PRIVACY POLICY

1. INTRODUCTORY INFORMATION

The processing of personal data carried out by the personal data controller ABBA Nutrition Ltd. complies with the applicable legislation in the field of personal data protection.

In this Privacy Policy (hereinafter the Policy) you will find information on the collection and processing of personal data by the controller, including information on the legal basis for the processing of personal data, the retention periods of your personal data and the purposes for which we collect this data. The policy also contains information on the security measures we take to protect your personal information, as well as on the possible transfer of your personal information to third parties.

2. PERSONAL DATA MANAGER

Personal data manager is: ABBA Nutrition Ltd.
27 St. Cuthberts Street,
Bedford, MK40 3JG
United Kingdom

For questions regarding the protection of personal data or the exercise of your rights regarding the protection of personal data, you can also contact us at the contacts listed below:

  • By e-mail: info@abbanutrition.com, with the subject «personal data protection».

3. POLICY VALIDITY

This Policy applies to:

  • Users of our websites;
  • Recipients of our e-news;
  • Participants in prize games;
  • Customers in our online store and
  • Individuals where we conduct telephone marketing.

We collect personal information from you directly. We may also obtain your personal information based on your interaction with our website, using cookies. You can find more about the use of cookies in our cookie policy, where the options for setting cookies on our website are also presented.

4. PERSONAL DATA PROCESSING

Personal data is collected and processed by ABBA Nutrition only on the basis of pre-defined and lawful purposes and only when there is an appropriate legal basis for such processing as provided by applicable law.

Categories of personal data

ABBA Nutrition collects following categories of personal data:

  • basic personal data
  • contact details
  • data needed to execute the order in the online store, and
  • data needed to perform orders in the online store.

Accurate information about the types of personal data we process

Changes to personal data can be reported to us at: info@abbanutrition.com

Legal basis for the processing of personal data

Your personal data will be processed on an appropriate legal basis, which are defined below:

Purpose of processing Categories of personal data Legal basis Retention period
Conclusion and implementation of the contract Name, surname, address, post and postal code, country, telephone, e-mail, payment details Contractual relationship 5 years from the termination of the contractual relationship
Sending e-news to our customers Name, surname, e-mail address The law Until cancel
Sending e-news to potential customers Name, surname, e-mail address Consent Until cancel
Communication with you regarding inquiries for our service Name, surname, e-mail address, message of the individual Legitimate interest in ensuring effective communication with customers 30 days after the  communication was ended
Conducting satisfaction surveys Name, surname, telephone number Legitimate interest 30 days from the survey
Ensuring registration and use of the user profile on our website E-mail address Legitimate interest Until cancel
Ensuring a constant supply of products Name, surname, telephone number, date and subject of purchase Legitimate interest in ensuring product performance and product quality Until cancel
Compliance with legal requirements The data set depends on the legal requirement The law The deadline depends on the individual request
To enforce any legal claims and resolve disputes The data set depends on the individual request The law The deadline depends on the individual request
Performing statistical analyzes Data aggregates Legitimate interest We process aggregated data where identification is not possible
  • We may process your personal data when this is necessary for the conclusion and execution of the contract you have concluded with us (e.g. purchase in an online store);
  • We may process your personal data when required to do so by law (e.g. keeping records of the purchase and sale of investment metals or issuing an invoice);
  • Your explicit consent. We may process your personal data when you expressly consent to it. You will be given an advance notice when we process data on the basis of consent.
  • Legitimate interests. We may process your personal information based on our legitimate interests.

Transmission of your personal data:

You provide us with personal data that we process on the legal bases presented above on a voluntary basis. In case you decide not to provide us with personal data, we warn you that there is a possibility that we might not be able to provide you with certain services (e.g. if you do not provide us with your delivery address, we will not be able to deliver the ordered goods).

When you consent to the processing of personal data, you have the option to revoke your consent at any time. Withdrawal of consent does not have any negative consequences for you, but it is possible that after the withdrawal of consent you will no longer be able to provide certain services (e.g. after withdrawal of consent we will no longer be able to send you our news).

Purposes for which we process personal data

We will process your personal data on the basis of pre-defined, legal and specific purposes only. They are presented in the table above.

Data deletion

All personal data that have expired will be deleted, destroyed or anonymised – in the latter case, so that the reconstruction of such personal data will no longer be possible (it will not be possible to determine to whom it relates).

5. PROTECTION OF PERSONAL DATA

We do our best to protect your personal information from loss, destruction and damage. To make your data as secure as possible, we use various technical and organizational measures such as:

  • restricting access to personal data to those persons who need the data to perform the work
  • ensuring the adequate protection of personal data contained in digitized form by establishing security mechanisms on both software and hardware
  • ensuring the adequate protection of personal data contained in physical form,
  • regular verification of the adequacy of security measures for both digitized and physical data, including in particular software updates
  • training of employees in the field of personal data protection
  • supervise the processing of personal data carried out by employees
  • careful and thorough verification of contractual processors before deciding to cooperate
  • conducting audits on the work of contractual processors, and
  • establish appropriate protocols for security incident cases.

In case of a breach of personal data protection, we will notify the Information Commissioner, who represents the competent supervisory authority in Slovenia, of any such breach without delay.

However, in case of a data protection breach that could pose a significant risk to the rights and freedoms of individuals, we will notify you immediately.

 6. TRANSMISSION OF PERSONAL DATA

We will only share your personal information with the third parties listed in this policy section. Any third party may process your personal data to a limited extent expressly specified in the contract.

ABBA Nutrition has concluded an appropriate contract with each processor for the processing of personal data, on the basis of which the scope of processing performed by each contractual processor is defined in more detail. All contractual processors are obliged to respect the protection of personal data as established by the personal data controller.

We may share your personal information with:

  • Contractual processors that enable the operation of our company. Contractual processors include: accounting, IT companies, marketing agencies, mass e-mail providers.
  • State authorities (e.g. tax authorities, court, etc.).

We may also transfer your personal data outside the European Economic Area (EEA), where this data may be processed by us and an individual third party. For each transfer outside the European Economic Area, we will take specific additional measures to ensure the adequate security of your personal data.

7. RIGHTS OF INDIVIDUALS

 Regarding the processing of personal data, you have the following rights, which are described below:

  • Right of access to personal data: at your request, we will provide you with information on whether we process personal data about you, and if so, we will also provide you with access to your personal data and certain processing information (which data we process and the origin of this data).
  • The right to correct personal data: at your request, we will correct or complete incomplete or inaccurate data we process about you.
  • Right to request a restriction on processing: at your request, we will restrict the processing of your personal data. We would like to remind you that the requirement to restrict processing is a limited right that cannot be used for all processing (restriction of processing is possible, e.g. the accuracy or completeness of your personal data is being checked). We are committed to examining your every request with all seriousness.
  • Right to delete personal data: at your request, we will delete personal data. Please note that we cannot delete personal data that we hold due to legal requirements or on the basis of a contractual relationship.
  • The right to print personal data: at your request, we will provide you with the personal data you have provided to us in a structured, commonly used and machine-readable form.
  • Revocation of consent: you have the right to revoke your consent to the processing of personal data you have given at any time. Upon cancellation, we will delete all data we collect and process on the basis of consent and cease further processing. Withdrawal of consent may be provided to the contacts listed in point 2 of this Policy. Withdrawal of consent does not have any negative consequences. However, we warn you that we may not be able to provide you with certain services after you cancel. We will not be able to provide the service to you when it comes to services that cannot be performed without processing certain personal data (e.g. after revoking consent, we cannot send you our e-news, as we urgently need your e-mail address – the latter however, we may not use it without your consent.
  • The right to object to the processing of personal data: you have the right to object to the processing of your personal data that we carry out. You have this right when it comes to processing for the purposes of direct marketing or to pass on your personal data to third parties for direct marketing purposes. You can also object to the processing when we use your data for the purposes of direct marketing using customized or individual offers (“profiling”). You can object to the contacts listed in point 2 of this Policy.
  • Right to data portability: at your request, we will provide you with personal data that you have provided to us in a structured, commonly used and machine-readable form. You are entitled to pass this information on to another operator of your choice.
  • You exercise the rights defined above by contacting us at:: info@abbanutrition.com with the annotation of personal data protection.
  • You have the right to lodge a complaint against us with the competent personal data protection supervisory authority in your country.

In the case of exercising the rights set out in this point, we reserve the right to identify you with certainty. If your request does not provide enough information to identify you with reliability.

8. THE USE OF WEB PLUG-INS

On our website we offer you the possibility to use plug-ins of the following social networks: Facebook, LinkedIn, Pinterest, Telegram.

All of the above social networks operate in accordance with their terms of use and privacy policy, which also defines the handling of individual social networks with personal data. We remind you that any use of social networks that is enabled on our website is the sole responsibility of the individual. In case of any questions and / or requests, the individual is obliged to contact an individual social network.

ABBA Nutrition assumes no responsibility for the use of social networks.

9. FINAL PROVISIONS

This Policy can be changed at any time. The latest version of the privacy policy will always be published on our website.

This Policy enters into force on: May,16 2021