Geggamoja's privacy policy

At Geggamoja, your privacy is important. We only collect the information we need and we never share it with unauthorized parties.

  • When you shop with us, we need your information to be able to deliver your order, take payment and help you with questions or complaints.

  • When you contact us, we use your information to provide you with fast and accurate service.

  • When you participate in competitions or receive offers, we use your information to stay in touch and send relevant news.

  • When required by law, we save data, for example for accounting purposes.

You always have control over your personal data: you can access it, correct errors, opt out of marketing or ask us to delete it.

Read our full policy below

What is meant by personal data?

Personal data is information that can be linked to you as an individual, such as name, address, email, telephone number or social security number. Orders and purchase history can also be considered personal data.

That we “process” personal data simply means that we store or use it in some way – for example, to be able to ship your order or answer questions from customer service.

Therefore, we collect data

We use your information to provide you with the best service. Here are the most common reasons:

  • When you shop with us
    We need information to be able to deliver your order, take payment, send notifications and handle any complaints.

  • When you contact customer service
    In order to answer questions and help you, we need access to information about your purchase and your contact details.

  • When you participate in competitions or events
    We use your information to confirm registrations, stay in touch, and deliver prizes.

  • When we send news and offers
    If you have given your consent, we will use your information to send you inspiration, product news, offers and invitations.

  • When required by law
    We must save certain information by law, for example for accounting and product safety.

  • To make your experience better
    We sometimes use your purchase history or how you use our webshop to show relevant products and remind you of shopping carts you have left behind.


How long do we store your data?

We never store data longer than we need to. For example:

  • Orders must be saved for 7 years according to the Accounting Act.

  • Customer service cases are saved for up to 12 months .

  • Marketing data is saved until you stop, or for a maximum of 3 years after your last purchase.

  • Competitions and events are deleted no later than 6 months after completion.

When do we share information?

We only share your information with trusted partners who help us deliver our services, such as:

  • Payment providers (Qliro, Klarna).

  • Delivery companies (PostNord, DHL, etc.).

  • IT and system suppliers who run our webshop.

They may only use the data in the way we have determined and in accordance with the GDPR.

If data is stored outside the EU

Sometimes personal data may be processed outside the EU/EEA (e.g. if we use an IT provider with servers there). In such cases, we always ensure that there is an approved protection, such as the EU standard contract.

Your rights

As a customer, you always have control over your data. You have the right to:

  • Find out what information we have about you.

  • Get incorrect information corrected.

  • Ask us to delete your data (unless we are required to keep it by law).

  • Say no to direct marketing.

  • Get your data in a format that can be transferred to another party (data portability).

  • Withdraw your consent if you have previously agreed to, for example, newsletters.

If you want to exercise any of your rights, just contact us at kundtjanst@geggamoja.com

Frequently asked questions about personal data

  • Cookies are small text files made up of letters and numbers that are sent from our web server and stored on your browser or device. At geggamoja.com we use the following cookies: 1) Session cookies (a temporary cookie that expires when you close your browser or device). 2) Persistent cookies (cookies that remain on your computer until you delete them or they expire). 3) First-party cookies (cookies set by the website you are visiting). 4) Third-party cookies (cookies set by a third-party website. We use these primarily for analytics,

    e.g. Google Analytics.). 5) Similar technologies (technologies that store information in your browser or on your device in a way similar to cookies). The cookies we use generally improve the services we offer. Some of our services need cookies to function properly, while others improve the services for you. We use cookies for overall analytical information regarding your use of our services and to save functional settings such as language and other information. We also use cookies to be able to target relevant marketing to you.

    Can you control the use of cookies? Your browser or device gives you the ability to change the settings for the use and scope of cookies. Go to the settings for your browser or device to learn more about how to adjust your cookie settings.

    How is your personal data protected? Only those people who actually need to process your personal data in order for us to fulfill our stated purposes have access to it.

    We may make changes to our privacy policy. The latest version of the privacy policy can always be found here at www.geggamoja.com

  • We are open and transparent about how we process your personal data and if you would like to gain deeper insight into what personal data we process about you, you can request access to the data.

    Please note that if we receive a request for access, we may ask for additional information to ensure efficient handling of your request and that the information is provided to the correct person.

    Right to rectification. You can request that your personal data be corrected if the data is incorrect.

    Right to erasure. You may request the erasure of personal data we process about you if: The data is no longer necessary for the purposes for which it was collected or processed. You object to processing for direct marketing purposes. The personal data is being processed unlawfully. The personal data must be erased to comply with a legal obligation to which we are subject.

    Please note that we may have the right to refuse your request if there are legal obligations that prevent us from immediately deleting certain personal data. These obligations arise from accounting and tax legislation, banking and money laundering legislation, but also from consumer law.

    Right to object to certain types of processing. You always have the right to opt out of direct marketing and to object to all processing of personal data based on a balancing of interests. YOU have the opportunity to object to your personal data being processed for direct marketing. The objection also includes the analyses of personal data (so-called profiling) that are carried out for direct marketing purposes. Direct marketing refers to all types of outreach marketing measures (e.g. via post, email and SMS).

    Marketing measures where you as a customer have actively chosen to use one of our services or have otherwise sought us out to find out more about our services are not considered direct marketing (e.g. product recommendations or other features).

    If you object to direct marketing, we will stop processing your personal data for that purpose and will cease all types of direct marketing activities. Please contact us at kundtjanst@geggamoja.com.

    Remember that you always have the opportunity to influence which channels we use for mailings and personal offers - by opting out of the service. Contact kundtjanst@geggamoja.com

    Right to data portability. If our right to process your personal data is based either on your consent or the performance of a contract with you, you have the right to request that the data concerning you that you have provided to us be transferred to another data controller (so-called data portability).

    A prerequisite for data portability is that the transfer is technically possible and can be automated.

    How do we handle your personal identification number? In cases where it is necessary for us to be able to offer our services, we share your personal identification number with personal data processors for payment solutions (card acquiring companies, banks and other payment service providers).

  • We never store your personal data for longer than necessary, a maximum of 5 years.

  • We always strive to process your personal data within the EU/EEA and all of our own IT systems are located within the EU/EEA. However, in the case of system support and maintenance, we may be required to transfer the information to a country outside the EU/EEA, e.g. if we share your personal data with a data processor who, either itself or through a subcontractor, is established or stores information in a country outside the EU/EEA. In these cases, the processor may only access the information that is relevant for the purpose (e.g. log files). Regardless of the country in which your personal data is processed, we take all reasonable legal, technical and organizational measures to ensure that the level of protection is the same as within the EU/EEA. In cases where personal data is processed outside the EU/EEA, the level of protection is guaranteed either by a decision from the EU Commission that the country in question ensures an adequate level of protection or by the use of so-called appropriate safeguards.

  • In addition to the information you provide to us, or that we collect from you based on your purchases and how you use our services, we may also collect personal information from someone else. The information we collect from third parties is as follows: 1) Address information from public records to ensure that we have the correct address information for you. 2) Creditworthiness information from credit rating agencies, banks or information companies.

    Who may we share your personal data with? Data processors. In cases where it is necessary for us to be able to offer our services, we share your personal data with companies that are so-called data processors for us. A data processor is a company that processes the information on our behalf and according to our instructions. We have data processors who help us with: 1) Transport (logistics companies and freight forwarders). 2) Payment solutions (card acquiring companies, banks and other payment service providers). 3) Marketing (print and distribution, social media, newsletter providers). 4) IT services (companies that handle the necessary operation, technical support and maintenance of our IT solutions).

    When your personal data is shared with data processors, it is only for purposes that are compatible with the purposes for which we have collected the information. We check all data processors to ensure that they can provide sufficient guarantees regarding the security and confidentiality of personal data.

    We have agreements with all data processors through which they guarantee the security of the personal data processed and undertake to comply with our security requirements.

    Companies that are independent data controllers. We also share your personal data with certain companies that are independent data controllers. The fact that the company is an independent data controller means that we do not control how the information provided to the company is processed. Independent data controllers with whom we share your personal data are: 1) Government authorities (the police, the tax authorities or other authorities) if we are obliged to do so by law or in the event of suspicion of a crime. 2) Companies that provide public goods transport (logistics companies and freight forwarders). 3) Companies that offer payment solutions (card acquiring companies, banks and other payment service providers). When your personal data is shared with a company that is an independent data controller, the company's privacy policy and personal data processing apply.



  • Geggamoja AB, corporate ID no. 556761-4671, is the data controller for the company's processing of personal data.