GENERAL PRIVACY POLICY
This website is managed by Ayo Oslo© - Ayo AS. (hereinafter referred to as A.O. or we). Ayo Oslo© is a brand name owned by the company Ayo AS.
Data privacy is of high importance for Ayo Oslo and we want to be open and transparent with our processing of your personal data. We, therefore, have a policy for how your personal data will be processed and protected.
WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?
The Norwegian Company Ayo AS (“A.O.”), is the controller of the personal data you submit to us and responsible for your personal data under applicable data protection law. We use Mailchimp as a third party email marketing platform operated by The Rocket Science Group LLC. You can read more about their privacy policy in their website.
Ayo AS
Privacy Compliance Officer
Josefines gate 28
0351 Oslo, Norway
Companies register: Brønnøysundregistrene/Norwegian Companies Registration Office
Company registration number: 918 264 183
VAT registration number: NO. 918 264 183MVA
WHERE DO WE STORE YOUR DATA?
The data that we collect from you is stored within the European Economic Area (“EEA”) but may also be transferred to and processed in a country outside of the EEA. Any such transfer of your personal data will be carried out in compliance with applicable laws, and comply with the GDPR.
For transfers outside the EEA, A.O. will use Standard Contractual Clauses and Shields as safeguards for countries without adequacy decisions from the European Commission.
WHO CAN ACCESS YOUR DATA?
Your data may be shared within the A.O. organisation (Ayo AS Norway). We never sell or swap your data to third parties outside the A.O. organisation.
A.O. will only act as the personal data processor and processes the personal data. Personal data that is forwarded to third parties, is only used to provide you with our services.
WHAT IS THE LEGAL GROUND FOR PROCESSING?
For every specific process of personal data we collect from you, we will inform you whether the provision of personal data is statutory or required to enter a contract and whether it is an obligation to provide the personal data and possible consequences if you choose not to.
WHAT ARE YOUR RIGHTS?
RIGHT TO ACCESS:
You have the right to request information about the personal data we hold on you at any time. You can contact A.O. and we will provide you with your personal data via e-mail.
RIGHT TO PORTABILITY:
Whenever A.O. processes your personal data, by automated means based on your consent or based on an agreement, you have the right to get a copy of your data transferred to you or to another party. This only includes the personal data you have submitted to us.
RIGHT TO RECTIFICATION:
You have the right to request rectification of your personal data if the information is incorrect, including the right to have incomplete personal data completed. If you have an A.O. account you can edit your personal data under your account and membership pages.
RIGHT TO ERASE:
You have the right to erase any personal data processed by A.O. at any time except for the following situations:
- if you have made any purchase, we will keep your personal data in connection to your transaction for book-keeping purposes.
- you have an ongoing matter with our service team.
- you have an open order which has not yet been shipped or partially shipped.
- you have an unsettled debt with A.O., regardless of the payment method.
- if you are suspected or have misused our services within the last four years.
YOUR RIGHT TO OBJECT TO PROCESSING BASED ON LEGITIMATE INTEREST:
You have the right to object to the processing of your personal data that is based on A.O.'s legitimate interest. A.O. will not continue to process the personal data unless we can demonstrate legitimate grounds for the process, which overrides your interest and rights or due to legal claims.
YOUR RIGHT TO OBJECT TO DIRECT MARKETING:
You have the right to object to direct marketing, including profiling analysis made for direct marketing purposes.
You can opt-out from direct marketing by the following means:
- Following the instruction in each marketing email.
RIGHT TO RESTRICTION:
You have the right to request that A.O. restricts the process of your personal data under the following circumstances:
- if you object to processing based A.O’s legitimate interest, A.O. shall restrict all processing of such data pending the verification of the legitimate interest.
- if you have claim that your personal data is incorrect, A.O. must restrict all processing of such data pending the verification of the accuracy of the personal data.
- if the processing is unlawful you can oppose the erasure of personal data and instead request the restriction of the use of your personal data.
- if A.O. no longer needs the personal data but it is required by you to defend legal claims.
HOW CAN YOU EXERCISE YOUR RIGHTS?
We take data protection very seriously and therefore we have dedicated customer service personnel to handle your requests in relation to your rights stated above and to ensure that we continuously process your personal data in an open, accurate and legal manner. Get in touch with hello@ayooslo.com for any queries.
RIGHT TO COMPLAIN WITH A SUPERVISORY AUTHORITY:
If you consider A.O. to process your personal data in an incorrect way you can contact us. You also have the right to raise a complaint to a supervisory authority.
UPDATES TO OUR PRIVACY NOTICE:
We may need to update our Privacy Notice. The latest version of the Privacy Notice is always available on our website. We will communicate any material changes to the Privacy Notice, for example, the purpose of why we use your personal data, the identity of the Controller or your rights.
ONLINE PURCHASE
SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted and stored with AES-256 encryption. Our payment service provider Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.
WHY DO WE USE YOUR PERSONAL DATA?
We will use your personal data to manage your purchase online at Ayooslo.com by processing your orders and returns via our online services and send you notifications of delivery status or in the event of any problems with the delivery of your items.
We will use your personal data to manage your payments.
We will also use your data in order to handle complaints and warranty matters for products. Your personal data is being used to identify you and to validate your legal age for shopping online and to confirm your address with external partners.
WHAT TYPES OF PERSONAL DATA DO WE PROCESS?
We will process the following categories of personal data
- contact information such as name, address, e-mail address and telephone number
- payment information and payment history
- order information if you have an A.O. account we will also process your personal data submitted in relation to the account or membership such as
- account or membership ID
- shopping history
WHO HAS ACCESS TO YOUR PERSONAL DATA?
If your personal data is forwarded to third parties, it is only used to provide you with the services mentioned above, companies to validate your address, marketing communication partners to send you order confirmation and information, warehouse, logistics and distribution suppliers in connection with the delivery of your order. Payment service providers for your payment.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Vipps, Visa, Mastercard, American Express and Stripe.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Our purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
Please be aware that many of these recipient companies have an independent right or obligation to process your personal data.
WHAT IS THE LEGAL GROUND TO PROCESS YOUR PERSONAL DATA?
The processing of your personal data is necessary for A.O. to fulfil the service of managing and delivering the order to you.
HOW LONG DO WE SAVE YOUR DATA?
We will keep your data as long as you are an active customer.
COOKIES
A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.
We use the following cookies to optimize your experience on our Site and to provide our services.
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
Cookies Necessary for the Functioning of the Store
Name |
Function |
_ab |
Used in connection with access to admin. |
_secure_session_id |
Used in connection with navigation through a storefront. |
cart |
Used in connection with shopping cart. |
cart_sig |
Used in connection with checkout. |
cart_ts |
Used in connection with checkout. |
checkout_token |
Used in connection with checkout. |
secret |
Used in connection with checkout. |
secure_customer_sig |
Used in connection with customer login. |
storefront_digest |
Used in connection with customer login. |
_u |
Used to facilitate updating customer account information. |
Reporting and Analytics
Name |
Function |
_tracking_consent |
Tracking preferences. |
_landing_page |
Track landing pages |
_orig_referrer |
Track landing pages |
_s |
analytics. |
_fs |
analytics. |
_sa_p |
analytics relating to marketing & referrals. |
_sa_t |
analytics relating to marketing & referrals. |
_y |
analytics. |
_y |
analytics. |
_fbp |
Facebook pixel |
_ga |
Google analytics |
Manage your cookie preferances in the settings of your browser. Here’s how:
WHAT TYPES OF PERSONAL DATA DO WE PROCESS?
We will only connect your cookie ID to your personal data submitted and gathered in relation to your account if you are logged in to your account.
WHO HAS ACCESS TO YOUR PERSONAL DATA?
Data that is forwarded to third parties is only used to provide you with the services mentioned above, analysis tool in order to collect statistics to optimize our site and present you with relevant material.
WHAT IS THE LEGAL GROUND TO PROCESS YOUR PERSONAL DATA?
We will only connect your cookies to your personal data if you are logged in to your A.O. account. If you are logged in to your account the legal ground is based on our legitimate interest.
HOW LONG DO WE SAVE YOUR DATA?
A.O. does not save your personal data stored in cookies. You can easily erase cookies from your computer or mobile device using your browser. For instructions on how to handle and delete cookies please look under "Help" in your browser. You can choose to disable cookies or to receive a notification each time a new cookie is sent to your computer or mobile device. Please note that if you choose to disable cookies, you will not be able to take advantage of all our features.
CONTACT US:
For any questions or enquiries about our terms and privacy, please email hello@ayooslo.com