long as you have a Nattiluxe Sweden account or as long as a legal claim exists.
To provide personalized information, benefits, and offers and give a personalized experience of our online store to you who have a Nattiluxe Sweden account
Contractual obligations according to the Terms for Nattiluxe Sweden account
Contact information
Age
Account information
Order information
Payment details
User-generated data
Customer choices
Employment or membership entitling to benefits
As long as you have a Nattiluxe Sweden account or as long as a legal claim exists.
Provide personalized information, benefits, and offers and give a personal experience when we communicate with you who do not have a Nattiluxe Sweden account
Consent
Contact information
Age
User-generated data
Two years after you last clicked on a link in our communication to you.
To provide information about and market products and services
Legitimate interest
Contact information
Account information
Age
Order information
User-generated data
Customer choices
Two years after you last clicked on a link in our communication to you or as long as a legal claim exists.
To conduct and manage participation in events, competitions, and other marketing measures
Legitimate interest
Consent (regarding allergy when ordering food)
Contact information
Account information
Identification number
Data submitted in competition entries, registration, and evaluation
Allergy information when ordering food
One year after the event or competition has ended or as long as a legal claim exists.
To manage cases that come into customer service and other support functions
Contractual obligation according to the Terms for Nattiluxe Sweden account for you as an account holder
Legitimate interest for you who are not a holder of a Nattiluxe Sweden account
Contact information
Account information
Identification number
Order information
Payment details
User-generated data
Employment or membership entitling to benefits
Correspondence and other information about support cases
Audio recordings of calls to customer service and other support functions
Five years after the last contact in the case, or as long as a complaint about a defective product has not been concluded. If the warranty period for the product or service concerned is longer than five years, after the warranty period has expired or as long as a warranty claim is ongoing.
Audio recordings of calls to customer service and other support functions are deleted after 20 days.
To fulfill legal obligations such as requirements in accounting laws, product liability, and the protection of your personal data in our systems
Legal obligation
Contact information
Account information
Identification
number
Order information
Payment details
Correspondence and other information about support cases
As long as we are required to store the data according to applicable law or government decision or as long as a legal claim exists.
To prevent misuse of Nattiluxe Sweden accounts and prevent, deter, and investigate crimes within the scope of our operations and to establish, defend, or assert legal claims
Legitimate interest
Contact information
Account information
Identification number
Order information
Payment details
User-generated data
Behavior and/or preferences
Video recordings from our stores
For the duration of necessary checks. If the processing leads to a police report, the data will be stored as long as required to complete the report and establish, defend, or assert the legal claim.
Video recordings from our stores are stored for 8 weeks.
To evaluate, develop, and improve Nattiluxe Sweden Group's services, products, and systems for our customers in general
Legitimate interest
Contact information
Account information
Age
Order information
Payment information
User-generated data
Behavior and/or preferences
Customer choices
Correspondence and other information about support cases
As long as you have a Nattiluxe Sweden account for you as an account holder.
Five years after you last interacted with Nattiluxe Sweden if you are not a holder of a Nattiluxe Sweden account, for example, visited our website, logged in to a previous Nattiluxe Sweden account, or clicked on a link in our communication to you or as long as a legal claim exists.
Who do we share your personal data with?
9.1 Nattiluxe Sweden may disclose your data to other companies so that you can take part in our offers, products, and services. The recipients of your personal data can either be data processors for Nattiluxe Sweden, i.e., companies that process your data on our behalf and according to our instructions, or independently responsible for data processing, i.e., companies that independently manage the processing of your data as they have a direct relationship with you as a customer, such as Klarna.
9.2 Nattiluxe Sweden may also disclose your data to authorities if it is necessary to comply with the law, regulation, or government decision or for Nattiluxe Sweden to be able to establish, defend, or assert legal claims.
9.3 Depending on the contacts you have had with Nattiluxe Sweden, for example, if you are a holder of a Nattiluxe Sweden account or receive marketing communication, Nattiluxe Sweden may disclose your personal data to the following recipients:
Other companies within the Nattiluxe Sweden Group acting as data processors for Nattiluxe Sweden for us to fulfill the various purposes stated in this policy. The legal bases for the transfer to our group companies are the same as for our own processing.
Companies that provide information from population registers or other public records to ensure that we have the correct contact details for you so we can handle your orders and purchases and your Nattiluxe Sweden account and services linked to your account ownership. The data disclosed are identification numbers and contact information based on our contractual obligations to you as the legal basis.
Analysis and marketing companies that provide services such as automated marketing tools, analytics, communication, print, and distribution. These recipients help Nattiluxe Sweden analyze your data and inform about and market the products and services that Nattiluxe Sweden sells. The data disclosed are contact information, account information, customer choices, order details, and user-generated data based on legitimate interest and our contractual obligations to you as the holder of a Nattiluxe Sweden account as legal bases.
Government authorities, such as the Police Authority or the Swedish Tax Agency, which we are obliged to disclose your personal data to according to law or government decision or to which we disclose personal data due to suspicion of crime or attempted crime. The categories of data disclosed are contact information, identification numbers, account information, order information, payment details, user-generated data, and video recordings based on legal obligation incumbent on Nattiluxe Sweden or for us to be able to establish, defend, or assert legal claims.
9.4 If you place an order or make a purchase from Nattiluxe Sweden, we may also disclose your personal data to the following recipients within the scope of handling your orders and purchases based on our contractual obligations towards you as the legal basis:
Suppliers, manufacturers, distributors, and subcontractors of products and services that Nattiluxe Sweden sells, which among other things provide the products and services and help us with support services such as maintenance, repair, and disposal of returned products. The data disclosed are contact information and order information.
Logistics companies and freight forwarders that help us with goods transport so we can deliver our products and services to you. We disclose contact information and order information to these recipients.
Insurance providers that offer insurance
9.4 If you place an order or make a purchase from Nattiluxe Sweden, we may also disclose your personal data to the following recipients within the scope of managing your orders and purchases based on our contractual obligations towards you as a legal basis:
Suppliers, manufacturers, distributors, and subcontractors of products and services that Nattiluxe Sweden sells, which among other things provide the products and services and assist us with support services such as maintenance, repair, and disposal of returned products. The information disclosed includes contact details and order information.
Logistics companies and freight forwarders that assist us with goods transportation so we can deliver our products and services to you. We disclose contact details and order information to these recipients.
Insurance providers that offer insurance for some of our products and services. The information disclosed when you choose to take out insurance includes contact details and order information.
Partners and providers of payment solutions, such as card-acquiring companies, banks, credit institutions, and other financial actors, which ensure that you can make payments and offer you various financing solutions. The information disclosed includes contact details, identification numbers, and payment details.
Credit rating agencies, credit reporting companies, or banks that provide us with a basis to ensure your payment capability, such as credit reports, when you apply for credit as part of managing your orders and purchases. The information disclosed is identification numbers.
Companies that provide financial services such as accounts receivable and debt collection activities that ensure that Nattiluxe Sweden gets paid for delivered products and services as part of managing your orders and purchases. The information disclosed includes contact details, identification numbers, order information, and payment details.
9.5 Nattiluxe Sweden will not sell your personal data to a third party unless we have your permission to do so.
Where do we store your personal data?
Nattiluxe Sweden primarily handles your personal data within the EU/EEA. However, we may also transfer your personal data to a country outside the EU/EEA if we need to share your information with Nattiluxe Sweden's suppliers or partners located outside or storing personal data in a country outside the EU/EEA. If your personal data is transferred to any country outside the EU/EEA, Nattiluxe Sweden will take the necessary measures to legally transfer the personal data by ensuring that your personal data is handled securely and with an adequate level of protection comparable to the protection offered within the EU/EEA, for example, by entering into agreements with the recipient that includes the EU Commission's standard contractual clauses.
What rights do you have as a registered customer?
11.1 Nattiluxe Sweden is responsible for processing your personal data according to applicable legislation. This section describes your rights related to our processing of your personal data. We will, upon your request or on our own initiative, correct, anonymize, delete, or supplement information that is found to be incorrect, incomplete, or misleading. If you have questions about this or wish to exercise any right, please contact us at the details provided at the bottom of this policy.
a) Right to access your personal data
We at Nattiluxe Sweden want to be transparent about how we process your personal data. If you want to gain insight into the processing we do about you, you have the right to request information about the processing, including a copy of your personal data that is being processed, a so-called register extract. This includes information about purposes, categories of personal data, categories of recipients of personal data, storage period or the criteria for determining the storage period, information about where data has been collected from, and the existence of automated decision-making including information about the logic behind and the significance of the processing. Please note that upon a request for access, we may ask for additional information about you to ensure that we provide the data to the right person and what information you want to access. The register extract is free of charge, but for repeated requests, Nattiluxe Sweden has the right to charge an administrative fee of 100 SEK.
b) Right to rectification of your personal data
Nattiluxe Sweden is keen on having accurate and updated personal data. If the information we have about you is incorrect, you have the right to request that it be corrected. You also have the right to supplement any incomplete personal data, for example, if we have the correct street address but are missing the street number. Upon your request, we will correct the incorrect or incomplete information we process about you as soon as possible.
c) Right to erasure of your personal data
We respect that the personal data we process about you are borrowed from you. Therefore, you have the right to request that Nattiluxe Sweden deletes your personal data when the data has been processed in an illegal way, must be deleted to fulfill a legal obligation that Nattiluxe Sweden is subject to, are no longer necessary for the purposes for which they have been processed, or when you
object to a balance of interest of legitimate interest that Nattiluxe Sweden has made and there is no legitimate interest for Nattiluxe Sweden or a third party that weighs heavier (see below section f) for information about the right to object). However, we cannot always accommodate your request as there may be reasons that give us the right to continue processing, for example, if the personal data is processed to fulfill a legal obligation as a legal basis (such as according to requirements in accounting laws) or if the data is necessary for Nattiluxe Sweden to be able to establish, assert, or defend legal claims.
d) Right to data portability
You have the right to get a copy of the personal data that relates to you in a structured format and, in some cases, have the data transferred to another data controller. However, this right only covers data that you yourself have provided to Nattiluxe Sweden and that we process with the support of consent or contractual obligation towards you as a legal basis.
e) Right to restriction of processing
You have the right to request that our processing of your personal data is limited in certain situations, which means that the data may only be processed for certain purposes. You can, for example, request a restriction of incorrect data when you have requested rectification. While Nattiluxe Sweden investigates the accuracy of the data, the processing of them will be limited. During the restriction of processing, personal data should only be processed, with the exception of storage, when the following exist:
The registered has given consent to the processing
Nattiluxe Sweden needs to exercise or protect against legal claims
To protect the freedoms and rights of another registered or legal person
For reasons of general importance for the European Union or a member state
f) Right to object to certain types of processing
When Nattiluxe Sweden processes your personal data based on a balance of interest of legitimate interest as a legal basis or for direct marketing, you have the right to object to our processing. An objection to Nattiluxe Sweden's balance of interest can be made when you have personal reasons related to the situation. In such an objection, Nattiluxe Sweden assesses whether we have legitimate reasons for the processing that outweigh your interest in protecting your privacy. If this is the case, Nattiluxe Sweden may continue to process your personal data despite your objection to the processing. Objection to direct marketing and analyses performed for direct marketing purposes can be made without stating any reasons. You control this yourself through the settings on My Pages where you choose whether you want to receive marketing communication and personalized offers. In addition, you are given the opportunity to object to marketing at each individual digital mailing. If you object to direct marketing, we will cease processing your personal data for that purpose and all types of direct marketing measures such as sending newsletters and offers. If you only object to personalized offers, the marketing communication to you will be general, as we have difficulty assessing which marketing is relevant to you if we are not allowed to analyze your personal characteristics.
11.2 If you think we are handling your personal data incorrectly, you are welcome to contact us. Contact details are at the bottom of this policy. You also have the right to submit any complaints regarding the processing of your personal data to the Data Protection Authority, which is the responsible supervisory authority for the processing of personal data in Sweden.
How do we protect your personal data?
You should always feel safe when you provide your personal data to us. Nattiluxe Sweden has therefore implemented appropriate technical and organizational security measures to protect your personal data against inappropriate or involuntary disclosures, use, undue access, deletion, alteration, or damage to your personal data. For example, all customer data is stored in a database that is protected with a firewall and authorization control so that only employees within the Nattiluxe Sweden Group who need access to your data to perform specific tasks have such access.
Application and amendment of the privacy policy
13.1 The latest updated version of Nattiluxe Sweden's privacy policy is always available on our website. Our privacy policy applies at all times in the form and to the content that is published on the website.
13.2 Nattiluxe Sweden has the right to update the privacy policy at any time. If the privacy policy is changed, the updated policy will be published on Nattiluxe Sweden's website. In addition, you will be informed that the privacy policy has been changed the next time you log in to your Nattiluxe Sweden account. We may also inform you via email if there are major changes to the privacy policy. If you do not want to accept the changed policy, you can terminate your Nattiluxe Sweden account by contacting customer service, see the contact details at the bottom of this policy.
Contact Information
Do not hesitate to contact us if you have questions about this privacy policy or if you want more information about our processing of your personal data or if any information is incorrect and you want us
13.2 Nattiluxe Sweden has the right to update the privacy policy at any time. If the privacy policy changes, the updated policy will be published on Nattiluxe Sweden's website. Additionally, you will be informed about the changes to the privacy policy the next time you log in to your Nattiluxe Sweden account. We may also inform you via email if there are significant changes to the privacy policy. If you do not wish to accept the changed policy, you can terminate your Nattiluxe Sweden account by contacting customer service, see the contact details at the bottom of this policy.
Contact Information
Do not hesitate to contact us if you have questions about this privacy policy or if you would like more information about our processing of your personal data or if any information is incorrect and you want us to correct it.
Are you a consumer? Please contact customer service via email at sleep@nattiluxe.com
Are you representing a company? Please contact customer service via email at sleep@nattiluxe.com"
