Cookies & Privacy Policy

Cookie Policy

About Cookies

Under Your Skin AB is controller for cookies and the processing of your personal data under the Cookie policy below. This information concerning cookies explains how Under Your Skin AB uses cookies to recognize you when you visit any of our websites that refers to this policy.  

What are Cookies?

Cookies are small data files which are saved and downloaded onto the device that you are using to browse the internet. While visiting our website certain information may be collected through the use of cookies. When using the term “cookies” we refer both to cookies that we ourselves place on the websites (first-party cookies), as well as cookies placed by third parties (third-party cookies). Our use of the term further refers to pixel tags/beacons, plug-ins and similar tracking technology.

About the information and why it is collected

Cookies are sometimes used to collect information that can constitute personal data, such as IP-addresses and other information connected to an IP-address. However no personal data that is directly related to you as a person is collected.

We use cookies to improve your user experience. Using cookies, we are able to receive information about when and how long you visit our website, what website you visited before ours and which internet provider you are using. The purpose of this is to optimize your visit and to continually improve our website. The information is further used to evaluate and improve eventual advertising.

Lawful grounds of the use of Cookies

Since the website can not function properly without strictly necessary cookies, this category of cookies is always allowed while using the website. The lawful ground for our use of strictly necessary cookies is our legitimate interest in providing a functional website.

Concerning preference, statistics, and marketing cookies we rely on your consent. When you visit our website for the first time you will notice a banner containing information about how we use cookies. You will be asked to consent to the use of cookies. You have no obligation to consent to preference, statistics, and marketing cookies to gain access to the website, although some services require the use of these types of cookies. These functions may therefore be limited or inaccessible if you choose not to consent to the use of these cookies. You may change the settings, withdraw, or alter your consent at any time by emailing hello@underyourskin.se

The types of cookies used on the website

There are two types of cookies that are mainly used, which are “session cookies” and “permanent cookies”. Session cookies are automatically deleted as soon as the user closes the web browser. Permanent cookies are stored in your unit in order to facilitate any future visits to the website. The permanent cookies are deleted after a certain period of time.

Under Your Skin is using first-party cookies on the website, and to some extent third-party cookies as well. The cookies that you see while visiting our website are first-party cookies and placed in your unit by us for different reasons. Cookies that are placed by a third-party company are called third-party cookies. These cookies are for instance placed in your unit by social media platforms or a supplier of advertising networks or advertising techniques.

In some cases third-party cookies may be used for the third parties’ own purposes. These cookies can for instance be used to gather information about internet traffic, determining which websites that the user last visited or be used for targeted marketing for other websites. 

Below you will find a list of the different types of cookies that is used on our website, as well as some more information about these.

Necessary cookies

These cookies allow you to navigate around our site. They collect information that is necessary for you to be able access some of the website’s services. One example is for us to be able to verify your details when an order is being placed. These cookies are further required for us to remember which products that has been placed in your shopping cart. The website cannot function properly without these cookies.

Preference cookies

Preference cookies enables our website to remember information that changes the way that the website behaves or looks like, in order to adapt the website after your needs. For instance your preferred language or the region that you are in.

Statistics cookies

These cookies allow us to count the number of visits and how you found our website. We can then measure and improve our website. The statistics cookies help us to know which pages that are popular and how visitors navigate around the site. The information that these cookies collect is aggregated.  Some of the statistics cookies are third party cookies which means that we will transfer information to such third parties.

Marketing cookies

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby of greater value for publishers and third-party advertisers. We collect data about how our websites are used, which is then used for customer segmentation for marketing and online advertising. The goal is to communicate and advertise as relevant products and services for you as possible. If you do not allow these cookies, we will not perform any targeted online marketing. If you have given consent to "Statistics cookies", we will save this data, but we only use it if you consent to marketing cookies.

Your consent applies to the following domains: www.underyourskin.se, underyourskin.co

Cookie-declaration

 

How to block the use of cookies

If you do not accept the use of cookies, it is possible to adjust your browser settings to automatically deny websites the right of storing cookies. An alternative to this is choosing to set your browser in a way that it informs you every time a website requests to store cookies. It is moreover possible to delete previously stored cookies within your browser.

If your browser denies the use of cookies, the functionality of the website may be limited, and certain functions and pages may not work in the usual way.

If you wish to disable the use of cookies, please visit the settings page in your browser (each browser’s website should contain instructions on how this is done). Cookies that have been stored from previous visits on a website can also be deleted through your web browser.

For further information about cookies and how to protect one's personal data on the internet, please refer to: http://www.youronlinechoices.eu/

Further information

Further information concerning the processing of your personal data can be found in our privacy policy.

 

Privacy policy

SECTION 1: INTRODUCTION

It is of great importance for us at Under Your Skin to ascertain the privacy of our customers, and we want to ensure that your personal data is protected in the most efficient way.  In this privacy policy we will explain how we collect and use your personal data, in order to show how we ensure that your personal data is processed in accordance with applicable law.

Controller for the processing of personal data

Under Your Skin AB is the controller for the processing of personal data under this privacy policy. Under Your Skin is responsible for ensuring that the processing of personal data is in accordance with current data protection legislation.

Under Your Skin Sweden AB
559081–4934
Fleminggatan 61
112 32 Stockholm, Sweden 
hello@underyourskin.se

Who do I contact with questions and when I want to exercise my rights?

Questions:

If you have any questions regarding the processing of your personal data, you are welcome to contact us by email hello@underyourskin.se

Complaints:

If you have any complaints or views regarding our processing of personal data, or if you are not pleased with the answer that you have received, you are entitled to lodge a complaint to the relevant data protection authority, such as the Swedish Authority for Privacy Protection in Sweden.

SECTION 2: INFORMATION TO THE DATA SUBJECT

We process personal data that is supplied to us, for instance when placing an order or when contacting us through email. We may collect and process the following categories of personal data when you visit our website and/or our subdomains:

  • Contact and identification data – Name, personal identity number, email address, address, telephone number.
  • Organizational information –Title, registration details for your company and company location including address, billing information for your company.
  • Information about your use of our services – Information about your requests and purchases. For instance, regarding the type of item, delivery tracking number, payment information, information relating to returns and deliveries and other purchase information.
  • Device information –Information we collect when you use our websites: When you visit our websites, we may register your IP address, browser type, browser settings, operating system, language settings, platform, time zone, screen resolution and similar information about your device settings.

For what purposes do we process your personal data?

Private customers

The purposes and legal basis of the processing

If you are a natural person and enter into an agreement with us, your personal data will be processed for the following purposes:

  • To manage your orders and purchases,
  • In order for us to be able to register you as a customer in our system, plan and carry out the undertakings covered by the agreement,
  • For invoicing and invoice management,
  • To monitor, process and correct any errors as well as fulfilling any warranty obligations in accordance with our agreement,
  • For testing and improving our system and processes,
  • To prevent any misuse or inappropriate use of our services,
  • We may use your personal information to send you newsletters, brochures, text messages or other marketing communications.


Personal data that is processed for the described purposes is contact and identification data and information about your use of our services. The processing of your personal data is required for us to be able to fulfill the agreement between you and Under Your Skin. Some of your personal data is processed to comply with laws, for example the Swedish Book-keeping Act. The legal basis is in these cases based on a legal obligation. Processing in order to improve our processes and systems is done on the legal basis of our legitimate interest of improving the services that we are supplying. We further have a legitimate interest of processing your personal data to prevent any misuse or inappropriate use of our services and products. We will also process your personal data to promote our products, for example by sending you newsletters, brochures, text messages or other marketing communications. The legal basis of this type of processing is your consent or our legitimate interest of marketing our products.

Recipient of personal data

Personal data may in the event of a request from a public authority be disclosed to the authority in accordance with what is prescribed by law. Personal data may further be disclosed with partners providing services to the company, including marketing, finance and IT services, to the extent that is required in order for us to fulfill our commitments towards the customer.  

Storing of personal data

We process your personal data for as long as the customer relationship persists and thereafter for as long as the legal retention period requires or allows. If your personal data is processed in the invoice documentation, it will be retained for seven years in accordance with the Swedish Book-keeping Act. Personal data that is necessary for us to fulfill our warranty obligations will be kept for as long as the warranty is valid.

Visitors of our website

We may process your personal data when you visit our website. If and what personal data that is processed depends on your browser settings as well as the settings that you choose on our website. Our website uses cookies, which are small data files which are saved and downloaded onto the device that you are using to browse the internet. While visiting our website certain information may be collected through the use of cookies, for example regarding how you use our website. Further information about which cookies we use and how we use them is found in our Cookie Policy.

Moreover, we process your personal data when you contact us through our website, for example filling out a contact form on our website.

The purposes and legal basis of the processing

We use your personal data for the development and improvement of our website, to understand how the visitors are using it and to ensure the functionality of the website. This personal data that is processed for these purposes is device information. We are relying on the legal basis of legitimate interest regarding the use of necessary cookies, since they are necessary in order for us to provide a functioning website. The processing of personal data through analytical cookies is based on consent as the legal basis. You have no obligation to consent to analytical cookies to gain access to the website, although some services require the use of these types of cookies. Some functions may therefore be limited or inaccessible if you choose to not consent to the use of these cookies. You may change the settings, withdraw, or alter your consent at any time by emailing hello@underyourskin.se.

When contacting us through the website your personal data is processed on the basis of our legitimate interest of managing your request or order and being able to communicate with you. Personal data processed for this purpose is contact and identification data as well as other information that you may have provided.

Recipient of personal data

Personal data may further be disclosed with partners providing services to the company, including marketing, finance, and IT services, to the extent that is required in order for us to provide the website.    

Storing of personal data

Further information is found in our Cookie Policy.

Visitors of our social network pages

We are the controller regarding personal data that is published in our social network pages (LinkedIn, TikTok, Facebook and Instagram). We are responsible for making sure that no inappropriate or offensive posts are published in our social network channels. In such a case, the post in question will be deleted.   

The purposes and legal basis of the processing

The purpose of our social network channels is to inform and market our business and our products to existing and potential customers. The types of personal data processed regarding this purpose are contact and identification data as well as organizational information. If you choose to interact with any of our social network pages, you have consented to receiving our social network posts in you feed. You have the option at any time to stop liking the page or to hide individual or all of our posts. We may use the information in order to contact you or the company or organization that you represent in order to inform you about our products. The legal basis for this is our legitimate interest.

For further information about how your personal data is processed we refer you to the social network in question: LinkedIn, TikTok, Facebook and Instagram.

Recipient of personal data

Personal data may be disclosed with partners providing services to the company, for example marketing services.

Storing of personal data

The personal data that you as an individual provide by interacting or commenting will be stored for the time being or until you delete the interaction or comment yourself. This applies under the premise that the interaction or comment appears to be made by you as a sender. Unwanted comments will be deleted on an ongoing basis.

Subscriptions to our Newsletter and text messages

The purposes and legal basis of the processing

The purpose of the processing is for you to be able to receive Under Your Skin´s newsletter and text messages. We may use your personal data to market our products, services, events etc. in the newsletter.  The personal data that is being processed is contact and identification data. The legal basis for the processing is your consent. You may at any time withdraw your consent by unsubscribing from the newsletter, using the attached link in the newsletter.

Recipient of personal data

Personal data may be disclosed with partners providing services to the company, including IT services or services regarding the administration of newsletters and text messages.

Storing of personal data

Your personal data will be saved for as long as you remain a subscriber to our newsletter. Under Your Skin will delete your personal data when you unsubscribe. You unsubscribe by using the attached link, or by sending an email to remove-me@underyourskin.se. 

Contact persons of our business customers, distributors or suppliers

The purposes and legal basis of the processing

If you are a contact person and an employee of any of our customers, distributors, or suppliers your personal data will be processed to the extent that is necessary for us to be able to contact the customer, distributor or supplier in question. Personal data will also be processed to administrate the contractual relationship and for us to be able to fulfill the obligations towards the party in question. The personal data that is being processed is contact and identification data and organizational information. The legal basis for the processing of this type of information is our legitimate interest in being able to carry out the agreement or the contractual relationship that arises due to an order from a customer or distributor, or a purchase from a supplier. Moreover, we will process personal data of the contact persons of our business customers to market our products, on the basis of our legitimate interest.

Recipient of personal data

Personal data may be disclosed to a public authority in accordance with what is prescribed by law, as well as to any partners providing services to the company. Regarding contact persons of businnes customers this includes marketing, finance, and IT services, to the extent that is required in order for us to fulfill our commitments towards the customer. Regarding contact persons of distributors or suppliers the disclosure includes IT services, in a way and to an extent that is demanded in order for us to fulfill our commitments towards you as a data subject.

Storing of personal data

Your personal data will be saved for as long as the customer relationship persists and thereafter for as long as the legal retention period requires or allows. If your personal data is processed in the invoice documentation, it will be retained for seven years in accordance with the Swedish Book-keeping Act. If you terminate your employment with our customer, distributor, or supplier, your contact information will be deleted and replaced with your successor´s information. This will be done as soon as we receive the updated information from you or your employer.  

SECTION 3: Transfer of personal data outside the EU/EES

If we need to transfer personal data to a country or company outside the EU/EES, we will take appropriate measures to protect your personal data in the most efficient way.

  • We are using third-party cookies on our website. The use of third-party cookies means that your personal data may be transferred to a third party which is located in a third country, for example the United States.
  • We are using social network channels. The use of social network channels means that your personal data may be transferred to a third party which is located in a third country, for example the United States.
  • We publish a newsletter via email and text messages. The service of publishing and administering the newsletter means that your personal data may be transferred to a third party which is located in a third country, for example the United States.

In the case of personal data being transferred to a third country, we will take appropriate measures to protect your personal data in the most efficient way. Such appropriate measures may include:

  • making sure that the EU commission has decided that the country in question offers an adequate level of data protection, corresponding to the level of protection provided by the GDPR.
  • using the Standard Contractual Clauses (SCC) issued by the EU commission. When personal data is transferred to a third country on the basis of SCC:s we assess whether there is legislation in the receiving country that affects the protection of your personal data. If it is required, we will undertake technical and organizational measures to ensure the protection of your personal data for the transfer outside the EU/EES. Due to the United States security legislation, there is a risk that US authorities may be granted access to personal data transferred to the United States with the purpose of fighting crime or protect national security. This risk exists even though we are taking technical and organizational security measures.

You may contact us through hello@underyourskin.se to receive a copy of our security measures.

SECTION 4: YOUR RIGHTS

As data subject you have certain rights. The rights in question are based on the GDPR. The rights are stated below in this document. You are welcome to contact us when you want to exercise your rights. Our contact details are stated in section 1 of this policy document.

When exercising your rights, we have as an objective to process and return to you within a month from when you first contacted us. The process may take up to three months if the extent or complexity of the matter so requires. If that is the case, you will be notified by us. We will always answer your requests in writing.

Below there is a description of the different rights that applies when we process personal data about you.

Depending on the legal basis and purpose of the processing, there may be exceptions or limitations in your possibility of exercising your rights.

If the request is manifestly unreasonable or unfounded, we may either charge a fee or refuse to comply with the request. This may especially be the case if the request in question takes place on a recurring basis. However, we must in such a case be able to show that the request is manifestly unreasonable or unfounded.

  • The right of access to your personal data, data extract

You may request a confirmation from us as to whether personal data about you is being processed and how it is being processed. You also have a right to request access to the personal data that we are processing, a so-called data extract.

  • The right to rectification of inaccurate information

You have the right to obtain rectification of inaccurate personal data. You also have the right to have any incomplete personal data completed.

  • The right to be forgotten

You have the right to have your personal data deleted. Upon such a request, data will be deleted if it is no longer necessary to process or keep due to the purpose that the data was collected for. We will also delete your personal data if you withdraw your consent to the processing. In some cases, we do not have the possibility of deleting your personal data. The reason for this is if the data is still necessary due to the purpose that it was collected, or that our interest in processing the personal data outweighs your interest of having it erased. Moreover, there may in some cases exist legal requirements for us to keep the information.

  • The right to restriction of processing

You have the right to request the processing to be restricted under certain circumstances.

The possibility of restriction applies if: a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data; b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead; c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims; or d) the data subject has objected to processing pursuant to article 21.1 of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject

  • The right to data portability

When we process personal data in order to fulfill an agreement with you or based on your consent, you have the right to request the personal data concerning you. This applies under the condition that you have provided the personal data to us in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

  • The right to object to processing

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you and which is based on point (f) of article 6.1 in the GDPR, legitimate interest. The right to object includes processing that includes profiling.

  • The right to object to decision-making based on automatic processing

You have the right to not be the subject of a decision based on automatic processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.   

SECTION 5: CHANGES TO THIS PRIVACY POLICY

We reserve the right to make changes to this policy at any time, to the extent we find necessary. This may be done based on if we change how we process personal data, and in order to fulfill new legal requirements, interpretations of legal requirements, technical requirements or to remedy problems or disruptions. Former policies will be kept available on our website.