Privacy Policy
Last updated: July 02, 2022
Privacy Policy may be changed from time to time and is effective immediately upon posting such changes on this Site.
- TO WHOM THIS POLICY APPLIES?
This Privacy Policy (“Policy“) sets out the terms and conditions for the collection and use of your personal data when you use Ramuda.DK ApS ("we or HEMPT") services and is applicable to visitors of this Site, our customers and other individuals whose data we process in the course of our business. Please read this document carefully as it informs you about the processing of your personal data.
This Policy is subject to change without notice so please check each time you visit our Site. You will find the latest version of this Policy here: https://hempt.com/
Ramuda.DK ApS acts as the Data Controller in respect of all personal data described in this Policy. Our contacts:
Ramuda.DK ApS
Legal entity code: 32079075
Address: Over Jerstalvej 17, 6500 Vojens, Denmark
E-mail: help@hempt.com
Phone: +370 666 11 299
- WHAT PERSONAL DATA WE COLLECT AND WHY?
|
For what purpose do we collect personal data?
|
What exactly data do we collect? |
What provision of the General Data Protection Regulation (GDPR) do we use to process your personal data?
|
How long do we retain this data? |
|
2.1. To conduct e-commerce, that is to enable you to shop on our Site |
Order details: - Full name (required) - Delivery address (required) - Billing address (required) - Contact telephone number and contact email address (required). We use this data to fulfill our contractual obligations (e.g., to communicate our delivery delays) but not for direct marketing purposes. - Payment details (purpose, method and amount of payment). This data is required to perform payment of ordered goods through the external online payment system. Our payment service providers (see Section 3 of this Policy) collect your credit or debit card data in a secure way (using encryption). This data (e.g., your card number, expiration date, security code) is not available to us. |
Performance and conclusion of a contract (Article 6 (1) (b) of the GDPR) |
We retain order details for 5 years after your order placement.
Financial records are retained for 10 years after the purchase transaction.
We may continue to retain some information, even after this time if we are required to do so in order to comply with various laws or on the basis of justified interests (e.g. retention for asserting claims).
|
|
2.2. Creation and administration of your user profile on our Site. Once you create your profile, you will be able to view your order and payment details and avoid filling in your personal information every time you create a new order. If you have Facebook or Google account, you can sign up using them. |
We collect: - Full name - Email address - Purchase history
Registration using Facebook or Google: When you sign up with your Facebook or Google account, you will be transferred from HEMPT site to Facebook or Google and asked to enter your Facebook or Google account login information.
After entering your Facebook/Google login details, you will provide us with your name and email address.
When registering without Facebook / Google accounts, you will be asked to provide us with the following data: - Full name (required) - Email address (required) - Password (stored in an encrypted form)
|
Your profile is created with your consent (Article 6 (1) (a) GDPR) |
We retain your profile data as long as you use our services. We may keep your consent and any details proving it for a longer period of time if necessary, on the basis of justified interests (e.g. retention for asserting claims). |
|
2.3. To provide news and offers and ask for your feedback in a form of a newsletter (direct marketing) |
We collect your email address.
Please note! For your personal data protection, we use double authentication. This means that after entering your email address, you will receive an email requesting verification. Only by clicking on the link in this email will you be added to the subscribers list.
|
Your consent (Article 6 (1) (a) GDPR)
|
5 years (unless during this time you would give us your consent for extended use of your data) |
|
2.4. If you communicate with us |
We collect your full name, contact information (if you provide it) along with any communication and messages (including the time they were received / submitted) you send to us. |
Your consent (Article 6 (1) (a) GDPR)
|
We retain this data for 5 years after your request is closed. We may continue to retain some information, even after this time if we are required to do so in order to comply with various laws or on the basis of justified interests (e.g. retention for asserting claims).
|
|
2.5. To manage our accounts on social networks
|
We collect your name, contact information (if you provide it), comments you leave under our posts, post shares, information about “like” and “follow” clicks on our profile, post reactions (including information about when you started following or liked our social network account), your photo, any feedback you left and your ratings of HEMPT.
|
Your consent (Article 6 (1) (a) GDPR)
|
10 years |
|
2.6. To improve our website, ensure its performance, increase its security and adapt both its content and form to the needs of our users |
When you visit our Site, we collect the following data from you automatically:
IP address, operating system, user ID and other information about your activities on our and other websites. We collect and store this information as part of log entries or through the use of cookies. Read more about the use of cookies in the Section 7 of this Policy.
|
Personal data collected with cookies is processed on the basis of our legitimate interest (Article 6 (1) (f) GDPR)
|
Read more about the retention periods in the Section 7 of this Policy |
- WHO DO WE DISCLOSE YOUR PERSONAL DATA TO WITHIN AND OUTSIDE THE EEA?
Where necessary, HEMPT may transfer and/or otherwise disclose your personal data to the law enforcement authorities, courts and other authorised governmental bodies.
To the extent necessary to ensure the proper provision of our services, HEMPT also may transfer and/or otherwise disclose personal data to third parties involved in the processing activities – partners and external service providers (e.g., software, IT infrastructure maintenance, cloud service providers, web hosting and web support, servers rent and maintenance, electronic communications, parcel delivery, accounting, archiving, marketing service providers, etc.). For all of these service providers, we will only provide as much data as is necessary to perform a particular service.
We are currently collaborating and disclosing your personal data to the following service providers (acting as Data Processors):
In the EEA:
- Mailerlite (newsletter services provider). You can read their data protection policy here;
- Mailgun Technologies, Inc. (transactional emails delivery). You can read their data protection policy here;
- UAB Interneto vizija (server resources provider);
- Freshworks Inc. (chatbot services). You can read their data protection policy here;
- Parcel delivery service providers;
- Paytriot Ltd and Paysera (payment service providers). Both act as independent Data Controllers.
When you communicate with us via social networks, you should inquire about their applicable data protection terms and conditions and read their privacy policy. All personal information you provide to us via social networks is controlled and managed by that particular social network (e.g., Facebook, Twitter).
Outside the EEA:
- Facebook, Inc. (USA). Please find the respective data protection policy here. Facebook no longer relies on the Privacy Shield as a transfer mechanism for the EU as a result of the Schrems II decision but continues to have appropriate safeguards and compliance measures to ensure an adequate level of protection of personal data transferred outside the EEA. Facebook’s existing measures include the EU Commission’s approved Standard Contractual Clauses (SCCs) to accommodate international data transfers.
- Google LLC (USA). Please find the respective data protection policy here. We use Google cookies. Google no longer relies on the Privacy Shield as a transfer mechanism for the EU as a result of the Schrems II decision but continues to have appropriate safeguards and compliance measures to ensure an adequate level of protection of personal data transferred outside the EEA. Google’s existing measures include the EU Commission’s approved Standard Contractual Clauses (SCCs) to accommodate international data transfers.
- Twitter Inc. (USA). Please find the respective data protection policy here. Twitter no longer relies on the Privacy Shield as a transfer mechanism for the EU as a result of the Schrems II decision but continues to have appropriate safeguards and compliance measures to ensure an adequate level of protection of personal data transferred outside the EEA. Twitter’s existing measures include the EU Commission’s approved Standard Contractual Clauses (SCCs) to accommodate international data transfers
- HOW DO WE PROTECT YOUR PERSONAL DATA?
When processing and storing your personal data, we implement organisational and technical measures to ensure that personal data is protected against accidental or unlawful destruction (e.g., backups on a regular schedule), alteration, disclosure, and any other unlawful processing. Secure use of our Site is ensured by the SSL (Secure Socket Layer) certificate. With an SSL certificate, the information sent between the user’s browser and our server is encrypted. Details of the certificate can be found at www.ssls.com.
- YOUR RIGHTS
Each data subject has the following rights:
- Know (be informed) about the processing of your personal data (Articles 12-14 of the GDPR);
- Access your personal data that is being processed (Article 15 of the GDPR);
- Request the correction of inaccurate personal data relating to you (Article 16 of the GDPR);
- Request the deletion of personal data relating to you (“the right to be forgotten”) (Article 17 of the GDPR).
Please note! You have the right to be forgotten only if it can be justified by one of the following reasons:
- personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
- you do not consent to the processing under Article 21 (1) of the GDPR and there are no overriding legitimate reasons for processing.
- Restrict data processing (Article 18 of the GDPR):
Please note! You have the right to restrict the processing of your data only if:
- personal data is inaccurate;
- the processing of personal data is unlawful, but you do not consent to the erasure of the data;
- the controller no longer needs personal data to fulfil their purpose, but it is necessary for you to assert, enforce or defend legal requirements;
- you object to the processing under Article 21 (1) of the GDPR unless the legitimate reasons of the controller override your own.
- Transfer your personal data when the processing is based on consent or contract and the data is processed by automated means (Article 20 of the GDPR);
- Object to the processing of personal data for reasons specific to your case where the processing is in the legitimate interests of the controller or of a third party, unless the controller proves that the processing is for compelling legitimate reasons overriding your interests, rights and freedoms, or for the purpose of asserting, enforcing or defending legal requirements (Article 21 of the GDPR).
If you believe that HEMPT is unlawfully processing your personal data or is not implementing your rights, you have the right to file a complaint with The Danish Data Protection Agency.
You can exercise rights over your data by reaching out to help@hempt.com.
- THIRD-PARTY ADVERTISING AND ANALYTICS
Our Site may contain links to other websites. If you click on a third-party link, you will be directed to that site. Please note that we are not responsible for the content of such websites or the privacy policies they use. If you decide to visit them, you should look separately at their Privacy Policy.
- COOKIES
This website uses strictly necessary, functional, analytical and marketing cookies. These cookies present our Site in an attractive way, ensure its functionality and convenient navigation. More information on how cookies work may be found at www.cookiecentral.com.
Information related to cookies is not used to personally identify you and the collected data is controlled by us. We do not associate the visitor's IP address and/or email address with data that identifies the visitor. This means that the visit session of each visitor will be registered, but the visitor of our Site will remain anonymous.
Cookies used on HEMPT Site
|
Name |
Category |
Description |
Expiration date |
|
_fbp |
Marketing |
Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.
More information on Facebook cookies: |
90 days |
|
fr |
Marketing |
90 days |
|
|
ads/ga-audiences |
Marketing |
Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor 's online behaviour across websites |
After the session |
|
tr |
Marketing |
Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers |
After the session |
|
_gcl_au |
Marketing |
Used by Google AdSense for experimenting with advertisement efficiency across websites using their services |
3 months |
|
collect |
Statistics |
Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels |
After the session |
|
_ga |
Statistics |
Google Analytics are used exclusively to evaluate your use of our Site. These cookies are used to collect information and report site usage statistics without personally identifying individual visitors.
More information on Google Analytics cookies: |
2 years |
|
_gat |
Statistics |
24 hours |
|
|
_gid |
Statistics |
24 hours |
CONTACT US
If you have any questions regarding your personal data, please contact us via help@hempt.com or mobile phone: +370 666 11 299