Privacy Policy
1.1 General terms and conditions
Wellier Scandinavia AB ("Wellier", "we") corporate no. 559083-8727 is responsible for the company's processing of personal data. Wellier applies Swedish law and the following conditions, which include the European Parliament and Council's Data Protection Regulation ("GDPR"). We always work to protect your privacy. This integration policy aims to give you information about what rights you have and how we use your personal data that you provide to us. We keep these terms up to date and change them from time to time.
1.2 Wellier reserves the right to change this Privacy Policy from time to time without notifying you of such change in advance. If any change to the Privacy Policy affects the processing of personal data, which is based on your consent, Wellier will obtain a new consent from you regarding such processing. The most recent version of the Privacy Policy will always be available on Wellier's website (www.scriptnutrition.com) and we recommend that you review the Privacy Policy regularly to be aware of any changes.
1.3 This Privacy Policy forms an integral part of our general terms and conditions. Terms defined in our general terms and conditions also apply to this Privacy Policy unless otherwise stated.
1.4 This Privacy Policy applies to the personal data we may process in connection with the use of our Service, customer engagement, business contacts and recruitment.
PERSONAL DATA THAT WE PROCESS
2.1 Personal data refers to information that can be directly or indirectly associated with a living natural person. We process the following types of personal data [(I) name, (II) social security number, (III) address, (IV) e-mail address, (V) telephone number, (VI) IP address, (VII) payment information, (VIII) data about health (IX) job title, (X) correspondence and feedback, (XII) user and customer related data, (XII) and necessary information about our employees,
2.2 Personal data about you who use our Service can be used for the purpose of delivering customized Products to you. Such special categories of personal data constitute health data that you provide to us when ordering our Products and the processing is necessary for us to be able to deliver our Products to you.
2.3 When recruiting or conducting employment, we may also process special categories of personal data if we have a legal obligation or a legitimate interest to do so.
2.4 Persons we process personal data about:
2.4.1 Users of our service or otherwise enter into a business or legal relationship with Wellier.
2.4.2 Business partners, representatives of business partners or potential partnerships of Wellier.
2.4.3 Employees or job seekers at Wellier;
2.4.4 Others who receive communications, newsletters or participate in events.
2.5 The personal data that Wellier processes is provided either by you directly via our Service or alternatively by the company you represent (with which we have a business relationship). If necessary, we may also collect personal data from private and public registers, publicly available sources and from public authorities.
PURPOSE OF THE TREATMENT
3.1 We process personal data for the purpose of:
3.1.1 Communicate, administer, perform and deliver our Service or Product in accordance with agreements with our Users;
3.1.2 administer and fulfill an obligation pursuant to agreements with our business partners;
3.1.3 evaluate, improve and product develop our Service, our Products and systems;
3.1.4 establish and manage customer service matters and advice for customer and partner relations.
3.1.5 recruit staff, including administering and implementing and entering into agreements with employees.
3.1.6 send newsletters, information, offers and market our Service and our Products;
3.1.7 comply with our legal obligations, endeavor to prevent crime, investigate whether a crime has been committed against us and protect our interests in the event of a dispute;
3.1.8 administer and carry out merger, acquisition, reorganization, restructuring, transfer of assets (including our user and customer database) or similar processes where we (and/or our user and customer database) are the subject of the process.
| PURPOSE | TREATMENT | CATEGORY OF PERSONAL DATA | LEGAL BASIS |
| 3.2.1 Communicate, administer and perform and deliver our Service or product in accordance with the agreement with the User | Entering into/drawing up customer agreements with you | name | Performance of a contract - necessary to fulfill our obligations under a contract with you. |
| Administer payment details/payment information | social security number | ||
| Administer returns and complaints and other claims with respect to our Service and Products | contact details (e.g. address, email address, telephone number) | ||
| information about the User's health according to health tests | |||
| payment information | |||
| purchase and transaction information | |||
| correspondence | |||
| 3.1.2 Communicate and administer our services in accordance with agreements with business partners | Questions regarding our business | social security number | Legitimate interest - necessary to fulfill our and your interest in administering customer service inquiries and dealing with any complaints or disputes with you / your organisation. |
| Enable identification of you or organization | contact details (e.g. address, email address, phone number) | ||
| Handle complaints or disputes with you / your organization | payment information | ||
| purchase and transaction information | |||
| correspondence | |||
| 3.1.3 Evaluate, improve and product develop our Service, Products and systems. | Improve and develop our Service, our products and our systems | email address | Legitimate interest - necessary to fulfill our interest in evaluating and improving our services, systems, assortment, etc. |
| Improve and adapt our Products and Services for our Users' needs | correspondence and feedback | ||
| Prepare data and reports in order to improve our Service, Products, assortment, policies, operations. | user-related data | ||
| Enable our customers to influence our Service, Products, systems, range, etc. | Health information from health tests | ||
| 3.1.4 Create and manage customer service cases and advice for customer and partner relations | Identify customers, organizations and partners | name | Legitimate interest - necessary to create a relationship with you / your organization. |
| Manage relationships and complaints with customers, business relationships and partners | social security number | Fulfillment of an agreement - necessary to negotiate and prepare agreements with you / your organization. | |
| Prepare negotiations to enter into agreements with you and business organizations | job title | ||
| contact details (e.g. address, email address, phone number) | Legitimate interest - necessary to be able to provide advice and respond to any complaints about our Services and Products. | ||
| payment information | |||
| necessary health information | |||
| 3.1.5 Recruit personnel, including administering and implementing agreements with employees. | Carry out recruitment processes and recruit staff | name | Fulfillment of an agreement - necessary to administer and fulfill obligations under an employment agreement. |
| Verify identity and background | social security number | ||
| Establish relationships with staff and communicate with candidates applying for jobs with us | contact details (e.g. address, email address, phone number) | ||
| Carry out administrative tasks for the employees (e.g. salary payments, benefits, pensions and insurance, training etc. | employment and other information about the employment | Fulfillment of a legal obligation - necessary under applicable labor law (health information and other special categories of personal data, if any, are processed only to the extent necessary to fulfill our obligations and rights under labor law) | |
| Compliance with legal obligations in relation to employer responsibilities (e.g. accounting, reporting to tax and regulatory authorities, administration of sick leave and rehabilitation, demonstrating compliance with laws and regulations, for example by keeping insider registers, etc.) | work experience, education and other information we receive (e.g. in CVs, cover letters and during interviews) | ||
| Other purposes related to any of the above points | information for salary payment (bank, bank account number, etc.) | ||
| communication | Legitimate interests - necessary to be able to carry out our interest in, for example, training our employees | ||
| health information (about absence functions, rehabilitation, sick leave, information about personal injuries, allergies, etc.) | |||
| 3.1.6 Send newsletters, information, offers and marketing of our Service and Products. | Send newsletters to you / your organization | name | Legitimate interest - necessary to carry out our interest in marketing our services, providing you with informational offers etc. (which you can object to at any time). |
| To provide direct marketing of our Service and Products to potential Users or business partners for whom you act as a representative. | job title | ||
| Provide you with offers related to our Products, Services, systems etc. | contact details (e.g. address, email address, phone number) | ||
| Provide you with information about our Service, Products, systems, etc. | Health information from health tests | Consent - we will obtain your consent to provide you with newsletters, offers etc. if required by us under applicable marketing legislation. | |
| 3.1.7 Comply with our legal obligations, seek to prevent crime, investigate whether a crime has been committed against us and protect our interests in a dispute. | To comply with our obligations under applicable laws and regulations, court and/or government orders (e.g. tax laws, bookkeeping and accounting laws, money laundering regulations, etc.) | name | Fulfillment of a legal obligation - required by applicable law. If relevant personal data is not provided to us, we cannot fulfill our legal obligations. |
| Prevent or investigate fraud and other illegal activities | social security number | ||
| Prevent unauthorized use of the Services, phishing, spamming, other activities not permitted by our Terms of Service | contact details (e.g. address, email address, telephone number) | ||
| Improvements to our IT environment to prevent fraud and attacks | necessary health information | Legitimate interest (if the above does not apply) - necessary to prevent misuse or abuse of our service, prevent and investigate crimes against us and protect our interests in the event of a dispute. | |
| IP address | |||
| user-related data | |||
| payment information | |||
| purchase and transaction information | |||
| correspondence | |||
| details of defects, claims, etc. | |||
| necessary information about the employment / the employee (if an employee of Wellier) | |||
| 3.1.8 Administer and carry out merger, acquisition, reorganization, reconstruction, takeover (including our customer and user database) or similar processes where we and / or our customer and user database are the target. | Carry out a merger, acquisition, reorganization, transfer of assets (including our customer and user database) | name | Legitimate interest - our interest in facilitating an acquisition or reorganization process, provided we have previously assessed that our interest in doing so is not overridden by your legitimate interests and rights under the GDPR. However, such transfer of your personal data requires that the receiving party performs similar activities as Wellier. |
| Fulfill an agreement with a counterparty (providing similar activities to Wellier) in such a process | job title | ||
| Ensure that the other party in such a process continues the processing of your personal data for the same purposes and in the same way as described in this Privacy Policy (unless otherwise notified to you) | social security number | ||
| contact details (e.g. address, email address, phone number) | |||
| IP address | |||
| payment information | |||
| purchase and transaction information | |||
| correspondence | |||
| necessary information about the User's health | |||
| necessary information about the employment / the employee (if an employee of Wellier) |
LEGAL BASIS
4.1 We process personal data in accordance with this Privacy Policy (I) to fulfill our obligations pursuant to a contract with you (or with the company you represent), (II) to fulfill our legal obligations under applicable law, (III) if we have a legitimate interest in processing the personal data and/or (IV) if we have your consent to process your personal data.
4.2 If we intend to process your personal data for any specific purpose that requires your consent under the GDPR or other applicable legislation, we will first ask for your consent.
4.3 If we intend to process personal data in a way that is likely to lead to a high risk for the data subject's rights and freedoms, we carry out a consequence assessment according to the GDPR before such processing begins, with which, among other things, we (I) systematically review the planned processing and its purpose . We only apply processes regarding the processing of personal data that have been approved by us in an impact assessment given that the process in question is subject to such an impact assessment according to the GDPR. Application of such processes that have been subject to impact assessment are monitored and re-examined by us continuously in accordance with our established procedures from time to time.
4.4 If we intend to process personal data based on our legitimate interest in handling personal data for a specific purpose, before that we carry out a so-called interest balancing, whereby we evaluate, among other things, whether our legitimate interest outweighs the data subject's fundamental rights and freedoms in accordance with the GDPR. We only process personal data based on our legitimate interest if we make the assessment that our legitimate interest outweighs the data subject's interests and rights according to the GDPR.
SECURITY MEASURES; EXTERNAL PARTIES ETC
5.1 Personal data is always treated confidentially and protected by appropriate security measures. Wellier ensures that companies that process and/or handle personal data on our behalf have a high level of security to protect your personal data. Please note, however, that we cannot guarantee the security of the personal data you send to us over the internet. Transfer of personal data over the internet takes place at your own risk. You are responsible for keeping all passwords you use to access our Platforms secure and not disclosing your passwords to third parties.
5.2 We may disclose your personal data to external parties with whom we cooperate for the purpose of performing our service, delivering our products and/or conducting our business, e.g. licensors, marketing agencies, email providers, database and website providers, producers and suppliers, etc. We may also disclose your personal data when we have an obligation to do so under applicable law, e.g. due to money laundering laws, tax laws, court orders or government requests.
5.3 We may transfer and store personal data in countries outside the EU/EEA in order to perform our Service, deliver our Products and/or otherwise conduct our business. When Wellier transfers personal data to such countries, we will take reasonable legal, technical and organizational measures to ensure that your personal data is adequately protected, at the same level as it would have been within the EU/EEA, by using relevant safeguards. For the avoidance of doubt, such transfer referred to herein, if applicable, will only include the type of personal data relevant to the purpose of the processing.
STORAGE AND DELETE OF PERSONAL DATA
6.1 Personal data is only stored for a limited time and no longer than is necessary for us to fulfill our purposes of processing, or for as long as we are obliged to store the information in accordance with applicable legislation and relevant guidelines. The storage period depends on several factors, including for example (I) the laws and regulations with which we are required to comply, (II) whether we are in a legal or other type of dispute with each other or a third party, (III) the type of information we have about you, (VI) if we or a supervisory authority is asked to save your personal data for a valid reason. If the processing of your personal data is no longer necessary, your personal data will be deleted in accordance with our procedures.
6.2 If Wellier is subject to liquidation or bankruptcy or if Wellier's user and customer database is transferred to a third party that conducts similar activities to Wellier, Wellier shall then delete your personal data, provided that Wellier is no longer required to store the information in accordance with applicable law and relevant guidelines. If Wellier is the subject of a merger, acquisition, reorganization or similar process, Wellier will continue processing your personal data in accordance with this Privacy Policy unless otherwise specifically notified to you in connection with such process.
6.3 If we process personal data obtained from e.g. publicly available sources for direct marketing purposes with legitimate interest as a legal basis, we will not store such personal data for longer than one (1) month before informing the data subject of such processing. As a registered user, you have the right to object at any time to such processing of your personal data, after which we will cease direct marketing to you and the processing of your personal data for this purpose.
6.4 You can unsubscribe from our newsletters or similar communications at any time. In such case, we will no longer store or process your personal data for such purpose.
YOUR RIGHTS AS A REGISTER
7.1 Wellier is the personal data controller for the processing of your personal data, and as a registered user you have certain rights vis-Ă -vis us regarding your personal data. However, the rights are not absolute, which means that there are exceptions to some of the rights where we cannot go ahead and fulfill your request.
7.2 As a registered user, you have the following rights
7.2.1 Right to revoke given consent - which means you have the right to revoke a given consent where Wellier processes your personal data based on consent;
7.2.2 Right of access (register extract) - which means that you have the right to request a confirmation of our processing of your personal data, to receive information about the processing, to have access to the personal data in question and the right to receive a copy of your personal data;
7.2.3 Right to correction - which means that you have the right to have incorrect personal data about you as a registered person corrected by us;
7.2.4 Right to deletion - which means that you have the right to have your personal data deleted under certain circumstances. This right is limited and we may be required to store your personal data in accordance with applicable law;
7.2.5 Right to object - which means that you have the right to object to Wellier's processing of your personal data under certain circumstances (you can for example (I) object to us processing your personal data, if we base such processing on our legitimate interest, and (II) object at any time to Wellier's processing of your personal data if such processing is for direct marketing purposes, etc.);
7.2.6 Right to limited processing - which means you have the right to demand that Wellier limit the processing of your personal data, but not delete it; and
7.2.7 Right to data portability - which means you can request that Wellier transfer your personal data to another data controller.
7.3 If you believe that our processing of your personal data does not comply with the GDPR or other applicable legislation, you have the right to submit a complaint to the Swedish Data Protection Authority.
7.4 All inquiries from you as a registrant under this Privacy Policy should be sent to us at: hi@scpriptnutrition.com. Requests will be handled as soon as possible, but no later than within one (1) month from the date Wellier received the request.
8.0 COOKIES
Wellier uses cookies on its website www.scriptnutrition.com to provide and update our service and to improve the user experience. For information on how Wellier uses cookies, please refer to our cookie policy. The latest version of our cookie policy will always be available on our website and we recommend that you review it regularly to take note of any changes.