What is Swiipe and how does it work?
Swiipe is a payment and ID solution. You can simply login with Swiipe at the checkout and Swiipe will take care of your data securely storing it (encrypted and completely controlled by) or you can choose the old-fashioned check-out. It’s your call!
Your right is fundamental
We do know that the right to protection of your data is fundamental, this is precisely why we take it seriously and we use your data in a responsible way as required by the EU’s Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and free movement of such data – GDPR.
What data do we need and why?
Swiipe strives to provide you the best shopping experience by making it easier for you to do transactions on the internet. In order to make it possible, we need regular data such as: contact details, card information, shoe size, license plate number etc., depending on what goods and services you want to purchase.
If you signed up for the newsletter, we collect and store your e-mail address for the purpose of keeping you informed about our service.
What is the legal basis which allows us to process your data?
We process your data after you have given your active consent, as mentioned by Article 6 (1)(a) of the GDPR.
What do we do with your data?
Firstly, we collect and store your data. Then, in order to finalize your payment, we send the necessary data to our processor – Spreedly which stores, tokenizes and sends transactions securely to third party API endpoints.
If you choose not to login with Swiipe, your data will not be stored.
For how long do we keep your data?
Because handling card information implies a higher risk of fraud, on-line transactions need to be monitored closely to keep you safe. Therefore, your data will be kept for at least 5 years after you no longer use Swiipes services, according to Danish national law. During this period, Swiipe will only store your data and transmit it to the public authorities when they justify an interest in requesting them.
Your security matters
We use encryption for your semi-sensitive data which you would expose if required for a specific purpose, such as: credit, identification, work related information, CPR number, criminal record etc.
What are your rights?
As our user you are our top priority, therefore we respect your rights.
You can access and rectify your data
You have the right to access your personal data that we collect through a secured user portal. There you can have an overview of your activities as a Swiipe user and you can update the inaccurate data.
Ask us to erase your data
If your data are no longer necessary for the purpose of the service or when you withdraw your consent for processing, you will have your data erased upon request.
The erasure is not an automatic process, Swiipe will assess your request and if there are no other impediments or legal obligations Swiipe will erase your data.
You can restrict the processing of your data
You have the right to obtain restriction of processing when:
- the processing is unlawful, and you oppose the erasure of personal data
- Swiipe no longer needs your personal data for the purpose described above, but you require the data for the establishment, exercise or defense of legal claims
If restricted, personal data will be processed only with your consent (with the exception of storage). You will be informed before the restriction is lifted.
Your data is portable
If you decide that you want your data to be sent to another service provider, just let us know. You will receive your personal data from us in a structured, commonly used and machine-readable format and Swiipe will transmit those data to another service provider when technically feasible.
You can object at any time
If you do not want your data to be processed for direct marketing purposes, you have the right to object at any time.
You can withdraw your consent at any time
You are granted the right to withdraw your consent at any time without providing justification and without suffering negative consequences. You can do that by sending Swiipe a written notification of withdrawal.
Lodge a complaint if we are not compliant
If we cannot address your requests timely and in accordance with the GDPR, you can lodge a complaint with the Danish Data Protection Agency (Datatilsynet).