ALFA › GO: Privacy Policy

This is the Privacy Policy for the activity based Customer club ALFA › GO.

Read also the full Privacy Policy for using alfa.no

Introduction

Alfa Sko AS (org. no. 951 001 880) cares about individuals’ privacy and is committed to process personal data in compliance with the locally applicable laws and regulations. This privacy policy provides you with the information about our processing of personal data, including which personal data we collect, why we process your personal data and your rights connected to the processing of the personal data.  

For the purpose of this privacy policy, we are the data controller. 

If you have any questions regarding our processing of personal data or about this privacy policy, you may contact Sales and Markeing manager D2C Hans Jørgen Kvåle by email: webshop@alfa.no

Personal data, purpose and legal basis for processing

We process among others personal data relating to contact persons at its customers, service providers and business partners, potential candidates and others who contact us or visits our webpage. The personal data may be provided by the data subject itself, from publicly accessible sources or third parties such as service providers, partners etc. 

We may process your personal data in connection with the following processing activities:  

  • Contractual relationship: In a contractual relationship between us and individuals, personal data may be necessary to the execution or the performance of the contract (GDPR Article 6 (1) (b)), such as contact information, workout records and other personal data necessary to fulfill the contract. 
  • Respond to inquiries: We may process personal data in order to follow-up inquiries from potential candidates, website users, and others who contact us. We may process personal data such as contact information and other personal data provided in connection with the inquiry. The legal basis for such processing is our legitimate interest in providing support to answer and manage inquiries and other communication (GDPR Article 6 (1) (f)).
  • Ensure compliance and legitimate interests: We may also process personal data in order to comply with statutory obligations to which we are subject, and to safeguard own or third parties’ legitimate interests, e.g. in relation to establishing a legal claim or preventing unauthorized access to or disclosure of personal data GDPR Article 6 (1) (f)). 
  • Legal obligations: We may process personal data due to legal obligations applicable to our operation (GDPR Article 6 (1) (c)), such as accounting obligations.

We may, on a case-by-case basis, process personal data for other purposes and rely on different legal grounds, such consent or legitimate interest or, in accordance with applicable data protection law, as set forth in an applicable privacy notice.

Please note that we, in order to be able to enter into agreements or fulfil our obligations according agreements entered into with you or someone you act on behalf of, depend on receiving a variety of information, such as contact information. The consequences of not providing such information are that we cannot fulfil the contract entered into with you or be able to enter into agreements with you.

Retention period

We will retain your personal data for as long as it is necessary to fulfil the purposes for processing as defined above. Please note that continued storage may be necessary due to statutory obligations to which we are subject to e.g. statutory rules related to storage for accounting purposes, or due to our legitimate interests, e.g. for the purpose to establish, exercise or defend a legal claim. 

Disclosure to third parties

We will only disclose your personal data to third parties to the extent we have a legal basis for such disclosure. 

We use data processors to collect, store and otherwise process personal data on our behalf. The relationship to such suppliers is governed by a data processor agreement, which inter alia ensures information security for your personal data.

We may process and store your personal data outside the EU/EEA. All processing in a third country will be subject to mechanisms ensuring sufficient security for your personal data, such as EU Standard Contractual Clauses or an adequacy decision from the EU Commission, in addition to all necessary required steps under applicable law in order for such transfer of your personal data to be compliant with applicable law.

You may opt out of having your personal data shared with third-parties. However, if you limit the way we use your personal data, certain features of the service may not be available to you.

Security

We value your privacy rights and has taken reasonable steps to protect the users' privacy, including by implementation of physical, technical and organizational measures, to prevent loss, alterations, theft and unauthorized access to information stored and otherwise processed.\

Third party websites and social media

Our websites may include links to other third-party sites. These third-party sites have own privacy policies that determines how personal data are collected and processed. If you submit personal information to any of these third-party sites, your information is governed by their privacy policies. We take no responsibility for such third-party sites, how they are operated and how they process your personal data. We recommend that you familiarize yourself with such third-party sites' privacy policies and terms of use when visiting and using such sites.

When you "like" or join our Facebook page or other social media accounts, this will be shared with the relevant platform. The same applies to any activities on our social media accounts, such as content posted by you or posts that you like. The relevant social media platform has own privacy policies, in which you can find more information about the processing of personal data in relation to such social media platforms. 

Your rights

As a data subject, you are entitled to request access to the personal data we process about you, request that we update or correct your personal data and/or withdraw any consent to processing. In some circumstances, you are also entitled to request that your personal data is erased, request restriction of processing or object to processing and/or request data portability. In order to utilize your rights, you may contact us by using the contact information stipulated in section 1 above. 

You are also entitled to lodge a complaint with a supervisory authority if you believe that our processing of your personal data is contrary to relevant data protection laws. 

Changes to the privacy policy 

If we make changes in the processing of personal data, this policy will be updated, and the change will be notified on the webpage or by use of your contact information. We encourage you to periodically review this page for the latest information on our privacy practices.

***

Last updated: 25.03.2022