1. General information about GDPR
Here you can read about what the new GDPR EU privacy reform implies for your customer relationship to TOKO AG. If you have any other questions, please feel free to contact us at gdpr(at)swixsport.no.
What is GDPR?
A Better Experience for You
The new regulation becomes part of the Swiss/German legislation and is an additional assurance that your personal information is processed correctly and in accordance with the law. There will be greater responsibility for us in processing and securing your customer data while at the same time being able to conduct your online shopping in the same way as before.
Your current consent is still valid. What's new is that you can now choose whether you want to receive offers and news via email and that the information about your consent and what it implies is up to date. You may withdraw your consent at any time by contacting gdpr(at)swixsport.no. You can also simply sign up for the newsletter by following the instructions at the bottom of the newsletter you received.
Coordinator and Third Party
The Managing Director of Brav Norway AS (the TOKO AG parent company in Norway) is generally responsible for the company's processing of personal data. To provide a tailor-made experience for you, we might use external partners, but your personal data is in no way neglected or sold to third parties. We guarantee that. In our Terms & Conditions you can read more about our processing of personal data.
Regarding GDPR, we have adapted and simplified our privacy statement. In the statement, you can read more about how we process your personal information and what kind of information it concerns. The declaration informs you of the customer data you provide for a purchase with us and the contact points for the information internally in our system.
Data Protection Officer
We have appointed a personal representative who is an employee of Brav Norway AS (parent company of TOKO AG). The Ombudsman is our internal privacy advisor who guides us in ensuring that privacy is being taken care of and that we constantly adhere to the regulations.
Increased Security for Your Customer Data
The new directive requires that we have a full overview of all the company's personal data and demand security for them. In the event of a data breach, which may affect your personal information, we follow the rules for reporting obligations stated in the GDPR.
2. Privacy Statement TOKO AG
This Privacy Statement tells you how we collect and process personal information.
Brav Norway AS, by the CEO, is the responsible manager for the processing of personal data by the company. The daily practitioner has the ultimate responsibility to ensure that all processing and handling of personal data is in accordance with applicable law. The daily responsibility is delegated to our privacy Ombudsman, also called "Data Protection Officer" (DPO). The delegation covers only the day-to-day tasks and not the responsibility itself.
The tasks of the DPO are to provide employee information and advice on privacy legislation, monitor compliance with the privacy regulation and internal guidelines, as well as advise on privacy implications and be the contact point for the registrar and the audit.
Evry AS is our general data processor and is our supplier for the development and maintenance of our ERP system. Barga Technical Services GmbH is our operating supplier and data processor for Toko.ch.
Information collected relating to site operation is stored on servers operated by the provider. Only TOKO AG, Evry AS and Barga Technical Services GmbH have access to the information collected. A separate data-processing agreement between TOKO AG and Evry AS governs what information the provider has access to and how it should be processed.
To make a purchase with TOKO AG we need name (business/personal name), address, mobile number and e-mail.
This is required to ship the products you have ordered to the correct shipping address, keep up to date with the order movements, and contact you if there should be a need for your order.
We are required to keep order information in connection with accounting, fee handling and any warranty / return handling. This history is deleted after ten years. Order information is securely stored in our ERP system, hosted in cloud servers by Microsoft. The ERP system servers are located in Amsterdam, Netherlands.
You have the right to access your personal information as we have registered in accordance with applicable law. You may at any time request to receive this information without consideration in accordance with the law. Normally you will receive the personal information you have requested from us within 3-5 business days, but it may take longer depending on the season and circumstances.
You may also, at any time, ask us to delete or correct your personal information, provided that we are not obliged to keep these in accordance with applicable law or other obligations we have.
Information must be delivered / transferred safely. If you submit the request electronically (e.g. via email or chat), and unless you request otherwise, the information should be provided in a standardized electronic form, such as XML or Excel.
You may withdraw the consent on marketing you have given us at any time by contacting gdpr(at)swixsport.no or by using the information at the bottom of any newsletter we send out.
You are entitled to appeal to the Data Inspectorate of the Swiss Federal Council if you find that your personal information is not processed in accordance with this Statement.
If you have experienced anything you think is a violation of the GDPR rules by TOKO AG, you may appeal by sending a written request to gdpr(at)swixsport.no or in letter form to the following address:
Brav Norway AS
Storing Personal Information
Accounting laws requires us to store transaction data for 10 years, but also in order to safeguard customer rights in connection with warranty and complaint pursuant to the Consumer Purchase Act, the Purchase Act and TOKO AG terms of sale, we store the purchase history for 10 years.
Security of Personal Data
TOKO AG have good practices in place to ensure that unauthorized personnel do not have access to your personal information and that processing of data is in accordance with the requirements of applicable law. You can feel rest assured that we store your personal information in a safe way.
Delivery of Goods
We cooperate with UPS, Schenker and Bring for the transport of goods and we provide personal information necessary to deliver the goods to you. The information shared with the carriers is the name, address, email and telephone number. The information will be deleted from the carrier within 36 months, unless the applicable law indicates otherwise.
Here you can see an overview of cookies used on Toko.ch: