Choglannjrax

Privacy Policy

Last Updated: January 1, 2024

1. Introduction

This Privacy Policy describes how Choglannjrax ("we," "us," or "our") collects, uses, stores, and protects your personal information when you visit our website at choglannjrax.world (the "Website") or use our services. We are committed to protecting your privacy and ensuring that your personal data is handled in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

By using our Website, you consent to the collection and use of your personal information as described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not use our Website or services.

2. Data Controller Information

The data controller responsible for your personal information is:

Company Name: Choglannjrax
Registered Address: Nydalsveien 33, 0484 Oslo, Norway
Contact Email: customer@choglannjrax.world
Contact Phone: +47 22 89 50 00

For any questions or concerns regarding the processing of your personal data, you may contact us using the information provided above.

3. Information We Collect

3.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

  • Place an order or make a purchase through our Website
  • Fill out contact forms or inquiry forms
  • Subscribe to our newsletter or marketing communications
  • Create an account on our Website
  • Contact our customer support team
  • Participate in surveys, promotions, or contests

The types of personal information we may collect include:

  • Full name
  • Email address
  • Phone number
  • Billing and shipping address
  • Payment information (processed securely through third-party payment processors)
  • Order history and purchase details
  • Communication preferences
  • Any other information you choose to provide in messages or forms

3.2 Information Automatically Collected

When you visit our Website, we automatically collect certain information about your device and browsing behavior, including:

  • IP address and approximate geographic location
  • Browser type and version
  • Operating system
  • Device type and screen resolution
  • Referring website or source
  • Pages visited and time spent on each page
  • Links clicked and actions taken on the Website
  • Date and time of your visit
  • Cookies and similar tracking technologies (see our Cookies Policy for details)

3.3 Information from Third Parties

We may receive information about you from third-party sources, such as:

  • Payment processors and financial institutions
  • Shipping and delivery service providers
  • Marketing and analytics service providers
  • Social media platforms (if you interact with us through social media)
  • Publicly available sources and databases

4. How We Use Your Information

We process your personal information for the following purposes, based on the legal grounds specified:

4.1 Order Processing and Fulfillment (Contractual Necessity)

  • Processing and fulfilling your orders
  • Communicating with you about your orders and deliveries
  • Processing payments and preventing fraud
  • Providing customer support and responding to inquiries
  • Managing returns, refunds, and exchanges

4.2 Legal Obligations (Legal Compliance)

  • Complying with applicable laws, regulations, and legal processes
  • Maintaining records for tax and accounting purposes
  • Responding to lawful requests from public authorities
  • Protecting our legal rights and interests

4.3 Legitimate Interests

  • Improving and optimizing our Website and services
  • Analyzing user behavior and preferences to enhance user experience
  • Conducting market research and developing new products
  • Detecting and preventing fraud, security threats, and technical issues
  • Administering and protecting our business operations
  • Measuring the effectiveness of our marketing campaigns

4.4 Consent-Based Processing

  • Sending you marketing communications and promotional offers (you may withdraw consent at any time)
  • Using cookies and similar technologies for analytics and advertising (see our Cookies Policy)
  • Personalizing your experience on our Website
  • Conducting surveys and requesting feedback

5. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data based on one or more of the following legal grounds:

  • Consent: You have given explicit consent for us to process your personal data for specific purposes (e.g., marketing communications).
  • Contractual Necessity: Processing is necessary to fulfill our contractual obligations to you (e.g., processing your order).
  • Legal Obligation: Processing is required to comply with legal or regulatory requirements.
  • Legitimate Interests: Processing is necessary for our legitimate business interests, provided these interests do not override your fundamental rights and freedoms.
  • Vital Interests: Processing is necessary to protect your vital interests or those of another person.

6. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. However, we may share your information with the following categories of recipients:

6.1 Service Providers

We engage trusted third-party service providers to perform functions on our behalf, including:

  • Payment processing and fraud prevention services
  • Shipping and logistics companies
  • Email and communication service providers
  • Web hosting and cloud storage providers
  • Analytics and marketing platforms
  • Customer relationship management (CRM) systems
  • IT support and security services

These service providers have access to your personal information only to the extent necessary to perform their functions and are contractually obligated to protect your data and use it only for the purposes we specify.

6.2 Legal and Regulatory Authorities

We may disclose your personal information to law enforcement agencies, regulatory bodies, courts, or other public authorities when required by law or when we believe disclosure is necessary to:

  • Comply with legal obligations, court orders, or government requests
  • Enforce our terms and conditions or other agreements
  • Protect our rights, property, or safety, or that of our users or the public
  • Detect, prevent, or address fraud, security, or technical issues

6.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your personal information may be transferred to the acquiring entity or successor organization. We will notify you of any such change and the choices you may have regarding your personal information.

6.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

7. International Data Transfers

Your personal information may be transferred to and processed in countries outside the European Economic Area (EEA) that may have different data protection laws. When we transfer your data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions recognizing that certain countries provide adequate data protection
  • Binding Corporate Rules for transfers within multinational organizations
  • Your explicit consent for specific transfers

We take all reasonable steps to ensure that your personal data is treated securely and in accordance with this Privacy Policy and applicable data protection laws.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, accounting, or reporting requirements. The retention periods vary depending on the type of data and the purpose for which it is processed:

  • Order and Transaction Data: Retained for 7 years to comply with tax and accounting regulations.
  • Customer Account Information: Retained for the duration of your account plus 2 years after account closure or last activity.
  • Marketing Communications: Retained until you withdraw consent or unsubscribe, plus a reasonable period to process your request.
  • Website Analytics Data: Typically retained for 26 months in aggregated or anonymized form.
  • Customer Support Records: Retained for 3 years after the last interaction.
  • Legal and Compliance Records: Retained as required by applicable laws and regulations.

After the retention period expires, we will securely delete or anonymize your personal information in accordance with our data retention and deletion policies.

9. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using SSL/TLS protocols (HTTPS)
  • Encryption of sensitive data at rest
  • Secure authentication and access controls
  • Regular security assessments and vulnerability testing
  • Firewalls and intrusion detection systems
  • Employee training on data protection and security best practices
  • Confidentiality agreements with employees and service providers
  • Regular backups and disaster recovery procedures

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we continuously work to improve our security practices and respond promptly to any security incidents.

10. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

10.1 Right of Access

You have the right to request a copy of the personal information we hold about you and to receive information about how we process it.

10.2 Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.

10.3 Right to Erasure (Right to be Forgotten)

You have the right to request that we delete your personal information in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected or when you withdraw consent.

10.4 Right to Restriction of Processing

You have the right to request that we restrict the processing of your personal information in certain situations, such as when you contest the accuracy of the data or object to processing.

10.5 Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another data controller.

10.6 Right to Object

You have the right to object to the processing of your personal information based on legitimate interests or for direct marketing purposes.

10.7 Right to Withdraw Consent

Where we process your personal information based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

10.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of the alleged infringement, if you believe that the processing of your personal data violates the GDPR.

Norwegian Data Protection Authority (Datatilsynet):
Website: www.datatilsynet.no
Email: postkasse@datatilsynet.no
Phone: +47 22 39 69 00

10.9 Exercising Your Rights

To exercise any of these rights, please contact us at customer@choglannjrax.world or +47 22 89 50 00. We will respond to your request within one month, although this period may be extended by two additional months in complex cases. We may request additional information to verify your identity before processing your request.

11. Children's Privacy

Our Website and services are not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 18 without parental consent, we will take steps to delete that information from our systems.

12. Third-Party Links and Services

Our Website may contain links to third-party websites, applications, or services that are not operated or controlled by us. This Privacy Policy does not apply to those third-party sites. We are not responsible for the privacy practices or content of third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.

13. Marketing Communications

With your consent, we may send you marketing communications about our products, services, promotions, and special offers via email, SMS, or other channels. You can opt out of receiving marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Replying "STOP" to SMS messages
  • Contacting us at customer@choglannjrax.world
  • Updating your communication preferences in your account settings

Please note that even if you opt out of marketing communications, we may still send you transactional or administrative messages related to your orders, account, or our services.

14. Automated Decision-Making and Profiling

We may use automated decision-making and profiling techniques to personalize your experience, recommend products, and detect fraud. You have the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significantly affect you. If you have concerns about automated decision-making, please contact us.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this Privacy Policy and, where appropriate, by sending you an email notification or displaying a prominent notice on our Website.

We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal information. Your continued use of our Website after any changes to this Privacy Policy constitutes your acceptance of the updated terms.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Choglannjrax
Nydalsveien 33, 0484 Oslo, Norway
Email: customer@choglannjrax.world
Phone: +47 22 89 50 00

We are committed to resolving any privacy concerns you may have and will respond to your inquiries as promptly as possible.