Privacy policy

This privacy policy explains how Topro collects and processes personal data.

For you to be able to make a purchase on Topro.co.uk, we need your name, address, mobile phone number and email address.
This information is necessary to allow us to send your order to the correct delivery address, keep you up-to-date with the progress of your order and, if necessary, contact you in relation to your order.

We are obliged to retain order information in connection with accounting procedures, processing fees and duties, and any warranty/returns procedures necessary. This order history is deleted after ten years. We can also store the IP address used for placing the order for reasons of security.

We may need other personal data for other purposes. The personal data we may need and the purpose for collecting them are set out in this privacy policy.

The webshop Topro.co.uk is owned and operated by the company Topro Limited, and your privacy is important to Topro. It is also important to us that you understand how we process data about you. In this privacy policy, we explain factors such as which personal data we collect, how we collect them, and what we use them for.

What are personal data?

“Personal data” refers to all information that can be directly or indirectly linked to a physical person, including his/her name, postal address, email address, IP address and mobile phone number.

Who is the data controller?

Topro Limited is the “data controller” for the personal data we process. This means, for example, that we hold the principal responsibility and obligations under the Norwegian Personal Data Act.

A company that processes data on our behalf is called a “data processor”. Whenever we commission a data processor, we make sure to have a data processor agreement with the company in question, setting out how it may process the data to which it has access.

Which personal data do we process?

We collect personal data within the categories listed below, but that does not necessarily mean that we collect data from all categories for all customers.

  • Basic information such as name and contact details
  • Demographic information such as date of birth and gender.
  • Information about your customer relationship such as service and order information, payment information and contact with customer service.
  • Information concerning your use of our website (including date and time, which type of computer/smartphone, operating system and browser you are using, IP address, screen size, etc.).
  • Any other information that is collected on the basis of your consent. In such cases, when we request your consent we inform you about which specific data we are collecting and what they will be used for.

How do we collect personal data about you?

We collect information in a number of ways:

  • We receive personal data directly from you – when you purchase goods from us, for example, or contact our customer centre. We need this information in order to be able to supply the service you ordered, or to follow up on your enquiries.
  • We receive personal data indirectly from you in several ways. For example, we collect data when you use our services (e.g. our website). These data are important in allowing us to provide feedback, improve and adapt the services we offer you, or follow up in other ways.
  • We receive personal data from other sources when you contact us via the public sector or our partners. We also collect information from public registers – when you apply for a job, or in connection with “Blue Prescriptions”, for example.

You normally share your personal data with us on a voluntary basis. However, some information may be necessary to allow us to fulfil our obligations under an agreement you have entered into with us. This includes information we use for invoicing and the like.

What do we use the personal data for?

Topro uses personal data for the following purposes:

  • We process personal data in order to deliver products to you. We also process your information in connection with contact between you and our customer service department. In addition, we use data to help give you the best possible user experience by offering automatic login, for example, and adapting the on-screen content display.
  • Development and analysis: we process personal data to gain a better understanding of what our customers want, and to improve and develop our services.
  • We use both anonymised data and personal data for marketing purposes in accordance with the applicable legislation. These activities include the marketing of products and services, including defining target groups, adapting marketing to your profile, and distributing newsletters and other information you have requested.
  • We use personal data to assess candidates who apply for positions with us, in the form of either unsolicited applications or responses to job advertisements.
  • Information security and misuse of services: we may process personal data and traffic information to ensure a high level of security in all our services. We may also process personal data to detect or prevent various types of fraud and misuse.
  • We process personal data to fulfil our statutory obligations in the field of accounting, and to present information to competent authorities when required to do so under Norwegian law.
  • We may process your personal data for any other purpose to which you have specifically consented.

Why are we allowed to process your personal data?

Our processing of your personal data can be based on one or more of the following grounds:

  • your consent
  • fulfilment of agreements with you – regarding the purchase of products, for example
  • fulfilment of a legal obligation such as checking who has purchased which products, on account of warranties and possible recalls
  • protecting your vital interests
  • carrying out an assignment in the public interest
  • or for purposes linked to a legitimate interest.

How do we secure your personal data?

We have established routines and measures designed to ensure that non-authorised parties cannot access your personal data, and that all processing of information is otherwise carried out in accordance with applicable law. These measures include risk assessments, technological systems and physical procedures to safeguard data security, and routines for verifying requests for access and rectification.

With whom do we share personal data?

We share personal data with the other companies in our group to use for the same purposes for which the information was originally collected. We also share the data with our subcontractors to allow them to provide the agreed service. You can see a list of our data processors here.

We may also share personal data with public authorities when a statutory obligation to do so exists.

How long do we store personal data?

We store your personal data for as long as is necessary to fulfil the above-mentioned purposes regarding the processing of the data. However, this does not apply if we are legally required to store the data for longer than warranted by the purpose.

Anonymised information is not subject to limitations with regard to processing, because this information can no longer be linked directly or indirectly to an individual.

Your rights

Data protection legislation grants you a number of rights, including the right to access to, rectification and deletion of the personal data we have stored about you.

We are committed to ensuring that the personal data we have stored about you are correct and up-to-date. If you discover that the information we have stored about you is incorrect, we encourage you to contact us as explained below. This also applies if you would like us to delete the information we have stored about you.

As regards requests for deletion, exceptions apply to the information we need to have in order to be able to deliver a service you still wish to have access to, or when we are legally required to store the information for a specific period.

You are also entitled to what is known as “data portability”. This means, for example, that you are to have the opportunity to take your information with you in a machine-readable format.

You are also entitled to object to the processing of personal data, and to reject personal profiling and automated decisions. This means you can request that your personal data not be analysed to reveal information about your behaviour, preferences, capacities or needs. However, this does not apply if such processing is necessary to allow us to fulfil an agreement you have entered into with us, or if you have previously given your express consent to the processing.

If you believe that we are not complying with this privacy policy or the applicable legislation, you may submit a complaint to Topro or to the Data Protection Authority.

Use of cookies

We use what are known as “cookies” and similar technologies on our website. These cookies help us to adapt content specifically for you. You can find out more about how we use cookies here.

Changes to this privacy policy

As we are constantly developing our services, we may sometimes have to update our privacy policy. If the privacy policy is to be updated, the updated version of the policy will be published on our website. In the event of major changes, you may receive separate notification from us, either by email or when you visit our website.

How can you contact us?

If you wish to request access, rectification, deletion, etc. or if you have any questions about how we process your personal data, you can contact us by email to info@topro.co.uk