Privacy Policy
1. GENERAL
1.1 This policy on the handling of private personal information (“Privacy Policy”) describes how STACO NORDIC A/S
(“Staco-nordic.com”, “staco.dk”, “stacotools.com”, “us”, “ours”, “we”) gathers and handles information about you.


1.2 The Privacy Policy applies to information that you give us, og that we gather through our websites, (“the Website”).


1.3 STACO NORDIC A/S is responsible for your personal information gathered though the website. STACO NORDIC A/S can be contacted as advised in paragraph 7.

2. WHAT PERSONAL INFORMATION DO WE GATHER, AT WHAT PURPOSE AND WHAT IT THE LEGAL BASIS FOR HANDLING.

2.1 When you visit the Website, we automatically gather information about you and the way you use the Website, ie. what kind of browser you use, what search inquiries you use on the Website, your IP adress, your network location and information about your computer.

2.1.1 The purpose is to optimize the user experience and the Websites function, along with making direct targetted marteting and advertising, including regargeting via Facebook and Google. The handling of information is neccesary to ensure, that we can take care of our interests in optimizing the Website and show relevant offers to you.

2.1.2 The legal basis of the handling is the EU GDPR regulation art 6, paragraph 6 1, litra f.
2.2 When you buy a product or communicate with us through the Website, we gather the information that you give us, ie. name, adresse, email adress, phone no., payment methods, information about products (including retur of these), whishes of delivery and also information about the IP adress used at the point of order.
2.2.1 The purpose is that we can deliver the products you have ordered and otherwise fulfill our agreement with you, including to be able to manage your rights to return and advertise. Information about your purchases can also be processed to comply with legal requirements, including for accounting and accounting purposes. Upon purchase, the IP address is collected for the purpose and in order to safeguard our interest in preventing fraud.
2.2.2 The legal basis of the handling is the EU GDPR regulation art 6, paragraph 6 1, litra b, c and f.
2.3 When you sign up for our newsletter, you are asked to provide eg name, address, e-mail address, gender, interests etc. Besides the name, address and e-mail address you choose which information you want to give us.
2.3.1 The purpose is to optimize your experience of our marketing communication, be able to send newsletters and make targeted marketing.
2.3.2 The legal basis of the handling is the EU GDPR regulation art 6, paragraph 6 1, litra b and f.

3. RECEIVERS OF PERSONAL INFORMATION
3.1 Information about your name, address, e-mail, telephone number and order number and specific delivery requests will be passed on to DAO, PostNord, GLS and other carriers who handles the delivery of purchased goods to you. When purchasing non-stocked goods, the information mentioned can be passed on to the manufacturer or seller of the product concerned, who will then be responsible for the delivery.
3.2 Information can be left to external partners who process the information on our behalf. We use external partners for, among other things, technical operation and improvements of the Website, the sending of newsletters and targeted marketing, including retargeting, as well as for your assessment of our company and products. Among other things, information about your name and your email will be passed to MailChimp so that targeted emails can be sent to you on our behalf. These companies are data processors and under our instructions and process data for which we are the data controller. The data processors may not use the information for any purpose other than the fulfillment of the agreement with us and are subject to their confidentiality. We have entered into written data processing agreements with all data processors who process personal data on our behalf.
3.3 Three of these data processors, Google Analytics (Google LLC.), Facebook Inc. and MailChimp (Rocket Science Group) is established in the United States. The necessary information for the transfer of information to the United States is ensured through the data processor’s certification under the EU-US. Privacy Shield, cf. EU Nature of the Personal Data Regulation. 45th
3.3.1 A copy of Google LLC’s certification can be found here: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI 
3.3.2 A copy of Facebook Inc.’s
certification can be found here: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
3.3.3 A copy of The Rocket Science Group LLC d/b/a MailChimp’s certification can be found here : https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active

  
4. YOUR RIGHTS
4.1 In order to create openness about the processing of your information, we as data controller must inform you of your rights.
4.2 Right of insight 
4.2.1 You are at any time entitled to request information about, among other things, what information we have registered about you, what purpose the registration serves, which categories of personal data and recipients of information there may be, as well as information about where the information originated.
4.2.2 You have the right to receive a copy of the personal information that we process about you. If you want a copy of your personal information, you must send a written request to mail@staco-nordic.com You may be asked to document that you are the one you are giving yourself to be.
4.3 Right to correction
4.3.1 You have the right to obtain incorrect personal information about yourself corrected by us. If you become aware that there are errors in the information that we have registered about you, you are encouraged to contact us in writing so that the information can be corrected.
4.3.2 You have the possibility to correct any information that we have gathered in connection with your registration at the Website.
4.4 Right to deletion
4.4.1 In some cases, you have the right to have all or some of your personal information deleted by us, for example, if you revoke your consent and we do not have another legal basis to continue processing. To the extent that continued processing of your information is necessary, for example, in order for us to comply with our legal obligations, or for legal claims to be established, enforced or defended, we are not obliged to delete your personal information.
4.5 Right to limit data processing to storage
4.5.1 In some cases, you have the right to limit the processing of your personal data to consist only of storage, for example, if you believe that the information we process about you is incorrect.
4.6 The right to data portability
4.6.1 You may in some cases have the right to obtain personal information you provided to us in a structured, commonly used, machine-readable format and have the right to transfer that information to another data controller.
4.7 The right to object 
4.7.1 You have the right – at any time – to object to our processing of your personal data for direct marketing purposes, including the promotion made to target our direct marketing.
4.7.2 You also have the right, at any time, for objections relating to your personal situation to object to the processing of your personal data which we undertake on the basis of our legitimate interests, cf. section. 2.1 and 2.3.
4.8 The right to revoke consent
4.8.1 You have the right at any time to revoke the consent you have given us to a given processing of personal data, including the profiling made by you as a member of the customer club. If you wish to revoke your consent, please contact us at mail@staco-nordic.com
4.9 The right to complain
4.9.1 You have the right at any time to file a complaint with the Data Inspectorate, Borgergade 28, 5, 1300 København K about our processing of your personal data. Complaints can, among other things, be submitted by mail dt@datatilsynet.dk or by phone +45 33 19 32 00.

5. DELETION OF PERSONAL DATA
5.1 Information collected about your use of the Website cf. section. 2.1. will be deleted at the latest when you have not used the Website for 5 years.
5.2 Information collected in connection with your registration for our newsletter will be deleted when your consent to a newsletter is withdrawn unless we have another basis for processing the information. 
5.3 Information collected in connection with purchases you have made on the Website cf. section. 2.2 will generally be deleted 5 years after the end of the calendar year in which you made your purchase. However, information can be stored for a longer period if we have a legitimate need for longer storage, for example if it is necessary for legal claims to be established, enforced or defended, or if storage is necessary for us to meet legal requirements. Accounting materials are kept for 5 years until the end of a financial year to meet the requirements of the Accounting Act.
5.4 Information we have collected in connection with your registration for and during your membership of our customer club cf. section. 2.3, we will automatically delete: a) if you have not logged into your user profile for 5 years, b) if you disable (suspend) your membership to our customer club and do not reactivate it within the next 5 years, or c) if you opt out you your membership to our customer club.

6. SECURITY
6.1 We have implemented appropriate technical and organizational safeguards against personal data being accidentally or illegally destroyed, forfeited, altered, or impaired and against unauthorized knowledge or misuse.
6.2 Only employees who have a real need to access your personal data to do their work have access to them.

7. USE OF COOKIES 
A cookie is a small data file that we store on your computer in order to keep track of what is going on regarding to your visit and to recognize the computer. A cookie is not a program and does not contain viruses. Cookies are needed to make the Website work and also help us get an overview of your visit to the Website so that we can continuously optimize and target the Website to your needs and interests. Cookies remember, for example, what you have put in the shopping cart, whether you have previously visited the page, whether you are logged in and what language and currency you would like the website to have.


8. CONTACT INFORMATION
8.1 STACO NORDIC A/S is the resposible data controller for the personal data collected through the Website.
8.2 If you have any questions or comments regarding this Privacy Policy or you would like to exercise one or more of your rights as described in section 4, please contact:
STACO NORDIC A/S
Blovstrød Teglværksvej 3
3450 Allerød
DENMARK

Phone no.: 0045 35 86 44 44 
E-mail: mail@staco-nordic.com

9. CHANGES IN PRIVACY POLICY
9.1 All changes to our Privacy Policy can be found on this website. Date of last update figueres at the bottom of this text.


The Privacy Policy was last updated May 2018