This page describes how cookies are used on this website, and how personal information is processed.
1.1. What is a cookie?
A cookie is a small text file that a website stores on your computer or your mobile device when you visit the site.
1.2. What are cookies used for?
When you visit our website, information about you will be collected that is used to customise and improve our content.
1.3. How are cookies deleted?
If you do not want information to be collected, you can delete the cookies that are on your computer at any time. Refer to your browser’s help function for information on how to do this.
If you delete or block cookies, you may risk the website not working properly, and there may be content you are unable to access.
- To remember your actions and settings (such as login, language, font size and other display settings) for a certain period so you do not need to change the settings each time you access the site or navigate from one page to another.
- Measuring traffic and statistics of visitors’ use of the homepage.
1.5. Which cookies are used?
Below, you can see which cookies are used by no.amka-group.com and our partners.
In addition, cookies are used to register whether the user has viewed pop-ups or participated in polls and competitions.
If you choose to delete your cookies, this may result in these pop-ups appearing again during a later visit.
No sensitive payment information will be saved or registered in cookies or in other ways.
Embedded cookies from other websites
Pages on this site can contain embedded content, for example, video, images, maps and similar. Embedded content from other websites behaves just as if the visitor were visiting the other website.
If you do not want your visits to be registered with Google Analytics, you can use this tool: tools.google.com/dlpage/gaoptout
Personal data collected through cookies is never disclosed to third parties. Cookies used by third parties are only used for statistics and measuring traffic.
2. Personal data
The purpose of AMKA AS’s personal data policy is to explain how we collect, protect and use information that can be attributed to a specific person.
This personal data policy includes our processing of personal data collected about you as a customer of AMKA AS when you used the website/online shop under the domain name no.amka-group.com and when you signed up to receive newsletters.
When you visit a page on Facebook or Instagram managed by AMKA AS, this page is subject to Facebook’s data policy: facebook.com/privacy/explanation
Personal data is all kinds of information that can be attributed to you in one way or another. When you use our website, we collect and process a range of such information. This takes place e.g. by general access to content, if you sign up for our newsletter, participate in competitions, make other use of services or make purchases through the website.
2.2. What personal data do we collect?
We typically collect and process the following types of data: A unique ID, technical information about your computer, tablet or mobile phone, your IP address, purchase history and information about your activities, including enquiries, orders, interests, focus areas, searches, etc.
If you enter the information yourself, the following data is also processed: Name, telephone number, e-mail, address and payment information. This will typically be in relation to the creation of a login or during purchase.
2.3. When do we collect personal data?
The collection of personal data takes place when you use the website and/or the online shop under no.amka-group.com, and when you sign up to receive our newsletter.
We can also receive all forms of personal data and other information about you from business partners.
Finally, we automatically receive and register information in our server logs from your browser, including IP addresses, among other things.
2.4. Why do we collect personal data?
AMKA AS needs to process personal data about you in order to operate the website as best as possible.
In order to manage a customer’s wishes and queries, and to be able to enter into agreements with customers, there is a need to process customers’ contact data (name, address, e-mail address, phone numbers).
In order to be able to develop and deliver concepts and products and related services within areas related to wine, beer, spirits and the like, processing of personal data may also be applicable.
Personal data is also used to manage whether you have signed you up for our newsletter or competitions, for registering your purchases and payments, and to be able to provide the services you have requested, such as receiving newsletters.
We also use the data to optimise our services and content.
Personal data may also be necessary to clarify the distribution of our products and services.
AMKA AS undertakes only to process personal data to the extent that it is necessary for the purposes stated above.
2.5. How do we protect personal data?
We have taken technical and organisational measures to prevent your data from being accidentally or illegally deleted, published, lost, impaired or brought to an unauthorised party’s knowledge, misused or otherwise processed in conflict with the law.
2.6. How long will personal data be stored?
The information will be stored for the amount of time that is permitted by law, and we delete the data when it is no longer necessary. The period depends on the nature of the data and the reason for storage. It is therefore not possible to specify a general time frame for when all information will be deleted.
2.7. Is personal data disclosed to third parties?
We will not sell your personal data to third parties.
If necessary, we will however disclose your personal data to other companies, individuals or authorities.
If we have obtained your consent for this, disclosure of your personal data may take place. If you have consented to this, the data about your use of the website, information on the products you have ordered, etc. could be disclosed to third parties to the extent this information is known.
If we need to share this information to be able to provide the product or the service you have requested, your personal data may possibly be disclosed. This could be the case e.g. when disclosing your name, address, e-mail and phone number to a carrier is necessary to ensure the delivery of your goods.
If we respond to summons, court orders or other legal action, it may be possible that your personal data is disclosed.
If we are obliged to disclose data by law, your personal data may be disclosed.
We also use a number of third parties for storing and processing data. These exclusively process data on our behalf and must not use it for their own purposes.
We only use data processors in the EU or in countries that can provide adequate protection for your data.
2.8. What rights do you have?
You have a number of rights under Chapter 3 of the General Data Protection Regulation, which will be described below.
I. Right of access by the data subject
Your right of access includes the information that we have registered about you at the time of your request of access. You may, at any time, request information about the processing of information about you and, if applicable, the personal data that we process.
Your right of access follows from Article 15 of the General Data Protection Regulation, where you must be provided the following information upon your inquiry:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
- the right to lodge a complaint with a supervisory authority;
- where the personal data are not collected from the data subject, any available information as to their source;
- the existence of automated decision-making, including profiling, referred to in Article 22 and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
Your request can be sent by e-mail to AMKA AS, Sandakervein 24D F2, 0473 Oslo, Norge, e-mail: firstname.lastname@example.org.
The first copy of the information will be free of charge. For additional copies that you request, we are entitled to charge a reasonable fee for this, which is based on administrative costs.
We will try to answer your request without undue delay and no later than one month.
If we process a large amount of personal data about you, you will be asked to specify the information or processing activities that your request concerns before giving the information.
Please be aware that your right of access is in some cases limited. This is among other things if your right to access should be put aside for decisive considerations for private or public interests. See Article 23 of the General Data Protection Regulation.
II. Your right to rectification
We must correct your personal data, which appears incorrect or misleading, etc., if you make a request. Your right to rectification follows from Article 16 of the General Data Protection Regulation.
You can only request that your personal data is rectified to what is correct. The information that you may be entitled to get rectified is both objective and subjective incorrect data, such as:
- Objective incorrect personal data: Name, Address, Phone Number, etc.
- Subjective wrong personal data: Your attitude to, among other things, a matter or question.
If we correct your personal data, we shall also contact all recipients who have received the information so that they also make a correction, unless this proves impossible or disproportionate.
You can request to be informed about which recipients, we are contacting. This follows from Article 19 of the General Data Protection Regulation.
III. Your right to erasure
You can request us to delete your stored personal data. You can only request that your own personal data are to be deleted. Your right to erasure is governed by Article 17 of the General Data Protection Regulation.
We shall, upon receipt of your request, delete your personal data without undue delay, in the following situations:
- The storage of your personal data is no longer necessary to fulfill the purpose for which they were collected or otherwise processed.
- If you withdraw your consent and there is no other basis for processing.
- Your personal data has been processed illegally.
- Your personal data must be deleted in order to comply with a legal obligation under EU law or in Norwegian law, to which we are subject.
If we respond to a request for erasure of your personal data in whole or in part, we shall also contact all recipients who have received the information so that they also make a correction, unless this proves impossible or disproportionate.
You can request to be informed about which recipients, we are contacting. This follows from Article 19 of the General Data Protection Regulation.
If we have disclosed your personal data and are required to delete your personal data, we will take reasonable technical measures to notify other Data Managers of your request to delete all links to, or copies or representations of your personal data. This may be limited by, inter alia, the right to freedom of expression and information.
IV. Your right to restriction of processing
You are entitled to restriction of processing of your personal data if any of the following conditions apply:
- You dispute the accuracy of your personal data, and you are entitled to a limitation of processing until we have had the opportunity to determine if personal data is correct.
- The processing of your personal data is illegal and you oppose to the deletion of your personal data and instead request that the use of the personal data be restricted.
- If we no longer need your personal data for processing, but they are necessary for a legal claim to be established, enforced or defended.
- If you have objected to the processing, you are entitled to restriction of processing until we have had the opportunity to check whether our legitimate interests weigh heavier than your legitimate interests.
Your right to limited processing is governed by Article 18 of the General Data Protection Regulation.
Your request for limitation of processing should concern your own personal data, as we are not required to restrict the processing of other persons personal data unless you have a power of attorney to request a restriction of processing on their behalf.
Restricting the processing of your personal data means that we may retain collected personal data, whereas it is not permitted to process and use your personal data, including in particular to pass it on to third parties. This can, for example, be ensured by the transfer of your personal data to another processing system and thereby making your personal data inaccessible to our employees and any other users or that your published personal data is temporarily removed from a website.
We may only store your personal data after your request limitation of processing unless you consent to further processing or for the purpose of establishing, enforcing, defending, or protecting another legal or legal person or for the sake of important EU or national social interests.
The limitation of processing of your personal data is maintained until you receive notification from us that the restriction is terminated.
After we have received your request for restriction of processing your personal data, we should also contact all recipients who have received your personal data in order for them to also restrict processing unless this proves impossible or disproportionately difficult.
You can request to be informed which recipients, we are contacting. This follows from Article 19 of the General Data Protection Regulation.
You must be particularly aware that your right to restriction is in some cases limited. See Article 23 of the General Data Protection Regulation. This would be the case if you give your consent or if processing is needed for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
V. Your right to object to the processing
You can object at any time to our processing your personal data if the processing is made:
- For the purpose of a task in the public interest or in the exercise of public authority which we has been required.
- In order for us or a third party to pursue a legitimate interest, unless your interests, fundamental rights and liberties, which require special protection of your personal data, are preceded by our interest in pursuing legitimate interest.
Your right of objection follows from Article 21 of the General Data Protection Regulation.
We will weigh the above considerations and decide whether your objection is to be met.
If your objection is met and is therefore justified, the processing must no longer include your personal data. This could be if the processing is not legal, i.e. takes place in violation of the General Data Protection Regulation.
If we decide not to respond to your objection, processing may be continued until the date on which the Data Inspectorate may decide that the opposition was warranted. This could be if the processing is for statistical or scientific purposes.
You may refer our decision to the National supervisory authority pursuant to Article 77 of the General Data Protection Regulation, whereby the Authority will decide whether the objection to the processing is justified.
If your personal data is processed for direct marketing, you may at any time object to the processing of your personal data for this purpose. This free of charge. After you have objected to the processing of your personal data, it may no longer be used for this purpose.
If your personal data is processed for scientific or historical research purposes or for statutory purposes, you may, for reasons relating to your particular situation, object to the processing of your personal data unless the processing is necessary to perform a task in the public interest.
VI. Your right to data portability
If an electronic processing of your personal data is made, which is also based on your consent or as a result of the performance of a contract, you may be entitled to data portability. Your data portability right is governed by Article 20 of the General Data Protection Regulation.
Only the personal data you have provided to us are covered by the right to data portability. That means that our processing, e.g. the creation of an analyses based on your personal data, will not be included.
If you are entitled to data portability, it means that you are entitled in a structured, commonly used and machine-readable format, to receive your personal data and have the right to have these transmitted to another data controller without hindrance by us.
The right to data portability may in some cases be restricted by other people’s rights and freedoms, as your right to data portability may violate the aforementioned rights.
VII. Submit a complaint to the supervisory authority
You, or your representative, may file a complaint with the Data Inspectorate if you find that processing of your personal data is an infringement of the General Data Protection Act. This follows from Article 77 of the Data General Protection Regulation.
For example, you can Complain if you believe that:
- you will not receive the information that you are entitled to under the rules of insight;
- there is improperly posted information about you on the internet;
- there has been improperly disclosed information about you to a third party, or
- you have been wrongly registered as a bad payer, and the credit bureau refuses to delete you.
The national supervisory authority will then keep you informed of the progress and outcome of the complaint, including the possibility of using remedies under Article 78 of the General Data Protection Regulation.