The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
First, who are we and what do we mean with we/us/our?
We are the people behind the heavy metal band Sabaton, formed in 1999 in Falun, Sweden.
Our store address is: https://store.sabaton.net
Company name: Swedish Empire Touring Ltd (The Registrar of Companies, Cyprus, Registration number: HE394010)
We know that data privacy is a top issue today, and that is why we want to ensure that you can enjoy interacting with us on this website in the knowledge that your personal information is fully protected and that it remains under your control.
Here you will find a guide to how we collect the data, why we need it, how we use it, and how you benefit from it. Take a moment to discover the full facts about our data privacy.
What we collect
We collect information about you during the checkout process on our store.
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
What we share with others
We share information with third parties who help us provide our orders and store services to you; for example our payment providers PayPal, Stripe and Braintree, as well as our courier service providers DHL, FedEx and Cyprus Post Office. We might also share information with the technical support teams of the store’s plugins such as WooCommerce, Pluginhive, Techlink, elextenions, in order to help us solve technical issues that may arise.
We accept different payment methods through various gateways. When processing payments, some of your data will be passed to the payment gateway, including information required to process or support the payment, such as the purchase total and billing information. See below the gateways we are using.
All completed orders placed prior August 2019 were exported along with buyers’ personal data to Unifaun for creating shipment documents, track & trace etc. More information here: https://www.unifaun.com/
We use Google Analytics to collect basic website user data for statistics purposes. The data retention period is set to 26 months and will be reseted upon any new activity. When data reaches the end of the retention period, it is deleted automatically on a monthly basis. All data is stored on Googles servers and can be stored anywhere in the world that they decide. More information can be obtained from Google: https://privacy.google.com/businesses/compliance/
Facebook Custom Audiences ("Facebook Pixel")
This website also uses the remarketing function “Custom Audiences” of Facebook Inc. (“Facebook”). This allows users of the website to see interest-based advertisements (“Facebook ads”) when visiting the social network Facebook or other websites that also use this tool.
Your browser automatically establishes a direct connection to the Facebook server once you are visiting our website. We have no influence on the extent and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our level of knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you have called up the corresponding website of our Internet presence, or that you have clicked on an advertisement from us. If you are registered with a Facebook service, Facebook can associate your visit with your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider may obtain and store your IP address and other identifying information.
The “Facebook Custom Audiences” function can be deactivated in the Cookie Settings and for logged in users at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen#_.
Cookie lifetime: up to 6 months (this applies only for cookies which have been set by this website.).
You can find a list of all third party vendors here.
Our newsletter is provided with the service of www.getresponse.com
If you choose to subscribe your name and email will be kept internally and stored at the getresponse servers until you choose to unsubscribe which you can do by clicking a link in the bottom of every mail sent out.
Should you choose to unsubscribe your email address and any other information getresponse.com has stored on you will be deleted.
By using any contact form on this website to contact us you are by default sending us your name, and your e-mail address.
When using the form for crew application all your personal data sent to us will be stored in a Google Drive document and managed by the team leaders for the festival. The data provided by you will be stored for legal reasons such as insurance and working environment laws in Sweden. The saved data will be deleted 12 months after the festival. If your application is rejected, the data will be deleted immediately.
The data retention period for any emails sent to us is set to forever meaning that no emails will be deleted.
All emails are stored encrypted on Microsoft Exchange servers and temporary on each recipient’s computer.
Sweepstakes & Competitions
From time to time, we will run sweepstakes and competitions to offer our fans the opportunity to participate in prize draws, and/or to subscribe to our newsletter. The personal information collected from these actions is stored in a secure file.
We use this personal information to:
- If you enter a prize draw, to consider your participation, to contact you if you win, and to send you your prize.
- If you subscribe to a newsletter, to send you information from time to time about Sabaton via our newsletter provider GetResponse.
The basis for data processing is consent.
We may need to collect contact info such as full name, email, phone number and postal address if you win a Prize Draw.
The recipient of the data is the Sabaton team and/or the Nuclear Blast team.
Data can be collected and hosted via one of our service providers’ websites such as gleam.io amongst others.
If you enter a Prize Draw, the data will be retained for 1 year after its end.
If you subscribe to our newsletter, your data will be retained in the database until you withdraw your consent and unsubscribe by clicking the unsubscribe link at the bottom of our marketing emails. If you unsubscribe, you will not receive marketing communications from us anymore.
You can access, rectify or delete your personal data. You can also ask us to send you a copy of all personal data that concerns you at our disposal. You also have the right to data portability and the right to restriction of processing.
To exercise these rights or for any question regarding the processing of your personal data, you can fill out the form in the “Your right to data portability” section at the bottom of this page.
More information about Cookies on this website can be found here: https://www.sabaton.net/cookie-policy/
Third party links
Our website, our newsletters and other communications may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
This website stores it’s data the servers of Microsoft Azure: https://azure.microsoft.com/.
We also use a Content Delivery Network (CDN) service for higher global performance of sabaton.net
A CDN is a geographically distributed network of proxy servers and their data centers. The goal is to distribute service spatially relative to end-users to provide high availability and high performance.
The service we are using is CloudFlare and you can read about their GDPR policy here: https://www.cloudflare.com/gdpr/introduction/
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We use SSL (Secure Sockets Layer) that ensures all data passed between the web server and browsers remain private and integral.
More info here: http://info.ssl.com/article.aspx?id=10241
Who can access my data?
Your personal data will not be disclosed to the public or sold to third parties. If our commercial partners need data to provide you with services, we will ask your permission. We may also have to provide access to specific data if required to do so by authorities.
Your right to data portability
You have always the right to access the personal data we have collected from you. If you wish to request access to the personal data we hold about you on this website, simply use this form below:
We respect your privacy and we handle personal data with the utmost care and sensitivity.