Privacy and Cookie Policy for Keralase
1. Introduction
This Privacy and Cookie Policy explains how Gold Factory AB (corporate ID 559043-1242), the owner of the Keralase brand and the website www.keralase.se, processes personal data and uses cookies when you visit our website and when you contact our clinics in Malmö and Jönköping. At Keralase, we offer treatments such as laser tattoo removal, laser hair regrowth treatments, and laser skin treatments. We value your privacy and are committed to protecting your personal data in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).
2. Data Controller
The data controller for the processing of your personal data is:
Gold Factory AB
Corporate ID: 559043-1242
3. What Personal Data We Collect and Why
We collect personal data to provide our services, communicate with our customers, and improve your experience on our website. Examples of personal data we may process include:
Contact Information: Name, phone number, email address, and any messages you send to us.
Health Information: Only to the extent necessary to perform your treatments at our clinics (e.g., skin type, relevant medical history related to the treatment area), and always with your explicit consent.
Booking Information: Appointment dates, times, locations, chosen services, and payment information (not full credit card numbers).
Technical Information: IP address, browser type, visit times, and pages visited on our website, collected through cookies and similar technologies.
4. Purposes and Legal Grounds for Processing
We process your personal data for the following purposes and on the following legal grounds:
Provision of Services: To schedule and perform treatments, communicate about your treatment, and provide advice and recommendations. Legal basis: Performance of a contract or consent (for sensitive data such as health information).
Customer Service and Support: To respond to your inquiries and provide customer support. Legal basis: Legitimate interest or performance of a contract.
Marketing and Information: To send newsletters, offers, and information about new treatments, if you have given your consent. Legal basis: Consent.
Statistics and Website Improvement: To analyze user behavior and improve our website and services. Legal basis: Legitimate interest.
5. How We Share Your Data
We generally do not share your personal data with third parties, except:
Service Providers: Subcontractors who assist us with IT operations, booking systems, payment solutions, and marketing. They act only on our instructions and may not use the data for their own purposes.
Authorities: If we are legally required to do so by law or governmental authorities.
We always ensure appropriate technical and organizational measures are in place when sharing personal data.
6. Retention Period
We store your personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. For example, contact and booking details are retained while you remain a customer and for a reasonable period afterward to handle any complaints or legal claims. Health information is deleted in accordance with applicable legislation and industry standards.
7. Your Rights
Under data protection laws, you have certain rights:
Right of Access: You can request a copy of the personal data we process about you.
Right to Rectification: If you believe your data is inaccurate or incomplete, you can request that it be corrected.
Right to Erasure: You can request the deletion of your personal data if there is no longer a legitimate reason to retain it.
Right to Restrict Processing: You can request that the processing of your data be restricted under certain circumstances.
Right to Data Portability: You can request certain personal data in a structured, commonly used, and machine-readable format.
Right to Object: You have the right to object to processing based on our legitimate interest or to direct marketing.
If you wish to exercise any of these rights, please contact us using the contact details above. If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the relevant supervisory authority (e.g., IMY in Sweden).
8. Data Security
We take appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. Only authorized personnel who need access to perform their duties are granted access to your personal data.
9. Cookies
On www.keralase.se, we use cookies and similar technologies to enhance user experience, personalize content and ads, and analyze traffic. Cookie settings are managed through a consent tool provided by Cookiebot by Usercentrics, which appears as a pop-up during your first visit. You can change your cookie settings or withdraw your consent at any time via the cookie settings link on our website.
Types of Cookies We Use May Include:
Necessary Cookies: Required for the website to function properly and cannot be switched off in our systems.
Analytics and Performance Cookies: Help us understand how visitors use our website so we can improve the user experience.
Functional Cookies: Remember settings and choices you make (e.g., language).
Marketing Cookies: Used to tailor ads and marketing to your interests.
10. Changes to This Policy
We may update this policy as needed to reflect changes in our business operations, legal requirements, or technical developments. The latest version of our Privacy and Cookie Policy will always be available on www.keralase.se.
11. Contact Information
If you have any questions about this policy or how we process personal data, please contact us at:
Gold Factory AB (Keralase)
Corporate ID: 559043-1242
