Privacy Policy

Last updated: 10 November 2025

1. Introduction

This Privacy Policy explains how Vogkroz (“we”, “our”, “us”) collects, uses, and protects your personal data when you visit our website, request a consultation, or engage our window treatment services. We comply with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Swedish legislation.

2. Data We Collect

We may collect the following categories of personal data:

  • Identity details: name, company name, and title.
  • Contact details: email address, phone number, postal address.
  • Project information: room measurements, photographs, style preferences, product selections.
  • Communication data: emails, enquiry forms, consultation notes.
  • Technical data: IP address, browser type, device information, pages visited, and referrer URLs collected via analytics cookies.
  • Transaction data: order history, invoices, payment confirmations (processed through secure third-party payment providers).

3. How We Use Your Data

We process personal data for the following purposes:

  • Responding to enquiries, preparing quotations, and providing customer support.
  • Planning, producing, delivering, and installing blinds and curtains.
  • Maintaining internal records for warranties, service reminders, and product recalls.
  • Improving our services, website experience, and communications.
  • Sending marketing updates (only where you have opted in and may unsubscribe at any time).
  • Complying with legal obligations such as tax, accounting, and consumer protection laws.

4. Legal Bases for Processing

We rely on the following legal bases under GDPR:

  • Contractual necessity – to take steps before entering into a contract and to fulfil our contract with you.
  • Legitimate interests – to manage our business, develop our services, and defend legal claims. We balance these interests against your rights.
  • Legal obligation – to comply with applicable laws and regulations.
  • Consent – for marketing communications and optional cookies. You can withdraw consent at any time.

5. Data Sharing

We only share personal data when necessary:

  • Trusted suppliers and installers assisting with measurements, production, and installation.
  • IT and hosting providers, analytics services, communication platforms, and payment processors.
  • Professional advisers (lawyers, accountants, insurers) when required.
  • Authorities or regulators where required by law or to protect our rights.

All third parties are required to safeguard personal data and process it in accordance with GDPR.

6. International Transfers

Our primary operations are within the European Economic Area. If we transfer personal data outside the EEA, we use appropriate safeguards such as Standard Contractual Clauses or ensure the recipient is located in a country with an adequacy decision.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, including satisfying legal, accounting, or reporting requirements. Typically we keep project information for up to 7 years to honour warranties and provide aftercare. Technical analytics data is retained for up to 26 months.

8. Your Rights

Under GDPR you have the right to:

  • Request access to your personal data.
  • Request correction of inaccurate or incomplete data.
  • Request erasure of your data where there is no lawful basis to continue processing.
  • Object to or request restriction of processing in certain circumstances.
  • Request data portability for information you provided to us.
  • Withdraw consent at any time for processing based on consent.
  • Lodge a complaint with the Swedish Authority for Privacy Protection (IMY) or your local supervisory authority.

Please contact us using the details below to exercise any of these rights.

9. Cookies

We use essential cookies to operate the site and optional analytics cookies to understand site usage. For detailed information, please review our Cookie Policy. You can adjust your preferences through your browser settings or the cookie banner.

10. Data Security

We implement administrative, technical, and physical safeguards to protect personal data. These include secure hosting environments, encryption in transit, access controls, staff training, and regular policy reviews. While we strive to protect your information, no method of transmission over the internet is completely secure, so we cannot guarantee absolute security.

11. Children

Our services are not directed to children under 16 years of age and we do not knowingly collect personal data from children. If you believe we have information about a child, please contact us so we can delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated on our website with an updated “Last updated” date. We encourage you to review the policy regularly.

13. Contact Us

If you have questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact us:

Vogkroz
Drottninggatan 24
111 51 Stockholm, Sweden
Email: info@vogkroz.world
Phone: +46 8 123 45 67