We respect your privacy and process personal data in accordance with EU data protection laws, including the General Data Protection Regulation (GDPR).

1. Data We Collect

We may collect and process the following personal data:

  • Name and contact information
  • Delivery and billing addresses
  • Email address and phone number
  • Order and transaction details
  • Social Media Data: If you choose to log in using Google or Facebook, we receive your public profile information (such as your name and email address) from these providers.

2. Purpose of Processing

Your personal data is used strictly for:

  • Order processing, transaction fulfillment, and delivery
  • Customer communication, support, and updates
  • User account management and social media authentication
  • Compliance with legal, financial, and accounting obligations

3. Data Sharing

We only share data when necessary with trusted third-party service providers:

  • • Payment providers (Stripe) for secure transaction processing
  • Shipping and logistics companies for order delivery
  • Third-party authentication providers (Google and Facebook) to enable secure user login

We do not sell your personal data under any circumstances.

4. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy, or as required by applicable EU and Finnish laws (such as accounting regulations).

5. Your Rights

Under the GDPR, you have the following rights regarding your data:

  • Right to access the personal data we hold about you
  • Right to correct inaccurate or incomplete data
  • Right to request deletion of your data (where legally applicable)
  • Right to request the restriction of data processing
  • Right to data portability (receive your data in a structured, machine-readable format)
  • Contact:

To exercise any of your rights, please contact us via email at: order@scandinavian-shop.com.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, loss, or disclosure.