)
Privacy Policy
Najell Customer Club
Najell Customer Club – Privacy Policy
We care about your personal privacy and are committed to maintaining a high level of data protection. To clearly explain how we handle your personal data, this privacy policy outlines how your data is processed, how we protect it, and how you can exercise your rights. We explain where your data is collected from, who we may share it with, as well as what types of personal data are processed and the reasons for doing so.
Controller
Najell AB, with registration number 556819-7494 and address Stortorget 1, 222 22 Lund, Sweden, is the data controller for the processing of your personal data within the framework of the customer club. If you have any questions regarding our processing of your personal data or if you wish to exercise any of your rights, you are welcome to contact help@najell.com.
What personal data we process and why
The types of personal data we may collect include your name, email address, phone number, address, date of birth, gender, due date, country of residency, visit- and click history and purchase- and customer service history.
We analyze certain personal data (e.g., your preferences, location, and click history) to tailor our communication and offers.
To manage your membership, including communication and personalized offers based on your preferences and location.
To send marketing and promotional messages via email and/or SMS, including reminders and segmented communications.
To request product reviews to improve our offerings and understand customer behavior.
To manage your participation in competitions or events, including communication before, during, and after the event, and prize distribution.
To conduct marketing and advertising activities, including personalized advertising on social media platforms and other digital channels (e.g., Facebook, Instagram, Google). This may include the use of cookies and tracking pixels to deliver relevant content and offers based on your interactions with our website or emails.
Legal basis and retention period
We process your personal data on the basis of fulfilment of contract (i.e. the Membership Terms and Conditions) and on the basis of legitimate interest. Your data is retained as long as you are a member of the customer club or until you have been inactive for five years, (i.e., no purchases, logins, or interactions such as opening emails or clicking links), whichever comes first. We may also process your personal data in order to fulfill legal obligations arising from statutory requirements, court rulings, or decisions by public authorities. This may include obligations under, for example, product liability laws or accounting legislation. In addition, we may process your personal data for the purpose of defending against legal claims, for as long as such claims may be asserted.
Your rights
In accordance with the General Data Protection Regulation (GDPR), you have a number of rights in relation to the personal data we process about you. If you submit a request to exercise any of your rights, we may ask you to provide additional information in order to confirm your identity and ensure that the request is handled securely and accurately. You have the right to:
Access your personal data – You may request confirmation of whether we process your personal data and, if so, receive a copy of the data we process. If a request is manifestly unfounded or excessive, we reserve the right to charge a reasonable administrative fee or to deny the request.
Rectification – You have the right to request correction of inaccurate or incomplete personal data.
Erasure – In certain circumstances, you may request that we delete your personal data, for example if the data is no longer necessary for the purposes for which it was collected.
Restriction of processing – You have the right to request a temporary limitation of the processing of your personal data in specific situations, for example when you have objected to processing based on our legitimate interests and a verification is underway.
Data portability – In some cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format, and to transmit that data to another controller. This right applies only to data that you have provided to us and which is processed on the basis of consent or a contract.
To exercise any of the above rights, please contact us at help@najell.com.
If you have any other concerns, you also have the right to lodge a complaint with the Data Protection Authority.
Right to object to direct marketing
You have the right to object at any time to the processing of your personal data for direct marketing purposes. If you object, we will cease all processing of your personal data for such purposes, including all types of direct marketing communications. You may also choose to opt out of receiving marketing messages via specific channels — for example, you can choose to receive offers from us only via email.
Please note that opting out of certain communications may limit your access to specific customer club benefits, as outlined in our [Membership Terms and Conditions].
Who we share personal data with
We may share your personal data with processors, such as trusted third-party service providers in order to operate and improve our services. This includes:
Technical and operational service providers, such as email and SMS platforms, CRM systems, ERP platforms, analytics tools, and e-commerce systems.
Marketing and advertising partners, including platforms and other ad networks or social media platforms. Some of these marketing activities, including personalized advertising using cookies and tracking pixels, are based on your prior consent. You can manage your cookie and tracking preferences at any time through our [Cookie Policy].
Analytics: Partners who perform analyses on an aggregated, segmented, and individual level to help us better understand customer behaviour and improve our services.
All third-party providers are contractually bound to process your data only in accordance with our instructions and in compliance with applicable data protection laws.
We may share personal data with companies that act as independent data controllers. This means that we do not control how the information provided to such companies is processed.
We never sell your personal data.
How we protect your data
We implement appropriate technical and organizational measures to secure your personal data and prevent unauthorized access, disclosure, or misuse. These include encryption, secure servers, and access restrictions.
International transfers
Our aim is, as far as possible, to process your personal data within the EU/EEA. However, in certain situations, your personal data may be transferred to and processed by recipients in countries outside the EU/EEA. In such cases, we will take all reasonable legal, technical, and organizational measures to ensure that your personal data is handled securely and with an adequate level of protection that is comparable to, and at the same level as, the protection provided within the EU/EEA. Examples of appropriate safeguards include an approved code of conduct in the recipient country, standard contractual clauses, or binding corporate rules. If you would like a copy of the safeguards we have implemented or information about where they have been made available, you can request this by contacting us using the contact details provided below.
Cookies and tracking
For information on how we use cookies and similar technologies, please see our [Cookie Policy].
Changes to this Privacy Policy
We may update this policy from time to time. When we do, we will update the "Effective Date" at the bottom and notify you if there are significant changes. We encourage you to review this Privacy Policy periodically to ensure that you are satisfied with any changes made.
Contact information
For any questions or concerns regarding your personal data or this policy, please contact us via email: help@najell.com
_______________________________
Effective date: 9th of June 2025