Personal data – GDPR

Personal Data & GDPR

This page explains how CaViPi AB processes personal data in accordance with the EU General Data Protection Regulation (GDPR).

Data Controller

The data controller responsible for the processing of personal data is:

CaViPi AB
Operating under the brand INGLOT Sweden
Email: inglotmalmoe@gmail.com

Scope of This Policy

This policy applies to the processing of personal data relating to:

  • Customers

  • Website visitors

  • Users contacting us regarding orders, returns, or customer service

Personal Data We Process

Depending on how you interact with us, we may process the following categories of personal data:

  • Name

  • Billing and delivery address

  • Email address

  • Order and purchase history

  • Payment-related data (processed by Klarna)

  • IP address and technical usage data

We do not intentionally collect sensitive personal data.

Purposes of Processing

Personal data is processed for the following purposes:

  • To manage and deliver orders

  • To process payments and refunds

  • To provide customer service and handle inquiries

  • To comply with legal obligations (accounting, consumer law)

  • To ensure website functionality and security

Legal Basis for Processing

We process personal data based on one or more of the following legal grounds under GDPR:

  • Performance of a contract – to fulfill your order

  • Legal obligation – bookkeeping and consumer protection laws

  • Legitimate interest – customer service and website security

  • Consent – where required by law

Payment Processing & Third Parties

Payments are handled exclusively by Klarna.

When you choose Klarna as your payment method, your personal data is shared with Klarna in accordance with their role as an independent data controller.

For more information, please refer to Klarna’s privacy policy at www.klarna.com.

We do not sell or share personal data with third parties for marketing purposes.

Data Storage & Retention

Personal data is stored only for as long as necessary to fulfill the purposes described in this policy or as required by applicable law.

Accounting and transaction data may be stored in accordance with Swedish bookkeeping legislation.

Your Rights Under GDPR

You have the right to:

  • Request access to your personal data

  • Request correction of inaccurate or incomplete data

  • Request deletion of your personal data (where legally permissible)

  • Request restriction of processing

  • Object to certain types of processing

  • Request data portability

To exercise your rights, please contact us at inglotmalmoe@gmail.com.

Cookies & Tracking

We use cookies and similar technologies to ensure website functionality and improve the user experience.

For detailed information, please refer to our Cookie Policy.

Data Security

We apply appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, loss, or misuse.

Updates to This Policy

We reserve the right to update this Personal Data & GDPR policy when necessary.
Any changes will be published on this page and apply immediately.

Contact

If you have any questions regarding this policy or how we process personal data, please contact us at:

inglotmalmoe@gmail.com