LULU Copenhagen collects, use, process and store our customers data in accordance with the newest GDPR applicant data protection law.
Customer data is defined by being identifiable information about a customer. This means information that in a direct or indirect way can identify a person.
When buying products from our website we will collect personal information such as your name, email and home address. We will furthermore save information regarding your navigation on the website as well as information about your purchases.
Your personal information can for an example be used in the following cases:
• Customer service.
• Handling your online order.
• Customer correspondence if such appears.
• If you are already signed up, or in the process of signing up to our newsletters.
• Your purchase history.
• For analysing and improving our services.
• For the marketing of our products and brand.
We will delete your personal data and information when they are no longer needed for handling an order or any of the above mentioned cases. The information can be stored longer in anonymised form.
In order to process and handle your online and/or physical order, we have to pass on necessary parts of your personal information to the delivery company, the storage company as well as the payment partners. We also share cookies and parts of your data to companies such as email services and ad networks, but only in relation to LULU Copenhagen.
We process and store your personal data on 3rd party services and hosting services, but these 3rd party services don’t have access and the right to use any of your data to services not related to LULU Copenhagen.
THIRD PARTY COUNTRIES & THIRD PARTY SERVICES
Your personal data are collected and processed by us, but use a range of third party services whom are both data processors and data responsible.
We are obliged by law to inform you whom we are processing data for, that parts of your data will be transferred to third party countries. Google process some of our email correspondences with customers and contributors. Our web shop platform is build on a Shopify solution of whom we collects data thru. We also use Klaviyo as our email newsletters and email marketing.
These companies are located in the US and are responsible for storing your data at their end.
USA is a third party country where to extraordinary claims to security and data transactions are claimed. The EU admits deals with partners located in the US when these are part of the deal that goes under the name Privacy Shield Framework. The above companies that we use as third party services are all under this agreement framework.
Other third party vendors we use include all of our payment providers and gatekeepers. This is to ensure the highest standards within secure transactions. These vendors and services handles your payment data and the private data necessary to handle online payments. We use Quickpay as gateway for all payment types such as PayPal, Visa, Mastercard, MobilePay etc. and Clearhouse as our online financial acquirer.
Furthermore we hos our Web shop on one.com servers whom also handles some of our email correspondences with customers.
We process, handles and store your data with the above services together with our third party vendors, but we don't share, give away or sell your data to any of the above or other to purposes not linked to the sole role of LULU Copenhagens business.
THE SECURITY OF PROCESSING DATA
We process your personal data in accordance with the newest GDPR applicant data protection law. It is of upper most interest to us to secure our customers data. Therefor we have applied both technical and employee related work routines within the handling of our customers data.
People sometimes make mistakes, and this is why we educate all employees who get in touch with data on how to handle these with care. It is with an interest in minimising the number of possible mistakes, but also to maximise our focus on continuously improvement of our handling of data.
We have limited access within our systems, so only key people have access to customer data. To ensure data security we also update passwords, our software systems and ourselves with new IT knowledge on security.
YOUR DATA RIGHTS
In accordance with the GDPR applicant data protection law you have a list of rights according to how we handle and process our data about you.
YOUR RIGHT TO GET INSIGHT IN OUR DATA
In accordance to the GDPR you have the right to get an insight in the data that we process about you. At any given time you can ask to see the data we have about you by applying thru the form on the page "My Personal Data".
Your Right To Correct In Our Data
In accordance to the GDPR you have the right to get incorrect data about you corrected.
When you have filled out the form on the page "My Personal Data", you will receive an email with a link to a page where you can see the data we have collected and stored about you. From this page you can also send a request on what needs to be corrected. And finally you can send a request about getting all your data deleted. You can also request your data to be deleted, but please bear in mind that we cannot delete your data before your products warranty period has expired.
Your Payment Informations
In accordance with danish law we transact the payment after the item has been shipped and not before. We don't keep any of your payment informations. Your payment transactions are processed and handled by third party vendors as an agreement between them and your payment provider and bank.