Skip to main content

Privacy Policy

Gridelli’s Deli AB, reg.no 556885-7238 (“Gridelli,” “we,” “us” or “our”) will process your personal data when you are visiting and using the services provided at wearegridelli.com or purchase products in our stores. We strive to be transparent in what we do with visitors’ and customers’ personal data and have therefore adopted this privacy policy. Below, you will find information on what kind of personal data we process, why we do it, what we use it for and how we may share it. Gridelli is the data controller of any processing of your personal data.

WHAT PERSONAL DATA DO WE PROCESS? We collect personal data when you (i) purchase watches, accessories, watch bands or other goods, (ii) sign up for news, invites and offers, (iii) request support and (iv) are browsing our website. Such personal data will include your name, e-mail address, telephone, delivery address, payment details, IP address, behavior on the website and other information that you voluntarily provide us.

PURPOSE, LEGAL GROUND AND STORAGE PERIOD
We will only use your personal data for the purposes, and on the legal grounds, as set out below. We will not use your personal data for any purpose that is incompatible with the below purposes. Further, we will only use your personal data during the period as set out under “Storage period”, after such which period your personal data will be erased.

PURCHASES
Purpose of processing: When you purchase goods, we will process your personal data to fulfil our contractual obligations towards you (see Terms of Use). Our purchase form identifies what information you must provide to us, in order for us to complete your purchase.

Legal ground for processing : The processing is necessary for our performance of the contract with you (i.e. Terms of Use).

Storage period: We will process your personal data during the term of our contract (including two-year warranty period), we will thereafter erase your personal data. The storage period applies also to any unsuccessful purchase due to lack of funds on your account.

DIRECT MARKETING
Purpose of processing: When you sign up for news, invites and offers (direct marketing), we will process your personal data to provide the services as requested by you. Our direct marketing is based on profiling, which means that we will customize the information that you receive from us based on certain factors. We use the following types of personal data to compile a profile: your gender, your location, your previous purchases, your behavior on our website, and/or your previous behavior when receiving direct marketing from us.

Legal ground for processing: The processing is necessary for our legitimate interests to maintain good customer relations.

Storage period: If you opt-opt or unsubscribe from our marketing (including profiling), we will no longer process your personal data for this purpose. We will also erase your personal data, unless there is another legal ground for keeping your data (such as a valid purchase contract).

SUPPORT
Purpose of processing: When you request support through our live chat or our other support channels, we will process your personal data to be able to assist you with the relevant matter

Legal ground for processing: The processing is necessary for our performance of the contract with you (i.e. Terms of Use).

Storage period : We will erase your data, within six months after the relevant matter has been finally resolved.

CHECKOUT REMINDER
Purpose of processing: If you have initiated a purchase at our website and if you have provided your email address in connection therewith but have not completed the final step of your purchase, we will send you an e-mail with a link to your shopping cart for the purposes of reminding you of your uncompleted purchase.

Legal ground for processing: The processing is necessary for our and your legitimate interest to remind you of your uncompleted purchase.

Storage period: We will erase your data, within one month after checkout reminder, unless there is another legal ground for keeping your data (such as a valid purchase contract) Opt-out is made possible by contacting info@gridelli.se.

BROWSING
Purpose of processing: When browsing our website, we will process your personal data to improve our website and for marketing purposes.

Legal ground for processing: The processing is necessary for our legitimate interests to improve our website and for retargeting.

Please see more under “Cookies”.

Storage period: Please see more under “Cookies”.

FRAUD PREVENTION
Purpose of processing : We will process your personal data for the purposes of carrying out risk analysis, fraud prevention and risk management. Legal ground for processing : The processing is necessary for our legitimate interests to prevent fraud and to handle risks. Storage period : We will erase any personal data used for this purpose on a six-month basis, unless there is another legitimate interest for keeping your data. Upon a purchase that has been cancelled due to fraud prevention, we will delete your personal data two years after the unsuccessful purchase.

ANALYSIS OF DATA
Purpose of processing: We will analyze your personal data, in order to compile aggregated tracking data (including to analyze visitors’ use of our sites by tracking information such as page views, traffic flows, search terms and click throughs).

Legal ground for processing: The processing is necessary for our legitimate interest to create statistics over time.

Storage period: We will anonymize all tracking data where this is technically possible. When your personal data has been anonymized, it will no longer be considered personal data under applicable data protection laws. Opt-out is made possible by contacting info@gridelli.se.

Please note that the above storage periods do not apply to the extent Gridelli is required to retain your personal data (partly or in full) under applicable mandatory law (e.g. accounting laws).

WHO DO WE SHARE YOUR PERSONAL DATA WITH?
Only the people who need to process personal data for the purposes mentioned above have access to your personal data. We may need to share your personal data with our group companies. We further may need to allow our suppliers access to your personal data when they perform services on our behalf, mainly to provide support and maintenance of IT systems, storage services and marketing. Any transfer of data outside the EU/EEA is made in line with data protection laws. Our international transfers of personal data (including transfers to our group companies and suppliers outside the EU/EEA) are based on the EU Commission’s standard contractual clauses. The standard contractual clauses may be found here. In addition, for transfers to some of our suppliers in the U.S., the recipient is certified under the EU-U.S. Privacy Shield administered by the U.S. Department of Commerce’s International Trade Administration (can be found here www.privacyshield.gov).

YOUR RIGHTS
You are entitled to the following rights under applicable laws:

The right to access : you may at any time request to access your personal data. Upon request, we will provide a copy of your personal data in a commonly used electronic form.

The right to rectification : you are entitled to obtain rectification of inaccurate personal data and to have incomplete personal data completed.

The right to erasure (“right to be forgotten”) : under certain circumstances (including processing on the basis of your consent), you may request us to delete your User Data. Please note that this right is not unconditional. Therefore, an attempt to invoke the right might not lead to an action from us.
The right to object : to certain processing activities conducted by the us in relation to your personal data, such as our processing of your personal data based on our legitimate interest. The right to object also applies to processing of your personal data for direct marketing purposes.

The right to restriction of processing : you may under certain circumstances request from us to restrict the processing of your personal data. Please note that this right is not unconditional. Therefore, an attempt to invoke the right might not lead to an action from us. The right to data portability : you are entitled to receive your personal data (or have your personal data directly transmitted to another data controller) in a structured, commonly used and machine-readable format.

Finally, you also have the right to lodge a complaint with the supervisory authority in Sweden, which currently is Datainspektionen.