)
1. Who We Are
2. Scope Of This Policy
3. What Data We Collect
4. Legal Basis for Processing
5. How We Use Cookies
6. Use of Google Consent Mode (advanced)
7. Sharing of Personal Data with third Parties
8. Your Rights Under GDPR and CCPA
9. Security Measures
10. Children’s Data
11. Contact Information
12. Cookie Settings
13. Data Retention
Strandberg Guitars AB is the data controller for personal data collected through our websites.
Company – Strandberg Guitars AB
Swedish Org. No – 556889-2862
Address – Björkgatan 77, 753 23 Uppsala, Sweden
Phone – +46 (0)18 24 78 89
Email – [email protected]
2. Scope of This Policy
This privacy and cookie policy applies to customers and site visitors and described how we process your personal data in accordance with the General Data Protection Regulation (GDPR). For US-based users, we strive to comply with applicable federal and state privacy laws, including the California Consumer Privacy Act (CCPA) where applicable.
3. What Data We Collect
You may visit our website without sharing personal data unless it is necessary for a specific service which you have requested, i.e. the use of our web site. We may collect:
Data collected by the use of cookies and similar technologies:
IP address, browser type, operating system, referring website
Pages visited, actions on site (e.g. cart, checkout)
Device metadata (screen resolution, device type)
Data collected by other means:
Personal data provided by you, e.g. via forms, purchases, or email (such as name, contact info, payment data)
4. Purpose and Legal Basis for Processing
We rely on the following legal bases under Article 6 of the GDPR for the corresponding purposes:
Consent – For cookies (except necessary cookies), marketing emails, and analytics based on data from cookies and marketing emails.
Contract – To fulfill product purchases and shipping.
Legal Obligation – For compliance with accounting and tax laws.
Legitimate Interest – To improve website performance and customer experience (where the legitimate interest pursued is our legitimate interest in ensuring optimal website performance and customer experience), and to handle customer service enquires (where the legitimate interest pursued is our legitimate interest of providing customer service).
5. How We Use Cookies
We use both first-party and third-party cookies. For more information on what data we collect, see “3. What Data We Collect” above.
Types of Cookies:
Essential – Required for site functionality (e.g., shopping cart, login). Cannot be disabled.
Functional – Enable enhanced features like video embeds or live chat.
Analytics – Help us understand site usage in aggregate.
Marketing – Used to personalize ads and measure campaign performance.
Preferences – Save user settings (e.g., language, currency).
You can withdraw you consent and manage your preferences anytime via the "Cookie Settings" link on our site.
6. Use of Google Consent Mode (Advanced)
We use Google Consent Mode (Advanced) to respect your cookie preferences while still collecting basic usage data.
Before Consent:
No marketing or analytics cookies are set.
Google tags operate in restricted mode.
Only cookieless pings with non-identifying metadata (device type, timestamp, URL) are sent.
After Consent:
Analytics and advertising cookies may be activated.
Conversion tracking and remarketing is enabled.
Aggregated data (before + after consent) may be used for modeling.
You can withdraw your consent and manage change your preferences anytime via our "Cookie Settings" banner.
Learn more: Google Consent Mode Help Center | Google Privacy Policy
7. Sharing of Personal Data with Third Parties
We only share personal data when necessary and with appropriate safeguards:
Operational Partners:
Google - Web- and analytics tools.
Microsoft Azure – Web hosting provider supporting secure infrastructure.
Norce – E-commerce platform provider
Klaviyo – Marketing and customer communication platform.
Adyen – Payment processing globally. Adyen Privacy
Klarna Bank AB – Payment processing in select regions. Klarna Privacy
FedEx – Shipping for US customers. FedEx Privacy
DHL Express – Shipping within the EU/EEA. DHL Privacy
PostNord – Shipping within Sweden/Nordics. PostNord Privacy
Other Disclosures:
Legal Compliance – When required by law or court order.
Campaign Participation – Based on your consent, we may engage platforms such as Instagram, Facebook, and YouTube.
International Transfers – We ensure that any international transfers are protected by adequate safeguards, either by ensuring that the recipient is certified under the EU-US Data Privacy Framework (if the recipient is located in the US), or by entering into Standard Contractual Clauses adopted by the EU Commission with the recipient. More information on the EU-US Data Privacy Framework can be found here, and more information on the Standard Contractual Clauses can be found here.
Automated Decision-Making – Some third-party tools may use automated processing (e.g., for segmentation or ad personalization). This does not produce legal effects but may tailor your experience.
8. Your Rights Under GDPR and CCPA
GDPR:
Access – To the personal data we hold about you.
Rectification – To correct inaccurate or incomplete data.
Erasure – To delete your data ('right to be forgotten').
Restriction – To limit the processing of your data.
Objection – To object to certain processing activities.
Data Portability – To receive your data in a portable format.
Withdrawal of Consent – At any time, for processing based on consent.
For US Users (under CCPA):
Right to Know – What categories of personal data we collect and why.
Right to Access – A copy of your personal information.
Right to Delete – Request deletion of your data.
Right to Opt-Out – You may opt out of the sale or sharing of your data.
Right to Non-Discrimination – We will not treat you differently for exercising your privacy rights.
To exercise these rights, email us at: [email protected]
Under the GDPR, you have the right to lodge a complaint with you’re the Swedish Authority for Privacy Protection (www.imy.se) or with a national GDPR Supervisory Authority in another EU/EEA country. For US users, rights may vary depending on your state.
9. Security Measures
We implement appropriate technical and organizational safeguards to protect your personal data. Where possible, we encrypt data during transmission and storage. Our practices are continuously reviewed and updated.
10. Children’s Data
We do not knowingly collect data from children under 13. If we become aware that we have collected personal data from a child without guardian consent, we will delete it immediately. Guardians can contact us to access or delete a child's data.
11. Contact Information
Data Protection Officer:
Strandberg Guitars AB
Björkgatan 77, 753 23 Uppsala, Sweden
Phone: +46 (0)18 247889
Email: [email protected]
12. Cookie Settings
You can update your cookie preferences at any time by clicking the "Privacy & Cookie Settings" button available on all pages. For more details on how cookies work, visit www.allaboutcookies.org or Wikipedia: HTTP cookie.
13. Data Retention
We retain your data only as long as necessary for the purpose for which it was collected:
Order data – 7 years for accounting and tax compliance.
Marketing data – Until you unsubscribe or withdraw consent.
Analytics data – Up to 14 months unless stated otherwise.