Privacy Policy

TERMS OF PRIVACY

General information

For more information on data protection and personal data processing, please contact [email protected]

Norelie.co is committed to protecting the privacy of its customers and offers you the opportunity to influence the processing of your data.

This Privacy Policy informs our customers about the processing of their personal data. Customers must accept the terms of this Privacy Policy in order to use Norelie.co services.

The information we collect can be divided into information provided by the user, information observed while using online services, and information derived from analysis.

We use the data to:

- To provide an easy-to-use and secure service
- To provide good customer service
- To help us provide a helpful and convenient service
- To provide good customer service and improve the online store

What information about me can be collected?

Information provided by the user or information that identifies a person:

  • Identifying information, such as first and last name
  • Personal identification number used to identify the customer at the time of entering into a credit agreement.
  • Passport data or similar information required by customs when ordering tax-exempt goods or services from outside USA.
  • Contact information, such as address, e-mail address and telephone number.
  • Payment information, including credit agreements and other billing information.
  • With customer consent, location information used to estimate delivery times.
  • Email address and certificate used for Google, Facebook or Microsoft login.

Data observed and derived from analysis of service use:

  • Purchase history, including products ordered and their prices
  • Delivery information, such as the selected delivery method and delivery address
  • Product reviews
  • E-commerce usage and browsing data, including terminal identification data
  • Product recommendations and other data and identifiers used to create targeted content

Providing identification, contact and payment information is mandatory when you shop online at Norelie.co.

The main source of information is the user himself, and we may also receive additional information from our partners, such as credit service providers. In accordance with the provisions of the General Data Protection Regulation, we will inform you of any personal information we receive from third parties when we first contact you, or within one month of receiving your personal information at the latest.

What my personal data is used for?

Personal data is used:

  • To maintain customer relationships
  • To deliver, process and archive orders
  • To develop Passon.fi's business and services
  • To improve the quality of customer service
  • For analytical and statistical purposes
  • To provide more personalized, targeted content and marketing
  • To prevent abuse
  • To provide better customer service

Data is processed on the basis of the relationship between the customer and Norelie.co, contract, use of the website, separate express consent of the customer or legal obligations.

How my data is stored and protected?

All personal information is protected from unauthorized access and accidental or unlawful destruction, alteration, disclosure, transfer or other unlawful forms of processing.

Norelie.co stores customer information in the United States. The data centers and the technical and process security of the transaction systems are of a very high standard and are purchased as a service from a major US service provider. Servers are protected against data breaches and denial of service attacks.

We follow good data protection practices for personal data processing and technical solutions, including data consolidation, minimization, pseudonymization, anonymization and encryption. The processing of personal data takes into account the requirements of the EU General Data Protection Regulation effective May 25, 2018.

All access to personal data is controlled in accordance with good practices.

Who processes my personal data?
Only Norelie.co employees have access to customer data. Our employees are trained in the safe and ethical use of data. Each member of our staff sees customer data only to the extent necessary to do their job.

We use trusted contractors, which allows the transfer of data to third parties. All contracts with our partners take into account the requirements of the EU Data Protection Regulation and other regulations.

How long will my data be stored?
We will retain your personal information only for the period necessary to fulfill the purposes described in this notice. In addition, some information may be kept longer to the extent necessary to fulfill and demonstrate compliance with legal obligations, such as record keeping and consumer obligations.

At the customer's request, personal information that pertains to the customer may be deleted or anonymized from Norelie.co's systems. The deletion and anonymization operation is irreversible and we cannot return deleted customer accounts.

For some data, the law imposes an obligation to store data for a longer period of time, including for the following purposes:

The Accounting Law mandates longer data retention periods, regardless of whether the data contains personal data or not.

Longer data retention periods apply to fulfill consumers' commercial obligations.

Log data from the systems is collected and stored as required by law to ensure our customers' legitimate and safe online shopping experience.

Making adequate backups of the store's databases and systems to protect data, correct errors, and ensure security and business continuity.

What rights do I have?

As a customer, you have the right to:

  • Access to personal data concerning you, including the right to obtain a copy of personal data concerning you.
  • Request the rectification or deletion of personal data concerning you.
  • Under certain conditions, request the restriction of processing or object to the processing of personal data
  • In addition, if the processing is based on individual consent, you have the right to withdraw your consent at any time. Please note that this does not affect the lawfulness of processing carried out before the withdrawal of consent.

You may make a request to exercise your rights by contacting our customer service department. The request must be specific enough to allow our customer service department to verify your identity. We will inform you if we are unable to comply with certain aspects of your request, such as the deletion of any data that we are legally required (for example, credit data) or authorized to store.

If you become aware that the data we process is incomplete or unlawful, you have the right to file a complaint with the data protection authority

How can I get my personal data stored in the system?
You can request data stored in Norelie.co systems for yourself by contacting [email protected]

How I can influence the use of my data?
Norelie.co is committed to providing its customers with the ability to influence the processing of their data.

You can decide on marketing directed to you, value-added services and whether you want to receive various marketing messages. We are constantly developing our services, so features may be added, changed or removed.

You may also cancel your account at any time and ask Norelie.co to delete your data by contacting our customer service department.

Note: In some cases, not all data can be deleted, and regulations may require retention of some customer data.

Will my personal data be shared with third parties?
We may disclose certain necessary information to third parties for delivery and marketing purposes. Your information will also be provided to a lender in connection with a credit decision.

We also use customer information with third parties for analytics and personalization purposes. We share information about shopping and browsing behavior with partners to better provide you with products and offers that interest you. Data used for analytics and personalization purposes is anonymized or pseudonymized whenever possible. Only we are able to link the pseudonymized data to the user's name.

If necessary, we will also disclose data to the authorities. We will also always inform the customer of any requests for information, if legally permissible.

We transfer data to the following third parties:

  • For analytics and statistics partners.
  • For partners involved in product recommendation and personalization.
  • For email marketing partners, if the customer has enabled weekly newsletters, communications based on browsing history or product review requests.
  • To an SMS partner, if SMS messaging has been enabled.
  • To a carrier, if the selected delivery method is delivery to a pickup point, the nearest post office or to a destination.
  • To the payment intermediary if payment by credit card.
  • To the credit issuer if the customer chooses to pay by invoice or credit company installment.
  • To the invoice provider, when the chosen payment method is Norelie.co's own invoice.
  • To the supplier of products, when ordering electronic licenses or products with direct delivery.
  • To some service providers, information related to the order is provided at the time of service.
  • To the customs office, when purchasing tax-exempt products.
  • To a collection agency, when invoices are due and are submitted for collection.

Norelie.co ensures a high level of security and data protection when transferring and processing data in accordance with the EU General Data Protection Regulation. Measures to ensure the level of data processing by third parties are model contractual clauses approved by the European Commission, BCR, EU-US Privacy Shield agreement or other approved method in accordance with RODO.

The customer may limit the disclosure of data for marketing and analytical purposes.

Are cookies used on the website and what they are?

Norelie.co uses cookies and similar technologies, such as local storage in your browser. Cookies are small text files between the browser on the terminal and the server. Cookies and other identifiers have a specific expiration date, after which the browser deletes the identifier. We use these technologies to provide functionality, personalization, analytics and marketing targeting.

Functional cookies and local storage are used, for example, for customer identification, login support, delivery time estimation and shopping cart functions. For these functions, the use of cookies and local storage and acceptance of their use are mandatory. Functional cookies and local storage variables set by the server will remain in the browser for 15 minutes-24 months, unless explicitly deleted in the browser settings. When you visit the site, cookies and local storage variables will be reset if your browser allows it.

Personalizing the user experience allows us to offer more product recommendations on our site that are of interest to our customers.

The partners and technologies we use for analytics and marketing, such as pixel tags and cookies, help us better understand our customers' behavior and tell us which products, features and services our customers are interested in. The information used is anonymized to the extent possible. Otherwise, we treat the information as personal data to the extent that the tag contains customer referral information, such as an IP address. Identifiers that can be linked to the customer in some way are also treated as personal data. The validity period of tags ranges from 30 seconds to 24 months.

We use Google Analytics, Google Tag Manager, Google AdWords, Google Display Network and Google DoubleClick for analysis related to our website usage, popular products, trends and sales and, with your consent, for marketing targeting. The information sent to Google is anonymous. Learn more about Google Analytics' data processing.
In addition to the account manager's privacy features, users can opt out of the identifiers used for marketing targeting by enabling the browser's Do Not Track feature and setting the browser to reject third-party cookies. When you log into your customer account, the account manager's privacy settings override the browser's Do Not Track feature.

Is this Privacy Policy subject to change?
We reserve the right to change this Privacy Policy due to changes in the development of services and changes in legislation. Significant changes to the Privacy Policy will be communicated to registered customers when the Terms and Conditions are updated.

SMS marketing

We value your privacy and the information you share with us in connection with our SMS marketing service. We use this information to send SMS notifications (about your order, including reminders when you leave checkout), SMS marketing offers and transactional texts, including review requests.

Our website uses cookies to track products placed in your shopping cart, including cart abandonment information. This information is used to determine when shopping cart reminder SMS messages are sent.

Where can I contact you?
If you have any questions about privacy, data processing and the privacy statement, you can contact us via e-mail at [email protected].