Privacy Policy for Xsirius Books

Xsirius Books is an online store and therefore data plays a major role: Right from the moment you click a book in the basket in our webshop until you receive your package. Therefore, we take pride in treating your data correctly. The new data protection regulation (GDPR) came into force on May 25, 2018. The new rules give you, among other things, greater control over how we process your data and how Xsirius Books must contact you in the future. You can read our privacy policy below.

1. General

1.1 This Privacy Policy ("Privacy Policy") describes how Xsirius Books collects and processes information about you.

1.2 The personal data policy applies to personal data that you submit to us or that we collect via the Xsirius Books website.

1.3 Xsirius Books is the data controller for your personal information. All inquiries to Xsirius Books can be made via the contact details listed under item. 7th

2. What personal data do we collect for what purpose and the legal basis for the processing

2.1 When you visit the Website, we automatically collect information about you and your use of the Website, such as what type of browser you are using, the search terms you use on the Website, your IP address, including your network location, and information about your computer for that purpose. optimize user experience and website functionality, as well as target marketing, including retargeting through Facebook and Google. This processing of information is necessary in order for us to take care of our interests in improving the Website and showing you relevant offers. The legal basis for the treatment is the EU Personal Data Regulation Art. 1, points b and f.

2.2 When you buy a product, we collect the information you provide yourself, eg name, address, e-mail address, telephone number, payment method, information about which products you buy and possibly returned, delivery requests, and information about that IP address from which the order is made. This processing of information is for the purpose of delivering the products you have ordered and otherwise fulfilling our agreement with you, including in order to manage your rights to return and advertise and to be able to contact you in connection with your order. Information about your purchases can also be processed to comply with legal requirements, including for accounting and accounting, as well as for targeted marketing. Upon purchase, the IP address is collected for the purpose of preventing fraud. The legal basis for the treatment is the EU Personal Data Regulation Art. 1, points b, c and f.

2.3 When you sign up for our newsletter, we collect information about your name, email address and telephone number. with the purpose of being able to take care of our interest in delivering newsletters to you. The legal basis for the treatment is the EU Personal Data Regulation Art. 1, points b and f.

2.4 When you create a user profile, you are asked to provide eg name, address, e-mail address, telephone number. We compare this information with other information we have about you, including information about what you purchased and possibly returned. We do this treatment with the purpose of being able to take care of our interest in being able to send newsletters and make targeted marketing. The legal basis for the processing is Article 6 (1) of the EU Personal Data Regulation. 1, points b and f.

2.5 When communicating with us, we collect the information you provide, eg name, address, e-mail address, telephone number, and the contents of your inquiry. This processing of information is for the purpose of providing the best possible customer service. The legal basis for the treatment is the EU Personal Data Regulation Art. 1, points b and f.

2.6 When you visit our Facebook pages, we and Facebook collect and process information (shared data responsibility), for example, contact information typically in the form of a name. The purpose of the treatment is to be able to market us to potential customers, answer inquiries and similar related purposes. If you do not want your information to be processed, please do not visit our Facebook pages as it is not currently possible for us to change the Facebook data collection options. The legal basis for the treatment is the EU Personal Data Regulation Art. 1, points b and f.

3. Recipients of Personal Information

3.1 Information about your name, address, e-mail, telephone number and order number and specific delivery requests are passed on to the carrier who handles the delivery of the purchased goods to you.

3.2 In connection with the purchase of services on Xsirius Books, contact and product information may be passed on to relevant suppliers (data controllers) of the relevant service for the performance of the contract.

Recipients of Personal Information within the EU

3.3 Information may be left to external partners who process the information on our behalf. We use external partners for, among other things, technical operation and improvements of the Website, the sending of newsletters and targeted marketing, including retargeting (eg recommendations based on your preferences), as well as for your assessment of our company and products. Among other things, we pass on information such as order number to TrustPilot so that on our behalf an invitation can be sent to evaluate us on TrustPilot's website. If you choose to make a notification, the TrustPilot becomes the data controller for the information provided. These companies are data processors and under our instructions and process data for which we are the data controller. The data processors may not use the information for any purpose other than the fulfillment of the agreement with us, and are subject to their confidentiality. We have entered into written data processing agreements with all data processors who process personal data on our behalf.

Recipients of Personal Information outside the EU / EU

3.4 Information may be left to external partners who process the information on our behalf. We use external partners for, among other things, technical operation and improvements of the Website, the sending of newsletters and targeted marketing, including retargeting (eg recommendations based on your preferences), as well as for your assessment of our company and products. These companies are data processors and under our instructions and process data for which we are the data controller. The data processors may not use the information for any purpose other than the fulfillment of the agreement with us, and are subject to their confidentiality. We have entered into written data processing agreements with all data processors who process personal data on our behalf.

4. Your rights

4.1 In order to create openness about the processing of your information, we as data controller must inform you of your rights.

4.2 The court of appeal

4.2.1 You are at any time entitled to ask us for information on, among other things, what information we have registered about you, what purpose the registration serves, which categories of personal data and recipients of information there may be. may be, as well as information about where the information originated.

4.2.2 You have the right to receive a copy of the personal information we process about you. If you want a copy of your personal information, you must send a written request to info@xsirius.dk. You may be asked to document that you are the one you are giving yourself to be.

4.3 The right to rectification

4.3.1 You have the right to obtain incorrect personal information about yourself corrected by us. If you become aware that there are errors in the information that we have registered about you, you are encouraged to contact us in writing so that the information can be corrected.

4.3.2 Information that we have collected in connection with your creation of a user profile or your registration for our customer club, you have the opportunity to correct via log-in to your user profile.

4.4 The Right to Delete

4.4.1 In some cases, you have the right to have all or some of your personal data deleted by us, for example, if you revoke your consent and we do not have another legal basis to continue processing. To the extent that continued processing of your information is necessary, for example, in order for us to comply with our legal obligations or for legal claims to be established, enforced or defended, we are not obliged to delete your personal information.

4.5 The right to restrict treatment for storage

4.5.1 In some cases, you have the right to limit the processing of your personal data to consist of storage only, for example, if you believe that the information we process about you is incorrect.

4.6 The right to data portability

4.6.1 In some cases, you have the right to obtain personal information you provided to us in a structured, commonly used, machine-readable format and have the right to transfer that information to another data controller.

4.7 The right to object

4.7.1 You have the right at any time to object to our processing of your personal data for the purpose of direct marketing, including the promotion made to target our direct marketing.

4.7.2 You are also entitled at any time for any reason relating to your personal situation to object to the processing of your personal data which we undertake on the basis of our legitimate interests, cf. section. 2.1 and 2.3.

4.8 The right to revoke consent

4.8.1 You have the right at any time to revoke the consent you have given us to a given processing of personal data, including the profiling made by you as a member of the customer club. Consent to newsletters and recommendations can be withdrawn either through your user profile, at the bottom of the marketing material you have received or by contacting us at info @ Xsirius Books.

4.9 The right to appeal

4.9.1 You have the right at any time to file a complaint with the Data Inspectorate, Borgergade 28, 5, 1300 Copenhagen K about our processing of your personal data. Complaints can, among other things, be submitted by mail dt@datatilsynet.dk or by phone +45 33 19 32 00

5. Deleting personal data

5.1 Information collected about your use of the Website cf. section. 2.1. anonymized when you have not used the website for 5 years.

5.2 Information collected in connection with purchases you have made on the Website cf. section. 2.2 will generally be anonymized 5 years after the order is completed or canceled, unless you have an active user cf. section. 5.1. However, information can be stored for a longer period if we have a legitimate need for longer storage, eg if it is necessary for legal claims to be established, enforced or defended, or if storage is necessary for us to comply with legal requirements. Accounting material is kept for 5 years until the end of a financial year to meet the requirements of the Accounting Act.

5.3 Information collected in connection with your registration for our newsletter will be deleted when your consent to a newsletter is withdrawn. However, information can be stored for a longer period if we have a legitimate need for longer storage, eg if it is necessary for legal claims to be established, enforced or defended, or if storage is necessary for us to comply with legal requirements.

5.4 Information that we have collected in connection with your creation of a user profile or your registration for our customer club item. 2.4, we will automatically delete if you have not used the Website or had an active membership for 5 years.

5.5 Information collected when you have published or provided services on our publishing platform, cf. section. 2.5 will generally be anonymized 5 years after you have last had a publication or service for sale, unless you have an active user cf. section. 5.1. However, information can be stored for a longer period if we have a legitimate need for longer storage, eg if it is necessary for legal claims to be established, enforced or defended, or if storage is necessary for us to comply with legal requirements. Accounting material is kept for 5 years until the end of a financial year to meet the requirements of the Accounting Act.

5.6 Information collected in connection with that you have communicated with us cf. section. 2.6, will generally be anonymized 5 years after you have contacted us. However, information can be stored for a longer period if we have a legitimate need for longer storage, eg if it is necessary for legal claims to be established, enforced or defended, or if storage is necessary for us to comply with legal requirements.

5.7 As the personal information provided when visitng our Facebook pages cf. section. 2.7, provided by the person himself on our publicly accessible site, the information will initially be on the page as long as it exists.

6. Security

6.1 We have implemented appropriate technical and organizational safeguards to protect against personal data being accidentally or illegally destroyed, forfeited, altered, or impaired, and against unauthorized or misused persons.

6.2 Only employees who have a real need to access your personal data to do their work are allowed to access it.

7.Kontaktoplysninger

7.1 Xsirius Books is the data controller for the personal data collected through the Website.

Xsirius Books shares data responsibility with Facebook for the personal data collected through our publicly available Facebook pages.

7.2 If you have any questions or comments regarding this Privacy Policy or would you like to exercise one or more of your rights described in section 4, please contact:

Xsirius Books, Rosenhøjvej 10, 8410 Rønde. Tel. no .: (+45) 30713950

Email: info@xsirius.dk

8. Changes in the Privacy Policy

8.1 If we make significant changes to the Privacy Policy, you will be informed of this by sending information to your email address. This will happen in case you have an active user profile, cf. section. 5.4, ​​or an order that has not yet been anonymized cf. section. 5.2.

9. Versions

9.1 This is version 1 of Xsirius Books personal data policy dated 18.06.2019.

9.2 Previous versions: