Integritetspolicy

Privacy Policy

Aivira Beauty AB, CIN: 559306-1335, (“Aivira”, “us”, “we”) handles your Personal Data when you as a consumer purchase products, signs up to newsletter, register an account and visit the website www.aiviraskincare.com (“Website”, “Site”). Aivira may obtain Personal Data from third parties.

You should always feel safe when submitting your Personal Data to us. With this privacy policy, Aivira wants to show how the company ensures that your Personal Data is processed in accordance with the EU Data Protection Regulation 2016/679/EC ("GDPR"). Aivira protects your personal privacy and strives to protect all registered Personal Data in a secure manner. Please read this Privacy Policy carefully and make sure you understand its content before using Aivira’s services. 

Aivira reserves the right to change this privacy policy at any time. If so, Aivira will publish the adjusted privacy policy at www.aiviraskincare.com with information on when the changes will take effect.

In this privacy policy:

  1. GENERAL
  2. CONTACT
  3. MINORS
  4. DATA COLLECTED AND GROUNDS FOR COLLECTION
  5. COOKIES
  6. STORAGE TIMES
  7. THE PROTECTION OF YOUR DATA AND THIRD PARTIES
  8. YOUR RIGHTS

APPENDIX 1

 

 1. General 

You are not obliged to provide Personal Data to Aivira, but without it, you can not complete your order.  Some other services may also be limited.

In this Privacy Policy, we refer to any information that can uniquely identify an individual as “Personal Data”.

 

 2. Contact

If you have any questions or if you want to exercise your rights, you can contact us, the data controller, at info@aiviraskincare.com

or at

Aivira Beauty AB
Box 5878
102 40 Stockholm
Sweden

 

 3. Minors

The Site is not intended for individuals under the age of 18. We do not intentionally collect Personal Data from children. If you are the parent or guardian and believe your child has provided us with Personal Data, please contact us at the address mentioned in section 1 to request deletion.

 

4. Data collected and grounds for collection

We collect and use your Personal Data to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers - as seen below. 

Device information

  • Personal Data collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
  • Purpose of collection: to load the Site accurately for you.
  • Source of collection: collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.
  • Disclosure for a business purpose: shared with our marketing partner, Amanda AI AB. We protect and secure your personal data with appropriate measures, for example through pseudonymization and encryption techniques or through data anonymization. Under no circumstances do we analyze data at a level where your identity is traceable.
  • Legal ground for collection: the legal basis for the use is a balance of interests, where Aivira's interest is to be able to satisfy the customer with a well-functioning website.

Order information

  • Personal Data collected: name, billing address, shipping address, payment information (including credit card numbers) email address, and phone number.
  • Purpose of collection: to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: shared with our processor Shopify, shipping details shared with our shipping partners, Postnord Sverige AB, Airmiz AB, Budbee Holding AB and nShift Group AS.
  • Legal ground for collection: the legal basis for the collection is to fulfill our contract with the customer.

Customer support information

  • Personal Data collected: Name, email, address, phone number and other information you provide us with.
  • Purpose of collection: to provide customer support.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: If needed shared with relevant business partner(s) to solve the support item.
  • Legal ground for collection: The legal basis is, in case you are a customer with us, to be able to fulfill our agreement with you to deliver a well-functioning product. If you are not a customer of ours, our legal basis is a balancing of interests, where Aivira has an interest in being able to answer and handle the questions. 

Account information

  • Personal Data collected: Name, email, address, phone number and other information you provide us with.
  • Purpose of collection: to provide an enhanced website experience and to give you a personalized online experience and make your purchase information available to you immediately.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: N/A
  • Legal ground for collection: We process your personal data with the support of your consent that you provided when you created the account. Potential product recommendations are based on our legitimate interest.


5. Cookies

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

What cookies we use to optimize your experience on our Site and to provide our services can you find in Appendix 1.

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

 

6. Storage times

Aivira stores Personal Data only for as long as is necessary to fulfill the purposes for which the data was collected or as long as the Company is obliged to store Personal Data in accordance with law. In some cases, Personal Data may be stored longer to protect the Company's legal interests, e.g. in a legal process. The Personal Data is then deleted.

Certain Personal Data will, in order to comply with relevant accounting legislation, be stored for seven (7) years, calculated from the end of the calendar year in which the financial year to which the information belongs was closed.

Personal Data relating to order information will be stored for 24 months and then deleted unless required otherwise by law.

 

7. Protection of your data and third parties

In order for you to feel safe when you submit your Personal Data to us, Aivira has taken the necessary security measures to protect your Personal Data against unauthorized access, alteration and deletion. Such as limiting the number of people who have access to your Personal Data, storing your Personal Data with password protection and encryptions.

Aivira does not have the right to provide the user's Personal Data to third parties unless it is directly necessary for the provision of the service or necessary to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

Aivira always strive to process and store your Personal Data within the EU / EEA. The user should be aware that rules outside the EU / EEA may mean less protection for your Personal Data. 

Should your Personal Data need to be transferred and stored outside the EU / EEA, Aivira will choose these suppliers with the utmost care and with regard to your privacy. Aivira will also take all necessary security measures to ensure that your Personal Data is handled securely and with an adequate level of protection (for example by means of approved standard clauses and additional appropriate protection measures).

Your Personal Data will, when you order from Aivira, be initially processed in Ireland and then possibly will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.

We share your Personal Data with service providers to help us provide our services and fulfill our contracts with you, as described above. For example:

  • We use Shopify to power our online store. You can read more about how Shopify uses your Personal Data here: https://www.shopify.com/legal/privacy.
  • When an order is placed, we share your name and address details and may share e-mail and telephone number with our shipping partners, nShift Group AS, Postnord Sverige AB, Airmiz AB and Budbee Holdings AB to be able to deliver your order.

As described above, we use your Personal Data to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

  • We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Data here: https://policies.google.com/privacy?hl=en.You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
  • We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).
  • We use Facebook pixels to help us understand how our customers use the Site and to target our advertising. You can read more about how Facebook uses your Personal Data here: https://www.facebook.com/about/privacy/

    For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by:

8.    Your rights

Free register extract

When Aivira is responsible for Personal Data, you have, at any time, the right to receive a register extract free of charge with information about which Personal Data is registered about you, the purposes of the processing of this Personal Data and information about where this Personal Data was obtained from and to whom recipients. has been or will be released. You also have the right to receive information in the register extract about the predicted period during which the data will be stored or the criteria used to determine this period. You also have the right to find out about the existence of automated decision-making (including profiling). The request for access to such information must be in writing and sent to Aivira at the address given below under point 2.

Data portability

You have the right to data portability, i.e. a right to, under certain conditions, obtain and transfer your Personal Data in a structured, generally used and machine-readable format to another person responsible for Personal Data.

Correct and delete

Aivira will, at your request or on its own initiative, correct, de-identify, supplement or delete information that is found to be incorrect, incomplete or misleading. Aivira is in some cases obliged to process your Personal Data even though you have requested that these be removed, for example in the right to freedom of expression and information, in order to fulfill a legal obligation or to perform a task of public interest.

Restrict use or right to refuse

In some cases, you have the right to demand that the processing of Personal Data be restricted. Restriction means that the information is marked so that in the future it may only be processed for certain limited purposes. You have always the right to refuse to process your personal data based on our legitimate interest.

Automatic decision-making

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

Services that include elements of automated decision-making include:

  • Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
  • Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.

Withdraw consent

In cases where you have previously given consent to the processing of your Personal Data, you have the right to revoke that consent.

Exercise rights, ask questions or make complaints.

If you would like to exercise these rights, please click this link https://www.aiviraskincare.com/pages/gdpr-compliance.

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at info@aiviraskincare.com or by mail using the details provided below:

Aivira Beauty AB, Box 5878, 102 40 Stockholm, Sweden

If you are not satisfied with our response to your complaint, you have the right to lodge your complaint with the relevant data protection authority. You can contact your local data protection authority, or our supervisory authority here: 

Sweden: https://www.imy.se/

EU: https://edps.europa.eu/_en

UK: htps://ico.org.uk/make-a-complaint/

 

 

Appendix 1. 

Cookies Necessary for the Functioning of the Store

Name

Function

_ab

Used in connection with access to admin.

_secure_session_id

Used in connection with navigation through a storefront.

_shopify_m

Used for managing customer privacy settings.              

_shopify_u

Used to facilitate updating customer account information.

cart

Used in connection with shopping cart.

cart_currency

Shopify, necessary for the secure checkout and payment function on the website.

cart_sig

Used in connection with checkout.

cart_ts

Used in connection with checkout.

checkout_token

Used in connection with checkout.

secret

Used in connection with checkout.

secure_customer_sig

Used in connection with customer login.

shopify_pay_redirect

Used in connection with checkout.

storefront_digest

Used in connection with customer login.

cookieconsent_preferences_disabled

Used to remember your cookie preferences 


Reporting and Analytics

Name

Function

_tracking_consent

Tracking preferences.

_landing_page

Track landing pages

_orig_referrer

Track landing pages

_s

Shopify analytics.

_shopify_d

Shopify analytics.

_shopify_s

Shopify analytics.

_shopify_sa_p

Shopify analytics relating to marketing & referrals.

_shopify_sa_t

Shopify analytics relating to marketing & referrals.

_shopify_y

Shopify analytics.

_y

Shopify analytics.

_ga

Google Analytics used to distinguish users

_gid

Google Analytics used to distinguish users

_gat

Google Analytics Used to throttle request rate

 

 

Marketing and retargeting cookies

Name

Function

_fbp

Facebook Pixel, used to distinguish users and retarget marketing

Shopify_evids

Shopify, used for marketing purposes by promoting related products or for retargeting purposes.