When shopping at us
We protect your personal data when you visit and shop at us. We also update the contents of our personal data policy on a running basis. Below, you can read more about how your personal data are processed.
Registration and use of personal data
We are responsible for personal data, such as name, address, and date of birth, which you pass on to us or which we are given when you shop at us or sign up for newsletters. The data will be stored in the Modström Retail group, hereafter Modström, which will naturally assume responsibility for this confidential information as well.
When passing on your personal data to us, you thereby consent to us using the collected data to fulfil our obligations to you and offer you the service you expect. We may also need the data to reach you if problems relating to the delivery of your items arise.
You have the right to contact us to learn which personal data we have registered. If the information is incorrect, incomplete, or irrelevant, you may ask to have them changed or deleted. You may at any time withdraw your consent to our employing your data with reference to marketing – for example, the reception of newsletters or deals. You can contact us by sending an e-mail to firstname.lastname@example.org.
What we promise
We will never pass on, sell, or exchange your data to a third party for the purpose of marketing outside of Modström. Any data passed on to a third party will only be employed to fulfil our obligations to you. An example would be when we pass on your address to suppliers and shipping agents in connection with the delivery of your items. Your data will only be stored for as long as we need them to carry out our service or for as long as legislation demands it.
Data protection policy (GDPR)
- This policy was last updated on 24 May 2018.
This policy which concerns how we process personal data, hereafter “data protection policy", outlines how Modström ApS collects and processes your data. You will also be able to find information on how to exercise your rights by using our services.
Modström ApS (CVR number: 28137230) is the “data manager" of the personal data which we collect about you. All inquiries to us should be made via the contact information listed in paragraph 11.
Phrases like “we", “us" or “our" refer to Modström ApS.
This policy has been drawn up in accordance with the ordinance (EU) 2016/679 of 27 April 2016, hereafter “the EU General Data Protection Regulation".
We will always ensure that we have the legitimate basis for collecting and processing your personal data. The basis for processing may vary according to the type of data and the context in which we collect them.
- Our primary reason for collecting your personal data is that it enables us to fulfil the contract made with you. Meaning that we can deliver your items whenever or wherever you desire, but also when it is in our legitimate commercial interest to do so – e.g., when improving our website and services or to carry out targeted marketing, e.g., via newsletters etc.
- We will never send you any direct marketing without your consent.
- Personal data are mainly collected when you place an order with us. This might be via our websites butler-loftet.dk and modstrom.com (e.g., iOS or Android), by phone via our customer support or in our stores.
Other sources where you voluntarily offer up personal data might for instance be (but not limited to):
- Contact forms at our websites
- Inquiries sent via e-mail
- Job applications or CVs sent via e-mail
- Customer surveys carried out digitally or by phone
- E-mail marketing, e.g., in the form of newsletters
- Data that you give up voluntarily when making a purchase, signing up for our newsletter or joining our customer club.
- The data include name, address, phone number, e-mail address and other information concerning the items you may order.
- We store the data to:
- Register you as a customer the first time you shop at us.
- Be able to fulfil our purchase contract with you.
- Send you status updates on your order.
- Send you marketing if you have given your consent.
- Answer any questions you might have concerning your order.
- Contact you for feedback on your purchase experience.
- Carry out customer surveys.
- Udføre analyser og research for at udvikle vores tjenester og services.
- We may share personal data with the following recipients – the recipients will not receive all data stored by us – but are not limited to this.
- Companies within our group.
- Third parties aiding our services. E.g., marketing partners, companies we employ for statistics or sales prognoses.
- Any competently judicial body, controlling authority or public authority, court of law or other third party where we find that passing on data is necessary as laid down by the law.
- We do not share personal data with a third party before a statutory data management agreement has been made between us and the third party.
- We will never sell, distribute or in any other way share your personal data unless we get your consent.
- To the greatest possible extent, we wish to create transparency about how we process your personal data, and in connection with this, it is our responsibility as data manager to inform you of your rights.
- Identification requirements
- The EU General Data Protection Regulation demands identification if you wish to exercise your rights. This is to ensure that unauthorised persons cannot access, change, delete or transfer your personal data.
- Thus, if you wish to exercise your rights, you must make a written application for us. See the contact information listed in paragraph 11.
- Valid identification may be the following, although we may request further documentation.
- The application is made via the e-mail address registered with the information that you want supplied, changed, deleted, or transferred.
- The application contains a phone number registered with the information that you want supplied, changed, deleted, or transferred. And this may be confirmed by calling the phone.
- A copy of your passport, driving license or other valid ID.
- The right to inspection
- At any time, you have the right to inquire about which personal data we have stored about you, what the purpose of the processing is and which data bases we employ in connection with the processing.
- The right to rectification
- You have the right to have incorrect personal data rectified by us. In case you discover any mistakes in the data we have stored about you, we urge you to make a written application to us so that the information may be corrected.
- The right to deletion
- In certain cases, you have the right to have your personal data deleted by us. In the extent that your data are necessary, e.g., for keeping our accounting responsibilities, we are not obligated to delete your personal data. This also goes for cases where the data are to be used for advancing a legal claim or to defend against such.
- The right to limit the processing
- In certain cases, you have the right to have the processing of your personal data limited so that it merely consists in storing, e.g., if you think that the data, we are processing about you are incorrect.
- The right to data portability
- You have the right to have your personal data handed over in a structured, machine readable format in common use and have the right to pass these data on to another data manager.
- You have the right to have your personal data transferred directly to another data manager if this is technically feasible.
- The right to objection
- At any time, you have the right to object to our processing of your personal data, which we collect to improve features on the website and its build-up, if you have special reasons for this.
- In we cannot demonstrate any legal reason to keep processing your data, we are no longer entitled to process your personal data.
- The right to withdraw consent
- At any time, you have the right to withdraw your consent, e.g. your consent that we may send you direct marketing.
- The right to appeal
- You have the right to file a complaint with the Danish Data Protection Agency concerning the way we collect and process your personal data.
- You have the right to file a complaint with the Danish Data Protection Agency concerning your wish to exercise your rights.
- The contact information on the Danish Data Protection Agency can be found at www.datatilsynet.dk
- We have implemented the relevant technical and organizational security measures to prevent that personal data are lost, destroyed, changed, or impaired, whether accidentally or illegally, and that unauthorized persons might access or abuse the data.
- In connection with the implementation of the organizational security measures, we have laid down guidelines for which employees may access your data so that only the employees that need to access them are able to.
- Personal data are stored on our secured servers which are provided and administered by a third-party company specializing in hosting and data security. Physically, the servers are located at a Danish high-security data processing center. We have a data management agreement with this hosting company.
- All passwords are stored using one-way encryption and according to market-leading standards.
- Basically, personal data that we store about you are kept for 5 years if there is no activity in the account. By activity we mean purchases, data being changed or logins. Thus, a customer account is only automatically deleted when the account has been inactive for 5 years.
- improve user experience and personalize our content and ads. This information is shared with a third party, such as Google or Facebook, and cookies are used for anonymous tracking across websites.
- provide location services if you choose to share your geographical location.
- If you do not wish to allow cookies, the Danish Business Authority has a guide at their website on how to do this. The procedure varies depending on the browser.
- Our website, apps or e-mail communication may contain links to third-part websites – e.g. Facebook, Instagram, suppliers etc. If you follow a link to one of these websites, please note that these have their own data protection policies and that we do not accept any liability for damages for these policies or the linked websites in question. Please read the individual policies of these third-party websites before giving up any personal data to them.
- We have the right to make changes to this data protection policy at any given time. From paragraph 1.1 on top of the page, it will always be clear when the policy was last updated.
- We may update this data protection policy from time to time because of legal, technical, or commercial developments. When we update our data protection policy, we will take the relevant measures for notifying you in accordance with the impact of the changes we are making. We will obtain your consent for any major changes to our data protection policy that may arise if and where this is required of the current data protection laws.
- We urge you to go through this page regularly for the latest information about our data protection policy.
- Modström ApS is the “data manager" of the personal data which we collect about you.
- If you have any questions or comments regarding this data protection policy or if you wish to exercise your rights, you can reach us in the following ways:
Danneskiold-Samsøes Allé 9 st.,
DK-1434 Copenhagen K
Phone: (+45) 98 32 42 95