This Privacy Policy explains how Naavian ("we", "us", "our") collects, uses, discloses, and protects your personal information when you visit or make a purchase from www.naavian.com (the "Site") or otherwise interact with us.
By using the Site, you agree to the collection and use of information in accordance with this Privacy Policy and applicable data protection laws, including the EU/EEA General Data Protection Regulation (GDPR), relevant Scandinavian and UK privacy rules, and applicable U.S. state privacy laws (such as CCPA/CPRA where relevant).
1. Data Controller and Contact Details
Naavian is the data controller for the personal data processed in connection with the Site and our online store.
If you have any questions or wish to exercise your privacy rights, please contact us at:
Email: support@naavian.com
2. Personal Information We Collect
We collect different types of information depending on how you interact with us:
2.1 Information You Provide to Us
- Order and account information: name, billing address, shipping address, email address, phone number, and order details.
- Payment details: limited payment information (such as card type and last digits) processed securely by our payment service providers. We do not store full payment card numbers.
- Customer support: information you provide when you contact us, including emails and messages sent via forms on the Site.
- Marketing preferences: your choices regarding newsletters and marketing communications.
2.2 Information Collected Automatically
When you visit the Site, certain information is collected automatically by our e-commerce platform and analytics tools:
- IP address
- Device type, browser type, operating system
- Approximate location (country/region)
- Pages viewed, time and date of visits, referring URLs, and clickstream data
- Information collected by cookies, pixels, tags, or similar technologies
2.3 Cookies and Similar Technologies
We use cookies and similar tracking technologies to operate the Site, remember your preferences, analyze traffic, and support marketing activities. Some cookies are essential for the Site to function, while others are used for analytics and advertising.
You can manage cookies through your browser settings and, where applicable, through cookie consent tools on the Site. If you disable certain cookies, some features of the Site may not work properly.
3. How We Use Your Personal Information
We use your personal information for the following purposes:
- To provide and operate the online store: process your orders, manage payments, arrange shipping, handle returns, and provide customer support.
- To manage your account: create and maintain your customer profile and order history.
- To communicate with you: send transactional emails (order confirmations, shipping updates, etc.) and respond to your inquiries.
- For marketing: send newsletters and offers if you have subscribed or otherwise given consent, and show relevant advertising where permitted by law.
- For analytics and improvement: understand how visitors use the Site, improve our products, services, and user experience.
- For security and fraud prevention: detect and prevent fraud, unauthorized transactions, and misuse of the Site.
- To comply with legal obligations: keep records required by applicable laws and respond to lawful requests from authorities.
4. Legal Bases for Processing (EU/EEA & UK)
When we process personal data of individuals in the EU/EEA, UK, and similar jurisdictions, we rely on one or more of the following legal bases:
- Performance of a contract: to process and deliver your orders and provide related services.
- Consent: for certain marketing activities, use of non-essential cookies, and other processing where required by law.
- Legitimate interests: to operate, secure, and improve our business and the Site, provided that such interests are not overridden by your rights and freedoms.
- Legal obligation: to comply with applicable laws, accounting rules, tax regulations, and other legal requirements.
5. How We Share Your Personal Information
We do not sell your personal information. We may share your information with trusted third parties to provide our services, including:
- E-commerce platform provider: third-party platform(s) that host our store and help us operate the Site.
- Payment service providers: to process your payments securely.
- Logistics and shipping partners: to deliver your orders.
- IT and cloud service providers: to host data, backup systems, and provide technical support.
- Analytics and marketing partners: to help us understand how the Site is used and to support marketing efforts, where permitted by law.
- Professional advisers: such as lawyers, accountants, or auditors when necessary.
- Authorities and law enforcement: where we are legally required to do so or where it is necessary to protect our rights, property, or safety.
- Business transfers: in connection with a merger, acquisition, reorganization, or sale of all or part of our business.
These third parties only have access to personal information as needed to perform their services and are required to process it in accordance with applicable data protection laws and this Privacy Policy.
6. International Data Transfers
Because we work with service providers and partners in different countries, your personal information may be transferred to and processed in jurisdictions other than your country of residence, including countries outside the EU/EEA where data protection laws may differ.
When personal data is transferred from the EU/EEA or UK to a country that does not provide an equivalent level of data protection, we use appropriate safeguards such as the European Commission’s Standard Contractual Clauses or other lawful mechanisms to ensure an adequate level of protection.
7. Data Retention
We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law (for example, tax or accounting rules).
When personal information is no longer needed, we will either delete it or anonymize it so that it can no longer be linked to you.
8. Your Rights
8.1 Rights for EU/EEA, UK, and Similar Jurisdictions
Depending on your location and subject to certain conditions and exceptions, you may have the following rights regarding your personal data:
- Right of access – to receive confirmation and a copy of the personal data we hold about you.
- Right to rectification – to have inaccurate or incomplete data corrected.
- Right to erasure – to request deletion of your personal data in certain circumstances.
- Right to restriction of processing – to request that we limit how we use your data in certain cases.
- Right to data portability – to receive your data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
- Right to object – to object to certain processing, including direct marketing based on legitimate interests.
- Right to withdraw consent – where processing is based on consent, you may withdraw it at any time, without affecting prior processing.
- Right to lodge a complaint – with your local data protection authority if you believe your rights have been violated.
To exercise any of these rights, please contact us at support@naavian.com.
8.2 Rights for U.S. State Privacy Laws (e.g. California)
Residents of certain U.S. states (such as California, Colorado, Connecticut, Utah, and Virginia) may have additional rights under applicable privacy laws, including:
- The right to know/access what personal information we collect, use, disclose, and, where applicable, “share”.
- The right to request deletion of your personal information, subject to legal exceptions.
- The right to correct inaccurate personal information.
- The right to opt-out of certain types of targeted advertising or "sharing" of personal information, where applicable.
- The right to non-discrimination for exercising your privacy rights.
To submit a request, please contact us at support@naavian.com.