Privacy & Security

PERSONAL DATA POLICY

Applicable from 15 July 2023

By using our services and this website, you accept that Moa Miró-Quesada, org. no. 19860306-5924 ("Granelito"), processes your personal data in accordance with the Privacy Policy and the laws and regulations on the protection of personal data applicable from time to time.

WHAT IS PERSONAL DATA?

Personal data is any information that can be used to identify a person, such as first name, last name, address, email address or other contact details.

WHAT PERSONAL DATA IS PROCESSED?

Granelito is a data controller in accordance with applicable data protection regulations. Below is an overview of the personal data we process in accordance with current legislation, EU Regulation 2016/679 (General Data Protection Regulation, ("GDPR")).

We process the following personal data:

  • Basic contact information you provide, such as name, address, phone number, email address.
  • The data you provide may also be supplemented by search services (e.g. we obtain your contact details from public and private registers or from third parties). We do this in order to, among other things, provide you with the services we offer, for identification and registration purposes and to provide a good service.
  • The data is used to maintain a good customer relationship and provide you with a better shopping experience and good service - The data is also used to contact you if necessary.
  • Data related to your subscription to our newsletter, such as your email address.
  • Data related to the use of our services, such as the device you use when visiting our websites, information collected via cookies about the pages you visit, the communications you have received and acted on, the product notifications you have received, the membership offers and personalized content you have used, the customer surveys you have answered, etc.
  • Information related to purchases, such as the products you have bought, the delivery and payment method you have chosen, etc.
  • Data derived from other data, either generated or provided, such as marketing segments and other information about our users' shopping habits that allows us to better understand them.
  • Information you provide to our customer service.

WHAT IS MY PERSONAL DATA USED FOR?

To provide our products and services

Your personal data is used to provide you with the best possible products and services. The legal basis for the processing of personal data is a contract that you have entered into. Examples of how your personal data is used in relation to the purpose:

Manage your orders/purchases/returns in the online shop or in store. Information/updates about your orders/purchases/returns in the webshop or store. Respond to your questions and messages related to purchases. Identify you as a user to give you a better and easier shopping experience. Send digital receipts to you as a member when you shop in our physical stores. Give you the opportunity to participate in competitions.

DIRECT MARKETING

To communicate, via email or text message, news, promotions, offers, product suggestions, membership offers, feature-related information, changes and news in our services or anything else we think is relevant to you.

If you have signed up to subscribe to our newsletter, the legal basis for processing your personal data for this purpose is consent to the newsletter.

 

MARKETING IN OTHER DIGITAL CHANNELS

We want the ads from us that our members and newsletter subscribers see in other media to be relevant. To enable us to show you relevant ads in other digital channels, such as Meta (Instagram and Facebook) and Google, we sync personal data such as email address and possibly your phone number with the corresponding identifiers on the relevant platform. The customization is based solely on what we know about you, not on data that other media have beyond what is needed to identify you.

 

PERSONALIZED SHOPPING EXPERIENCE AND COMMUNICATION

In order for you as a member to have the best possible shopping experience, we customize content and communication specifically for you. We do this based on your use of our services, your purchase history, your personal data and preferences, etc. In this way, we can, for example, provide customized offers, product recommendations and other content via email and on our websites.

 

MANAGING USER ACCOUNTS, NEWSLETTER SUBSCRIPTIONS AND MEMBERSHIPS

We use your personal data in connection with the creation and administration of user accounts and subscription to our newsletter. The legal basis for processing personal data is the consent you have given us. In this context, your personal data is used in connection with the purpose, inter alia, by:

  • to create and manage personal user accounts in our online shop,
  • to create and manage subscriptions to our newsletter,
  • to inform about new or modified services, such as new payment solutions, benefits, etc,
  • to respond to your requests for a user account, newsletter subscription and membership.
  • When you choose to shop without a user account, you are assigned a unique customer number.

ANALYSIS AND DEVELOPMENT

We use personal data to understand usage patterns and needs and to further develop our services and products. The legal basis for processing personal data is our legitimate interest in improving our services and includes, inter alia:

  • use statistical data to divide users into groups based on e.g. residence, age, duration of the customer relationship, use of our websites, use of membership benefits, etc. in order to understand how these factors affect the needs and use of our services - in these cases the data is processed in aggregated form and/or anonymized,
  • collect and analyze information through customer surveys, customer service, submitted proposals, etc. in order to understand usage patterns and the need to develop our products and services,
  • test and improve our systems, services and products.

SAFETY AND ABUSE PREVENTION

We need to process personal data to ensure a high level of security in all our services and to detect or prevent various types of fraud and misuse of services. The legal basis for processing personal data for this purpose is our legitimate interest in, among other things, detecting fraud or misuse of our services or payment methods.

DO YOU SHARE MY PERSONAL DATA WITH OTHERS?

Our suppliers and warehouses need personal data to provide services to us in the context of the processing activities described in this policy.

We pass on your personal data to our suppliers and warehouses in the following areas:

  • Customer service
  • Analysis/statistics
  • Payment
  • Transportation
  • Technical support
  • Marketing
  • Communication services

After campaigns, we may want to analyze sales against our marketing activities in order to create more relevant offers in the future. We do this by synchronizing anonymized purchase data with third party marketing activities.

WHERE IS MY PERSONAL DATA STORED?

Your personal data is mainly stored in the EU/EEA area, but some of our suppliers have technical support services located outside the EU/EEA. When using these support services, any processing of your personal data is governed by the EU/EEA standard contractual clauses for transfers to third countries or other approved transfer mechanism with any necessary safeguards.

 

HOW CAN I MANAGE MY PERSONAL DATA?

You can change your personal data at any time. You can do this by contacting us for assistance.

YOUR RIGHTS

  • If you want to know what personal data we store about you, you have the right to ask for an extract from the register.
  • If you wish to have your personal data corrected, you have the right to request this.
  • If you want to delete your personal data, you have the right to do so, provided that we are not legally obliged to store it.
  • If you wish to restrict the processing of your personal data, you have the right to request this.
  • Consent can be withdrawn at any time.
  • Where processing is based on legitimate interest or contract, processing may still continue to some extent.
  • If we correct or delete your personal data, or if we restrict processing, we will inform you of this.
  • You have the right to receive a copy of your personal data in a structured, commonly used and machine-readable format and to transfer the data to another company. However, this only applies to data that you have actively provided.
  • You have the right to object if you believe that we are not processing your personal data correctly.

WHO HAS ACCESS TO MY PERSONAL DATA?

Your personal data are processed only by authorized personnel who have access to the data in their professional capacity and who are entitled to retrieve/use the data only for the specified and legitimate purpose for which they were collected.

HOW LONG DO YOU STORE MY PERSONAL DATA?

Your personal data is retained for as long as we need it to provide the services described in this policy, to ensure your rights in relation to the purchase of a product or as long as we are required by law to retain it. Thereafter, it will be deleted.

HOW DO YOU PROTECT MY PERSONAL DATA?

We store your personal data in our operating environments. These environments use standard security solutions to prevent unauthorized access. We protect personal data and sensitive information according to applicable standards.

HOW DOES THE REGULATORY FRAMEWORK FOR PERSONAL DATA WORK?

All processing of personal data, including collection, registration, storage and disclosure, is subject to specific rules, including the General Data Protection Regulation. Granelito is the data controller, i.e. responsible for ensuring that the processing complies with current legislation and regulations. Contact details for the data controller can be found at the bottom of this policy.

The Swedish Data Protection Authority monitors compliance with the regulations in Sweden. You have the right to lodge a complaint with the Swedish Data Protection Authority regarding the controller's processing under this policy.

COOKIES

When you visit our websites, cookies are used so that, among other things, the websites can recognize the computer or mobile phone you are using. Cookies improve your user experience because, among other things, they remember your login details on your next visit. They also provide us with information about your behavior on our websites, allowing us to adapt the content to make it more relevant to you.

WHAT ARE COOKIES AND HOW DO WE USE COOKIES?

Cookies are small text files that are stored on your device and used by the website to make your experience smoother. We use them to track which pages you visit, remember who you are or remember your preferences, such as language.

Pixels are small pieces of code on our website that we use to record conversions from online ads. They allow us to use them internally on our website to tailor external advertising to groups of customers based on their interests.

Cookies allow websites to store and use data directly in the browser.

This website uses different types of cookies. Some cookies are placed by third-party services that appear on our pages.

A condition for the use of cookies is that you have given your consent to their use. It is sufficient that you consent once for each purpose. You can change or withdraw your consent to the cookie policy on our website at any time.

CHANGES TO THIS PRIVACY POLICY

We have the right to make changes to this policy. When the changes are not purely editorial or linguistic but of a material nature, members and those with user accounts in our webshop will be informed of the change and what it means for you before it comes into force.

CONTACT DETAILS

The data controller is Granelito, which can be found at www.granelito.co or www.granelito.com.

If you have any questions, please contact shop@granelito.com.