Cloetta Privacy policy

This Privacy Policy has been adopted by Cloetta AB (publ) and its group companies (“Cloetta”) or (“We”), and applies to our processing activities in relation to end-users of our services, visitors of our websites and digital channels, and individuals communicating with us. Cloetta is committed to protect and respect your privacy. Therefore, you are encouraged to carefully read this policy. If you have any concerns, please contact us as set out below in section contact information.

What is personal data?

Personal data is all information that directly or indirectly (i.e. together with other information) may identify an individual. This means that a wide range of data, such as names, contact details, IP addresses, and behaviour and choices made online are personal data.

Data processing is any operation or set of operations performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, blocking, erasure or destruction of personal data.

How do we process your personal data?

Visitors to our websites and Digital channels            

When you visit our websites and Digital channels we may process:

  • Information you have volunteered, such as name, date of birth and contact details;
  • details of your visits to our websites and Digital channels, this may include search terms you use, likes, shares;
  • campaign traffic data;
  • sales via this website;
  • personal information that does not identify you (“Grouped Data”). Grouped Data may include gender, region, household and age;
  • technical data, which may include URL information, cookie data, your IP address, the types of devices you are using to access Cloetta websites; and
  • if you have consented to the use of cookies we will apply the “Facebook Pixel” of Facebook and we may process Facebook ID (the data remains anonymous and cannot be used to draw any conclusions about the identity of the user) described in this policy.

We process your data for the following purposes:

  • To monitor and improve our products and services, e.g. in order to optimize the website and our digital channels, make it more user friendly and for follow up [and statistical purposes, if applicable];
  • to measure the performance of an advertising/digital campaign;
  • to target and reach audience online;
  • to communicate with you, e.g. through our Digital channels, monitor social posts, brand sentiments and newsletters;
  • to analyse information for individual profiling in order to offer personalized ads, offers and other customized information; and
  • for the purposes related to our use of cookies, please see our Cookie

Customers buying our products online

When you are a customer buying our products online we may process:

  • Information you have volunteered, such as name, gender, home and/or delivery address, telephone number, e-mail address, data of birth, demographical information, interests, preferences, payment information; historical order information; and product you bought.

We process your data for the following purposes: To handle our customer relation e.g. identifying you as a customer; and to fulfil the contractual obligations e.g. provide services.

Subscribers to newsletters or to marketing contests

Consistent with the permission you have given us by opt-in and by consenting to our terms and conditions we may process:

  • Name, gender, telephone, address and email address; date of birth; and
  • depending on the price (value in [SEK]), we may also collect your social security number.

We process your data for the following purposes: Direct marketing purposes including providing you with newsletters, offers and promotions on products and services by email, if you have requested such information. You can opt-out from these by clicking a link in each message sent through email (unsubscribe); to fulfil contest; and to comply with legal obligations, e.g. report contests to a National Tax Board.

When you communicate with us

When you communicate with us we may process:

  • Information you have volunteered such as your name, home and/or delivery address, telephone number, e-mail address, data of birth, demographical information, interests, preferences, payment information and case information.

We process your data for the following purposes:

To fulfil a request from you or respond to your inquiries e.g. to handle customer complaints.

Legal ground for our processing

Cloetta processes personal data in accordance with applicable personal data protection legislation. Within the EU/EEA, the general data protection regulation (“GDPR”) will apply from 25 May 2018. (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

We will process your personal data when it is necessary to (i) fulfil a request from you or respond to your inquiries (ii) comply with a legal obligation. Your data may also be processed when it is necessary for the purposes of a legitimate interest for Cloetta, inter alia, to market, improving our services. If a certain data process requires your prior consent, we will collect such consent before carrying out the processing in question.

Personal data that we request from you and indicated as mandatory is required to be provided in order for us to provide the service, e.g. for statutory, contractual, administrative or technical reasons.

How long do we keep your information?

We will only keep your information for as long as we need it: (i) to provide you with a product/service; (ii) to improve our services; and (iii) for legal and audit purposes. We have routines in place to ensure that personal data is deleted thereafter.

How do we share your information?

Cloetta may engage third parties for the provision of services to Cloetta, such as provision of IT-systems, services and other activities. Your data may be shared with and processed by such service providers on behalf of Cloetta as required for the provision of the services to Cloetta. Within the use and provision of such services, your personal data may be transferred to countries outside the EU/EEA (third countries). In relation to such third country transfers, certain security measures will be taken in order to protect your data and ensure that the data keeps an adequate level of protection, e.g. by entering into a data transfer agreement including model clauses issued by the EU Commission and available on the EU Commission’s website.

Personal data may be disclosed to a third party if we are required to do so according to applicable laws and regulations or in order to detect and prevent fraud or other security or technical problems.

Companies which are processing personal data on behalf of Cloetta are obliged to sign an agreement with Cloetta in order to ensure a high level of protection for your personal data.

Information security

We strive to provide a high level of protection in all our personal data processing. We have therefore taken organizational and technical security measures in order to protect your personal data from unauthorized access, use, alteration and erasure.

Our use of cookies

A cookie is a small text file that is placed on your computer, mobile phone, or other device when you visit a website. For further information about how the information may be used and shared by Cloetta, please see Cookie information.

Your rights under applicable data protections legislation

According to applicable data protection legislation, you are entitled to certain rights. If you want to exercise any of these rights, please contact us at the address specified in section “Contact information”.

As specified in applicable data protection legislation, you have the right to:

  • Request access to and rectification of the personal data we process in relation to you;
  • request erasure of jour personal data;
  • request that we restrict the processing of jour personal data;
  • object to the processing of jour personal data and, in respect of processing based on jour consent, to withdraw jour consent at any time; and
  • receive personal data about you that you have provided to us.

You are also entitled, at any time, to submit complaints to the relevant supervisory authority if you think that jour personal data is being processed in violation of the applicable data protection legislation.

Contact information

The entity listed as the responsible entity for the digital channel in question is the data controller for personal data processed in relation to that digital channel. Where applicable, other legal entities within the Cloetta group may furthermore be data controllers for personal data processing in accordance with the terms of the respective service or function. If you have any questions regarding the processing of jour personal data or want to exercise any of jour rights under applicable data protection regulation, you may reach out to us via the following contact details.

Cloetta AB (publ)
Email: privacy@cloetta.com
Address: Englundavägen 7D, 171 41 Solna, Sweden

Updates to the policy

This privacy policy was last updated in May 2018. We may update the policy from time to time, e.g. by making new versions available on our website or by providing the update by other appropriate means. You are recommended to visit our website from time to time to learn of any updates.

Share this page

Latest Press Releases

Latest Report

Upcoming Events

Silent period – Q3 2018

26 September 2018 - 25 October 2018

Interim Report Q3 2018

26 October 2018

Cloetta Roadshow

12 November 2018 - 15 November 2018