Privacy Policy

PRIVACY POLICY

1. Who We Are

Zivanno is an e-commerce retailer of fashion jewellery accessories and graphic apparel.

 

Zivanno

Landbovägen 9, Bro, Sweden   

Email: support@zivanno.com

Website: https://www.zivanno.com

 

Zivanno is the data controller responsible for your personal data under the EU General Data Protection Regulation (GDPR, Regulation 2016/679) and the Swedish Data Protection Act (Dataskyddslagen, SFS 2018:218).

 

Data protection enquiries: support@zivanno.com

 

—

 

**2. What Personal Data We Collect**

 

We collect the following categories of personal data.

 

Data you provide directly:

 

Account registration: name, email address, password (stored encrypted).

Orders and purchases: full name, billing address, delivery address, phone number, email address, order history, and payment method type. We do not store full card numbers. All payments are processed securely by our payment providers.

Contact forms: name, email address, and message content.

Newsletter subscription: email address and preferences.

Product reviews: name, email address, and review content.

 

Data collected automatically:

 

Technical data: IP address, browser type and version, operating system, and device type.

Usage data: pages visited, time on site, referring URLs, and clicks.

Cookies: see Section 7.

 

Data received from third parties:

 

Payment processors (Klarna, Swish, PayPal): transaction confirmation and fraud signals.

Shipping providers: delivery status updates.

Google Analytics: anonymised usage statistics.

 

—

 

**3. Legal Basis for Processing (GDPR Article 6)**

 

Processing and fulfilling your order: Contract performance (Art. 6.1.b)

 

Creating and managing your account: Contract performance (Art. 6.1.b)

 

Sending order confirmations and shipping updates: Contract performance (Art. 6.1.b)

 

Responding to your enquiries: Legitimate interest (Art. 6.1.f)

 

Sending marketing emails and newsletters: Consent (Art. 6.1.a)

 

Fraud prevention and site security: Legitimate interest (Art. 6.1.f)

 

Legal and accounting obligations: Legal obligation (Art. 6.1.c)

 

Website analytics: Legitimate interest and Consent (Art. 6.1.f and 6.1.a)

 

Non-essential cookies: Consent (Art. 6.1.a)

 

—

 

**4. How We Use Your Data**

 

We use your personal data to:

 

Process, fulfil, and deliver your orders.

Send order confirmations, invoices, and shipping notifications.

Manage your customer account.

Respond to customer service enquiries.

Send marketing communications, but only with your explicit consent.

Prevent fraud and ensure the security of our website.

Comply with Swedish and EU legal obligations, including the Swedish Bookkeeping Act (Bokföringslagen, SFS 1999:1078).

Improve our website and services through anonymised analytics.

 

—

 

**5. Who We Share Your Data With**

 

We do not sell your personal data. We share it only with the following trusted service providers who process it strictly on our behalf.

 

WooCommerce and WordPress (Automattic): website and e-commerce platform. Located in the USA with Standard Contractual Clauses applied.

 

Klarna Bank AB: payment processing and buy now pay later. Located in Sweden and the EU.

 

Swish (Getswish AB): Swedish instant payment processing. Located in Sweden.

 

PayPal (Europe) S.à r.l.: payment processing. Located in Luxembourg, EU.

 

Stripe and card processors: card payment processing. Located in the EU and USA with Standard Contractual Clauses applied.

 

PostNord, DHL, and other carriers: order delivery and tracking. Located in Sweden and the EU.

 

Google Analytics (Google Ireland Ltd.): anonymous website analytics. Located in the EU and USA with Standard Contractual Clauses applied.

 

Email marketing provider: newsletter delivery. Subject to Standard Contractual Clauses where applicable.

 

All third party processors are bound by data processing agreements compliant with GDPR Article 28. Where data is transferred outside the EU and EEA, we ensure appropriate safeguards are in place through Standard Contractual Clauses or EU adequacy decisions.

 

We may also disclose personal data to Swedish authorities such as Skatteverket, IMY, and Polisen when legally required.

 

—

 

**6. How Long We Keep Your Data**

 

Order and transaction records: 7 years. Required by the Swedish Bookkeeping Act.

 

Customer account data: until account deletion plus one additional year. Retained for service provision purposes.

 

Marketing consent records: until unsubscribe plus two additional years. Retained for consent compliance.

 

Customer service correspondence: 3 years. Retained for legitimate interest and dispute resolution purposes.

 

Website analytics data: 26 months in anonymised form. Google Analytics default retention.

 

Cookie consent records: 1 year. Retained for consent compliance.

 

—

 

**7. Cookies**

 

We use cookies and similar technologies on zivanno.com. Cookies are small text files stored on your device when you visit our website.

 

Essential cookies (no consent required):

Shopping cart and session cookies.

Login and authentication cookies.

Security and fraud prevention cookies.

Cookie consent preference storage.

 

Analytics cookies (consent required):

Google Analytics cookies including _ga, _gid, and _gat. These track page views and sessions anonymously. We have activated IP anonymisation on all analytics tracking.

 

Marketing cookies (consent required):

Any retargeting or advertising cookies will be listed here and will only be activated with your explicit prior consent.

 

You can manage your cookie preferences at any time via our cookie consent banner or through your browser settings. Withdrawing consent does not affect the lawfulness of any processing carried out before withdrawal.

 

—

 

**8. Your Rights Under GDPR**

 

As a data subject under GDPR and Swedish law you have the following rights.

 

Right of access (Art. 15): Request a copy of all personal data we hold about you.

 

Right to rectification (Art. 16): Request correction of inaccurate or incomplete data.

 

Right to erasure (Art. 17): Request deletion of your personal data, subject to legal retention obligations. This is also known as the right to be forgotten.

 

Right to restriction of processing (Art. 18): Request that we limit how we use your data in certain circumstances.

 

Right to data portability (Art. 20): Receive your data in a structured, commonly used, and machine readable format.

 

Right to object (Art. 21): Object to processing based on legitimate interest, including direct marketing.

 

Right to withdraw consent (Art. 7.3): Withdraw any consent you have given at any time. This does not affect the lawfulness of processing carried out before withdrawal.

 

Right not to be subject to automated decision making (Art. 22): We do not use automated decision making or profiling that produces legal or similarly significant effects on you.

 

To exercise any of these rights please contact us at support@zivanno.com. We will respond within 30 days as required by GDPR Article 12. We may ask you to verify your identity before processing your request.

 

—

 

**9. The Right to Complain**

 

If you believe we are processing your personal data unlawfully you have the right to lodge a complaint with the Swedish supervisory authority.

 

Integritetsskyddsmyndigheten (IMY)

Box 8114, 104 20 Stockholm, Sweden

Phone: +46 8 657 61 00

Website: www.imy.se

Email: imy@imy.se

 

You also have the right to complain to the supervisory authority in your country of residence within the EU and EEA.

 

—

 

**10. Children’s Privacy**

 

Zivanno is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data please contact us at support@zivanno.com and we will delete it promptly.

 

—

 

**11. Security**

 

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These include SSL and TLS encryption for data in transit, restricted staff access to personal data, regular security updates, and secure hosting infrastructure. No method of transmission over the internet is 100% secure and we cannot guarantee absolute security.

 

—

 

**12. Changes to This Policy**

 

We may update this privacy policy from time to time. When we make significant changes we will notify registered customers by email and update the date at the top of this page. We encourage you to review this policy periodically.

 

—

 

**13. Contact Us**

 

For any questions about this privacy policy or how we handle your personal data please get in touch.

 

Zivanno

Landbovägen 9, Bro, Sweden

Email: support@zivanno.com

Website: https://www.zivanno.com