Gratis klik og hent i klinikker

Gratis fragt til GLS pakkeshop ved køb over 499,-

Privacy policy

Data Protection Policy (updated 14 March 2024)

Data Protection Policy for MedicTinedic ApS

This data protection policy applies to the collection and use of personal data on www.dermaoxy.com (and relevant TLDs), and in connection with purchases and other inquiries made on the website or through other contact with the company. It contains information about which personal data is collected, how it is used, and which rights you have.

MedicTinedic ApS, CVR no.: 28859945 (“medictinedic.com, medictinedic.dk”) is the data controller and can be contacted if you have any questions.

The Data Protection Officer at MedicTinedic ApS can be contacted at:
jacob@acupunctureshop.com

WHAT TYPE OF DATA DO WE COLLECT AND WHY

Below is an overview of the personal data we collect about you and the purpose of doing so. We have also described what we believe constitutes the legal basis in the various situations:

Entering into or fulfilling a contract

When purchasing one of our products, we register your name, telephone number and email address, the type of product or service you purchase and the time of purchase, as well as any delivery-related information. If the product is to be shipped to you, we also register the delivery address. In addition, we may process information regarding returns.

The purpose of registering this information is to fulfil and manage our agreement with you and to follow up on the sale internally. The legal basis for processing is the contract with you, cf. GDPR Article 6(1)(b) (contract). Part of the processing is also based on our legitimate interest in managing sales in an appropriate manner, cf. GDPR Article 6(1)(f) (legitimate interest), which we have assessed to outweigh any inconvenience to you.

Sales administration

When purchasing products from us, we also use your name or telephone number as identification in connection with placing orders. This processing is based on our legitimate interest in managing sales and operations efficiently, cf. GDPR Article 6(1)(f).

Complaints and repairs

If you submit a complaint about a product or request a repair, we require contact information in order to register the complaint and carry out the repair, including information on service status, service history and any upgrades, and to keep you informed. Processing is necessary to fulfil our contractual obligations, cf. GDPR Article 6(1)(b).

Some manufacturers require customer identification in order to approve or carry out repairs. In such cases, we act as a data processor for the manufacturer.

Customer service

Depending on the nature of your inquiry and whether you contact us by phone or email, we may need information such as your identity, purchased products, address or phone number. We process data such as name, purchase history and contact details to assist you.

The legal basis is either performance of contract, cf. GDPR Article 6(1)(b), or our legitimate interest in handling your inquiry appropriately, cf. GDPR Article 6(1)(f).

Establishment of customer profile

We may create a standard customer profile based on purchase history and available information for the purpose of sending newsletters, product information, tailored marketing and sales analysis. This processing is based on our legitimate interest, cf. GDPR Article 6(1)(f).

Where explicit consent is required, processing will only take place if consent has been given, cf. GDPR Article 6(1)(a). See further sections on electronic marketing and campaigns.

Customer account administration

We have access to your customer account in order to manage contact details and any marketing consents. To ensure accuracy, we may also receive updated information from third parties. Processing is based on legitimate interest, cf. GDPR Article 6(1)(f).

Personalized online content

When logged into your customer account, we use your account information (email, name, address and purchase history) to tailor content and product recommendations across devices.

Direct marketing via email and SMS

You will only receive direct marketing if you have given your consent, cf. GDPR Article 6(1)(a).

Marketing campaigns

Collected data may include probabilistic data such as estimated company size or age. You will only receive marketing if you have given consent, cf. GDPR Article 6(1)(a).

Electronic marketing

We only send offers and product information if you have given explicit consent, cf. GDPR Article 6(1)(a). You may withdraw consent at any time by contacting customer service or unsubscribing at www.acupunktureshop.com.

Surveys and campaigns

Personal data is only stored if you have explicitly consented to participate. Legal basis: GDPR Article 6(1)(a).

Service development and operational security

We use statistics regarding traffic, purchases and behaviour to improve our services and ensure secure operation. Where possible, data is aggregated. Processing is based on legitimate interest, cf. GDPR Article 6(1)(f). Cookie usage is described below.

WHO HAS ACCESS TO YOUR PERSONAL DATA

We only disclose personal data to the following recipients:

  • Our data processors, including IT providers

  • Group-affiliated companies: www.acupunctureshop.com, www.meti.dk, www.dermaoxy.com, www.wendyco.dk

  • Business partners supplying products or services

  • Public authorities where required by law, cf. GDPR Article 6(1)(c)

  • External advisors where justified, cf. GDPR Article 6(1)(f)

Transfers to third countries

If we use suppliers outside the EU/EEA, we ensure an adequate level of protection through EU standard contractual clauses or the EU–U.S. Data Privacy Framework.

USE OF COOKIES

We use cookies to improve user experience. Cookies are small text files stored in your browser.

You may disable cookies in your browser settings; however, this may affect website functionality.

We also use tools to collect information such as IP address, browser type, ISP, operating system, date/time of visits and navigation behaviour to analyse trends and improve usability.

A full list of cookies is provided below.

DELETION

Personal data related to purchases is generally stored for up to 10 years due to warranty obligations, accounting regulations and the Medical Device Regulation (MDR) traceability requirements.

Data processed based on consent is deleted when consent is withdrawn. In some cases, data may be anonymised instead of deleted.

YOUR RIGHTS

You may exercise your rights at any time by contacting us.

Your rights include:

  • Right to withdraw consent

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to object

  • Right to data portability

You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet): www.datatilsynet.dk

CHANGES

We may update this policy due to changes in website structure or functionality. Significant changes will be announced on the website.

GDPR

MedicTinedic ApS (including www.dermaoxy.com) has updated internal procedures to comply with the EU General Data Protection Regulation (GDPR) effective from 25 May 2018.

COOKIES USED ON THE WEBSITE

FUNCTIONALITY – WEBSITE

vmcms – Session cookie used to identify visitors across pages

basket-delivery – 6.5 hours, shows remaining amount for free shipping

COOKIE SETTINGS

vm-gdpr – 1 month, stores cookie preferences

vm-gdpr-accept – 1 month, records cookie consent

WEBSHOP

Shop – 1 month, stores cart contents

STATISTICS – GOOGLE ANALYTICS

ga – 2 years, visitor tracking

gid – Session, visit duration

GOOGLE TAG MANAGER

dc_gtm_UA-# – Session, controls GA loading

MARKETING – YOUTUBE

PREF – 8 months

VISITOR_INFO1_LIVE – 179 days

YSC – Session

HSID, LOGIN_INFO, SAPISID, SID, SSID – Up to 2 years

TAWK.TO

We use the Tawk.to chat service to collect live statistics and improve customer guidance.