SULFATE- & PARABEN-FREE HAIR CARE

RIGHT NOW: 25% OFF EVERYTHING

Vegan hair care products made in Sweden

Privacy Policy

1. Introduction

This Privacy Policy describes how we (The Every , reg. no. 559310-6189, located at The Every , Box 136, Sveavägen 124, 113 50 Stockholm, Sweden) handle your personal data when you, as a consumer, purchase products from and visit our website, the-every.com. We may also obtain your personal data from third-party sources. We act as the data controller for personal data obtained in this manner and for its processing in accordance with this Privacy Policy.

We protect your privacy. It is therefore important to us to safeguard your personal data and ensure that our processing of your personal data is accurate and lawful. This Privacy Policy will help you understand what personal data we collect about you and how it is used when you purchase products from and visit our website, as well as your rights as a data subject. We ask that you read this Privacy Policy carefully and familiarize yourself with its contents.

We may occasionally need to update or modify this Privacy Policy. If we do so, we will notify you in an appropriate manner, and we ask that you carefully review the updated Privacy Policy.

We hope this Privacy Policy answers your questions about how we process your personal data. If you have any further questions, please contact us at the address listed above or at help@the-every.com

2. What personal data do we process

The categories of personal data we process are as follows:

(a) Name and contact information, such as your email address, phone number, and home address;

(b) Financial information, such as payment method and debit or credit card number;

(c) Purchase and search history; and

(d) Browser information, such as the type and version of your browser, any website from which you were referred to us, the time zone from which you are visiting us; the pages you visit on our website; your IP address and an approximate location estimate based on your IP address; information about your web activity or your interaction with emails we send you, etc.

3. Why we process your personal data

3.1 To provide our services

We process your personal data to provide you with our services and to communicate with you. This includes processing your contact information in connection with a purchase, to complete transactions, to place orders on your behalf, and to provide support. Our processing for the purpose of providing our services is based on our legitimate interest in doing so.

3.2 To improve our services

We process your personal data to improve our services and make them more user-friendly. This includes conducting market research and customer satisfaction surveys. For these purposes, we also use your personal data based on your web activity and activity related to emails we send to you. Our processing for the purpose of improving our services is based on our legitimate interest in doing so.

3.3 Direct marketing

We also use your personal data to communicate with you, to inform you about our terms and conditions, and to send you marketing messages. When we process your personal data for the purpose of direct marketing, we do so based on our legitimate interest in maintaining our relationship with you and communicating with you—as a customer or a representative of an organization—about our new products, campaigns, and similar matters. You have the right at any time to object to the processing of your personal data for such direct marketing by contacting us at help@the-every.com; in that case, provided there is no legal basis for the processing, we will cease processing your personal data.

4. How do we share your personal data

The personal data we collect may be shared with our third-party suppliers and other third parties listed below.

(a) Service Providers: We may use third-party service providers to manage certain aspects of our business operations. We may share personal information with such third parties so they can perform services on our behalf, such as fulfilling online purchases, processing payments, sending marketing communications, conducting research surveys, and verifying and validating the information you have provided to us.

(b) Partners: If you use services provided by our partners that are integrated with our services, our partners will have access to your personal data. The personal data collected by our partners is subject to their own terms and policies regarding the processing of personal data.

(c) Sale or transfer of business or assets: Your personal data may, to the extent permitted and in accordance with applicable data protection laws, be transferred or disclosed to a purchaser or prospective purchaser in the event of a sale, assignment, or other transfer of all or part of our business or assets.

(d) We may also share your personal data when required by law.

When we use service providers in accordance with (a) above, we will enter into a data processing agreement with the service provider that requires it to ensure that your personal data is processed only in accordance with our instructions and this Privacy Policy. The processing and sharing of your personal data in accordance with (a)-(d) above is necessary for our legitimate interest in providing our services, fulfilling any contract we have entered into with you, or complying with mandatory law.

5. Transfer of your personal data outside the EU/EEA

If your personal data is transferred to any of our partners that conduct business outside the EU/EEA, we will ensure that appropriate safeguards are in place prior to the data transfer, for example, by verifying that the country in which the recipient is located provides an adequate level of data protection as determined by the European Commission, or by using standard contractual clauses issued by the European Commission that ensure appropriate measures to protect your rights and freedoms.

6. How long do we retain your personal data?

We will only store your personal data for as long as necessary to fulfill the purposes for which it was collected and to comply with our legal obligations to retain data, but no longer than permitted by applicable law.

7 Cookies and Pixel Tags

7.1 Cookies

Cookies are small text files stored on your device that allow us to track how you use our website, the-every.com

There are two types of cookies: 1) a persistent cookie that remains on your device for a set period of time; 2) a session cookie that is stored temporarily in the device’s memory while you are on the website. Session cookies are deleted when you close your browser.

By accepting the use of cookies on the-every.com, you consent to the use of cookies as described in this Privacy Policy. If you do not accept our use of cookies, you can configure your browser to block cookies. You can also set your browser to notify you whenever the website attempts to place a cookie on your device. You can also delete previously stored cookies through your browser. Please refer to your browser’s help section for more information. Furthermore, you can delete cookies manually from your hard drive at any time.

Please note that if you choose not to accept cookies, some features of certain websites may be limited.

7.2 Pixel Tags

We use “pixel tags,” “web beacons,” “JavaScript,” or similar technologies that enable, among other things, the tracking of your activities when you use our website or receive email messages (collectively referred to as “Pixel Tags”). Pixel Tags may be used in connection with our website the-every.com, our online advertising, or our email messages, either by us or by our service providers, business partners, or other third parties. By visiting the-every.com, you consent to our use of Pixel Tags in accordance with this Privacy Policy.

Pixel tags are used to collect typically anonymous data to help identify certain information, such as compiling reports on tracking data regarding demographics, patterns, and other information to improve the customer experience. We may share these reports with, for example, marketing partners. The tracking information in these reports cannot be traced back to individual users. We may combine the tracking information with other personal data provided by users of the website for the purpose of analyzing the information. When such combination is performed, all combined information is processed as personal data and used and shared only in accordance with this Privacy Policy.

Pixel tags may be used to determine why you visit our website, such as whether you were directed to the site by an online advertisement or email. Certain pixel tags may also be used by other companies to track visits to their websites, to determine whether such traffic originated from our website, or to verify your eligibility for benefits.

Third-party cookies or pixel tags may collect information about user activities on our website over time and across different websites.

8. Security measures

We have implemented a number of security measures to ensure that the personal data we hold is secure. For example, access to areas where personal data is stored is restricted to our employees and service providers who need it to perform their duties and who have been informed of the importance of maintaining the security and confidentiality of the personal data we hold. We maintain appropriate safeguards and security standards to protect your personal data against unauthorized access, disclosure, or misuse.

9. Your rights

9.1 Right of access and rectification

You have the right to know what personal data we process about you, as well as the right to access and correct that data. To learn more about the information we hold about you, please feel free to email help@the-every.com and specify the information you wish to access or inquire about.

9.2 Right to erasure

You may request that we erase your personal data without undue delay in the following circumstances:

(a) the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;

(b) you withdraw your consent on which the processing is based (if applicable) and there is no other legal basis for the processing;

(c) you object to our processing of personal data and we do not have any overriding legitimate grounds for the processing;

(d) the personal data has been processed unlawfully; or

(e) the processed personal data must be erased to comply with legal obligations.

We may deny your request if we are prevented from erasing your personal data by requirements set forth in applicable laws and regulations (e.g., in relation to accounting and tax legislation) or if the data is necessary for the establishment, exercise, or defense of legal claims. If we cannot grant your request, we will instead restrict the personal data so that it cannot be used for any purpose other than the one preventing its erasure.

9.3 Right to restriction

You have the right to restrict the processing of your personal data in the following circumstances:

(a) you dispute the accuracy of the personal data during a period that allows us to verify the accuracy of such data;

(b) the processing is unlawful and you object to the erasure of the personal data and request restriction instead;

(c) the personal data is no longer needed for the purposes of the processing, but is necessary for you to establish, exercise, or defend legal claims;

(d) you have objected to the processing of the personal data in accordance with section 9.4 below, pending verification of whether our legitimate grounds for processing override your interests, rights, and freedoms.

If your personal data has been restricted in accordance with this section, it may, with the exception of storage, only be processed for the establishment, exercise, or defense of legal claims, or for the protection of the rights of a third party, or for reasons of substantial public interest in accordance with EU or EU member state legislation.

9.4 Right to object

You have the right to object to our processing of your personal data when it is based on our legitimate interests. If you object and we believe that we may still process your personal data, we must demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.

Your personal data will not be processed for direct marketing purposes if you object to such processing.

9.5 Right to data portability

If you have provided your personal data and our processing of that data is based on your consent or on the performance of a contract with you, you have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format so that you can transmit it to another service provider, provided that this is technically feasible and can be carried out by automated means.

9.6 Right to withdraw consent

When our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. Please note that the lawfulness of processing based on consent prior to its withdrawal remains unaffected.

9.7 Right to file a complaint

You may file a complaint with the supervisory authority at any time if you believe that our processing violates applicable data protection laws. Please note that you are also always welcome to contact us in such cases.

10. For a contact person within an organization with which The Every a business relationship

We process your personal data, such as your name and contact details (including your email address and phone number), because you are our business contact or the contact person for an organization (such as a business, foundation, government agency, etc.) with which we have, have had, or may in the future have a business relationship. We process your personal data to provide you with our services and to communicate with you. Our processing for the purpose of providing our services and maintaining our business relationship is based on our legitimate interest in doing so. See sections 4–9 above for information regarding the transfer of personal data, security measures, your rights as a data subject, etc.