Privacy policy

Processing of personal data 

At Önling we have a need for collecting personal data about our customers, to be able to handle orders and customer communication properly. In this Online Data Policy, you can read more about what data we collect, for what purpose and how the data is utilized as we as the individual rights of our customers.

Data protection officer

If you have questions to our processing of personal data, or wish to make use of your individual rights, please contact Lotte Ronan, CEO and Data Responsible Officer at lotte@oenling.com.

Which personal data do we collect?

When you as a customer make use of our website oenling.com we collect and store the personal data you enter voluntarily, i.e. name, e-mail, address and phone number, as well as information about which language version of our site you have visited. Furthermore, we collect data about which products you add to your basket, which products you purchase, when you purchase the goods and at what price. These data are stored as a customer profile of your history with Önling. If you choose to create a password protected account with us or sign up for our newsletter, these data will similarly be stored as a customer profile, or be added to the existing profile.

Out site also collects anonymous data about how the site is being used. These data are necessary for the functionality of the site, for identifying and fixing errors and for allowing us to develop end improve the site. These data about usage are anonymous and can not be traced back to a specifik visitor. 

If, and only if, a visitor accepts marketing cookies, we will collect data about that user's visit, when the visit took place, what products was viewed, added to basket and purchased. 

Purpose of the data collection

We collect and store personal data such as name and contact information for our customers in order to process orders and deliver the purchased goods to the delivery address, as well as be able to communicate with our customers, in case there are questions or issues with an order.

We collect and store information about which language customers have chosen to view our website in, in order to send e-mails such as order confirmation and delivery information in a language the customer understands.

We collect and store information about which products each customer has purchased, when and at what price to provide a smooth shopping experience for our customers and live up to regulations about the consumers rights to withdraw from an order or return products. We furthermore store this information in order to be able to contact customers, if there is a need for after sales communication e.g. a need to provide further information about a product, information about changes to an upcoming event, production issues with a product, or corrections for a knitting pattern, as well as to ask our customers for feedback on our products and services.

If you actively ask to receive our newsletter, we furthermore use contact information to send newsletters, and we utilize information about previous purchases to target content and provide relevant marketing. E-mail marketing requires separate and active consent, so we only send newsletters to customers who have actively signed up for our newsletter. This consent can be withdrawn at any time via the customer account page at our website, or via the unsubscribe link at the bottom of every newsletter.

We collect anonymous data about the usage of our site, what pages have been viewed, how users navigate around the site etc. in order to make sure that the site functions as intended, and to identify errors. The purpose of collecting these aggregate, anonymous data is to develop and improve the functionality of our webshop. 

When visitors accepts marketing cookies, we collect data about which products the user is interested in, as outlined above. The purpose of this data collection is to show relevant offers and ads through third party advertisers. These ads are shown on Facebook, Instagram and other websites where Facebook purchases advertising space. 

Time frame for data processing

The abovementioned personal data collected through our website, is stored as a customer profile indefinitely, or until the customer asks us to erase it. It is relevant for Önling to store personal data indefinitely, as we offer services that run indefinitely, and that we therefore need this data to provide. When a customer purchases a knitting pattern from Önling, this pattern will be available via the customer account page indefinitely, so the customer does not run the risk of losing their knitting pattern. Similarly, customers can contact us, and ask us to send a copy of the knitting pattern they have previously purchased. Furthermore, we send corrections and updates to our customers, in case we face a need to make changes to a knitting pattern.

If a customer should no longer wish to have personal data stored, we will of course accommodate the customer’s request to have their personal data erased, read more in the section about individual rights below.

Legitimacy

According to the EU General Data Protection Regulation (GDPR) with effect from 25th of May 2018, the type of data we collect at Önling is of the non-sensitive kind, and can as such lawfully be processed, when the data subject has given consent to this. At our website, it is therefore only possible to access the checkout page and enter personal information, after consent to this data policy and the data processing has actively been given. This consent ensures that we comply with the GDPR and process data on a lawful basis.

Storing of personal data and consent forms

The personal data and consent we collect, is stored and processed through our online IT system, which is used to manage our website and back-end data. This IT system is developed and managed by Shopify. Shopify therefore processes this data for us, through their data processing center in Ireland in full compliance with the European legislation on data protection. For this purpose, we have a data processor agreement with Shopify, detailing how Shopify must treat this data in order to comply with European legislation on data protection.

Only employees at Önling who need access to personal data to handle orders or administer the website, have access to our customers’ personal data.

Transfers to third parties

We only share personal data with third parties in cases where this is necessary to process the customer’s order or provide customer service.

As mentioned in the previous section, we share personal data with Shopify, as the personal data is collected and stored in the back-end of our website, which is administered by Shopify.

In addition to that, we share data with the following developers of applications for our Shopify web shop. This is a necessity as Shopify is essentially a platform, to which any merchant purchases applications in other to be able to perform specific functions, that are necessary in order to process orders effectively and for customers to navigate the website as they desire.

This sharing of data in compliance with the EU regulation for data protection, and all collaborators have in written committed themselves to only process data in accordance with the agreed purpose, as specified in this Data Policy, as well as ensure that date is processed securely and confidentially.

Individual rights

As a customer you have a set of individual rights, that enable you to control the personal data we process. These are rights in addition to the right to be informed that is fulfilled through the information provided in this Online Data Policy.

  1. Right of access: You have the right to request access to the data Önling has collected and stores about you. You furthermore have the right to receive this information in a commonly understandable and portable format. Should you wish to exert this right, please contact data protection officer Lotte Ronan at lotte@oenling.com.
  2. Right to rectification: If your access to the personal data shows that the data about you is not correct, you have the right to have your personal data updated and thereby rectified. Should you wish to exert this right, please contact data protection officer Lotte Ronan at lotte@oenling.com.
  3. Right to erasure: You have the right to have personal data erased, when the data is no longer necessary for the purpose for which it was collected. When your order has been completed and the warranty has expired, you can therefore contact us and ask us to erase your personal data. Should you wish to exert this right, please contact data protection officer Lotte Ronan at lotte@oenling.com.
  4. Right to object: You have the right to object against processing of your personal data, even if this processing follows the legislation. An objection must contain significant arguments for why Önling should stop the data processing. Should you wish to exert this right, please contact data protection officer Lotte Ronan at lotte@oenling.com.
  5. Right to restrict processing: You have the right to demand that your personal data is only processed in accordance with the legislation, and that processing is suspended until the accuracy of data has been confirmed. Should you wish to exert this right, please contact data protection officer Lotte Ronan at lotte@oenling.com.
  6. Right to withdraw consent: You have the right to withdraw consent at any time, if you have given consent to one or more categories of data processing. Should you wish to exert this right, please contact data protection officer Lotte Ronan at lotte@oenling.com.

Complaints

In Denmark the supervisory authority for data protection legislation is the Danish Data Protection Agency (Datatilsynet). If you wish to complain about Önling’s processing of your personal data, you therefore have the right to lodge a complaint with the Danish Data Protection Agency. Please note that a requirement from the Agency for processing your complaint, is that you have first contacted the organization you are raising a complaint against to hear their explanation of the case. If you wish to lodge a complaint about Önling, you should therefore first contact data protection officer Lotte Ronan at lotte@oenling.com.

Profiling

Önling does not utilize personal data for profiling or any form of automated decision making.

Cookies

Önling uses cookies for certain functions of the website, to optimize the user experience at oenling.com, and for the continued development of the website. 

When you visit oenling.com the first time you will be informed about the use of cookies and asked to specify your cookie preferences. If you accept marketing cookies, Facebook Pixel will be activated, and collect data about you use of the site. This data can be used to subsequently show you relevant ads from Önling at Facebook and other sites that collaborate with Facebook about advertising. The data is only used to show ads from Önling, and we do not share or sell this to other merchants. You can always update your cookie preference by clicking the fingerprint icon visible to the left at all pages. 

Click here for general instructions on how to avoid receiving cookies and deleting the cookies stored on your hard drive.

What is a cookie?

A cookie is a small text file that is stored in your browser and recognized by the site on subsequent visits allowing the site to send personalized information to your browser. A cookie can contain text, numbers or, for example a date, but no personal information is stored in a cookie. It is not a program and it can not contain viruses.

For how long do we store cookies?

The cookies sent to you from this website will be stored for a maximum of 24 months from the last time you visited the site. Every time you visit our website, the period is extended. The cookies in question are therefore kept for a maximum of 24 months from your last visit to our website.

How are cookies used on our websites?

We use cookies to collect data that are necessary for handling orders, as well as to determine how our site is used so we can serve our customers and improve the web shop experience.

What Cookies do we use any why?

Our Önling website is build on the Shopify platform, which uses a series of Cookies: 

Cookies Necessary for the Functioning of the Store:

Name Function
_ab Used in connection with access to admin.
_orig_referrer Used in connection with shopping cart.
_secure_session_id Used in connection with navigation through a storefront.
Cart Used in connection with shopping cart.
cart_sig Used in connection with checkout.
cart_ts Used in connection with checkout.
checkout_token Used in connection with checkout.
Secret Used in connection with checkout.
Secure_customer_sig Used in connection with customer login.
storefront_digest Used in connection with customer login.

 

Reporting and Analytics

Name Function
_landing_page Track landing pages.
_orig_referrer Track landing pages.
_s Shopify analytics.
_shopify_fs Shopify analytics.
_shopify_s Shopify analytics.
_shopify_sa_p Shopify analytics relating to marketing & referrals.
_shopify_sa_t Shopify analytics relating to marketing & referrals.
_shopify_uniq Shopify analytics.
_shopify_visit Shopify analytics.
_shopify_y Shopify analytics.
_y Shopify analytics.
tracked_start_checkout Shopify analytics relating to checkout.