Who is responsible for your personal data?
GEP TC Promoshop AB (“GEP”), is the controller of the personal data you submit to us and responsible for your personal data under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, or GDPR). GEP TC promoshop AB acts as the personal data processor.
Where is your personal data stored?
The data that we collect from you is stored within the European Union, but may also be transferred to and processed in a country outside of the EU. Any such transfer of your personal data will be carried out in compliance with applicable laws.
What types of personal data do we collect?
We will collect personal data that you submit to us, for example, when you place orders, contact our customer service or participate in competitions. The personal data that you submit to us may for example include contact information, date of birth and payment information. In addition, we may collect certain personal data from external sources such as credit information and address updates.
How do we use your personal data?
We may use your personal data for the following purposes:
• To create and manage your personal account at GEP
• To send text message notifications of delivery status
• To contact you in the event of any problems with the delivery of your items
• To answer your queries and to inform you of new or changed services
• To send marketing offers such as newsletters
• To make analyses in order to provide you with relevant marketing offers and information
• To test and improve our systems by which the services are provided
• To prevent misuse or improper use of our services
We will keep your data for as long as necessary to fulfil the purposes above or for as long as we are required by law. After this your personal data will be deleted.
What are your rights?
You have the right to request information about the personal data we hold on you at any time (free of charge once a year). If your data is incorrect, incomplete or irrelevant, you can ask to have the information corrected or removed. We cannot remove your data when there is a legal storage requirement, such as book-keeping rules or when there are other legitimate grounds to keep the data, such as unsettled debts. You can withdraw your consent to us using the data for marketing purposes at any time. You can contact us by sending a letter to GEP Communication Group ATT: Customer Service, Warfvingesväg 30 A. 112 51 Stockholm, Sweden.
Your letter should include:
Personal Data - ATT GEP's DPO.
I hereby request to get my personal data according to GDPR
........................................................................... (City and date ) .......................................................................... (Signature) ......................................................................... (Name, Social Security Number and address)
(e-mail/phone number) …………………………………………………………………….
Who has access to your personal data?
We never pass on, sell or swap your data for marketing purposes to third parties outside the GEP group. Data that is forwarded to third parties, is only used to provide you with the services mentioned above, for example shipping agents in connection with the delivery of goods, media agencies for distribution of newsletter and credit reference or debt collection agencies for the purpose of credit rating checks, identity checks and debt collection.
How do we protect your personal data?
We have taken technical and organisational measures to protect your data from loss, manipulation, unauthorised access. We continually adapt our security measures in line with technological progress and developments. To make card purchases with us as secure as possible, all information is sent in encrypted form. This means that the information is passed through a secure connection and that your personal data cannot be read by external parties. For card purchases we work with an authorized payment agent that helps us to check directly with your bank that the card is valid for purchases. Our payment agent processes your card details according to the international security standard PCI DSS, which was developed by the card companies VISA, MasterCard, Diners, American Express and JCB. This means that your card details are processed with a very high level of security. When you pay by card, we reserve the right to carry out an identity check.
There are two types of cookies: permanent and temporary (session cookies). Permanent cookies are stored as a file on your computer or mobile device for no longer than 12 months. Session cookies are stored temporarily and disappear when you close your browser session. We use permanent cookies to store your choice of start page and to store your details if you select "Remember me" when you log in. We use session cookies when you use the product filtration function, to check whether you are logged in or if you put an item in your shopping bag
You can easily erase cookies from your computer or mobile device using your browser. For instructions on how to handle and delete cookies please look under "Help" in your browser. You can choose to disable cookies, or to receive a notification each time a new cookie is sent to your computer or mobile device. Please note that if you choose to disable cookies, you might not be able to take advantage of all our features.
We use third-party cookies to collect statistics in aggregate form in analysis tools such as Google Analytics. The cookies used are both permanent and temporary cookies (session cookies). The permanent cookies are stored on your computer or mobile device for no longer than 24 months.
The site may include links to other websites which do not fall under our supervision. We cannot accept any responsibility for the protection of privacy or the content of these websites, but we offer these links to make it easier for our visitors to find more information about specific subjects.
If you want to complain
Anyone who considers that a company violates GDPR or other privacy laws may contact the Swedish Data Protection Authority (Datainspektionen). Read more on the Swedish Data Protection Authority web site.
Controller of personal data
GEP TC Promoshop AB Warfvingesväg 30A 112 51 Stockholm Sweden
Telephone: +46 (0)8 588 855 00 E-mail: Customerservice@gepcg.se
Company registration number: 559025-3893
Authorized representative: Petrus Joona VAT registration number:
VAT NO. SE559025-389301