COOKIE POLICY

Cookies settings

ELESA SCANDINAVIA AB provides below the information regarding the processing of your personal data stored on your terminal equipment when you are browsing the website (“Site”) pursuant to art. 13 of Regulation 2016/679 (“GDPR”) and article 5 nr. 3 of Directive 2002/58/EC ("ePD”) incorporated into section 3-15 of the Norwegian Electronic Communication Act (LOV-2024-12-13-76) and guidelines from the Norwegian Data Protection Authority (“Datatilsynet”) and the Norwegian Communications Authority (“Nkom”).

  1. Identity and contact details of the controller

    ELESA SCANDINAVIA AB, VAT SE556639028101, CRN 556639-0281, which is registered in Sweden, at the address Djupdalsvägen 27, SE-192 51 Sollentuna, e-mail info@elesa.se, telephone +46 8 444 4430 (hereinafter also “Data Controller” or “Elesa”).

  2. Categories of data processed

    The Data Controller processes data, browsing data; specifically, the Site uses cookies as further described below.

    What are cookies?

    Cookies are small text files sent to the user’s device (usually to the user’s browser) by the websites the user visits when the latter accesses such websites for the purpose of storing and transporting information. They are stored so that they can recognize that device on the next visit. On each subsequent visit, in fact, cookies are resent from the user's device back to the site.

    Each cookie generally contains the name of the server from which the cookie was sent and the expiration date and value, usually a unique number randomly generated by the computer.

    First party and third-party cookies

    Cookies can be installed not only by the same owner of the site browsed by the user (first-party cookies), but also by a different site that installs them through the first site (third-party cookies) and is able to recognize them. This happens because on the browsed site there may be elements (images, maps, sounds, links to web pages of other domains, etc.) that are stored on servers other than that of the browsed site.

    Technical, analytical and profiling cookies

    Depending on the purpose, cookies can be divided into technical cookies, analytical cookies and targeting and advertising cookies.

    Technical cookies are stored for the sole purpose of "carrying out the transmission of a communication over an electronic communications network or as strictly necessary for the provider of an information society service explicitly requested by subscriber or user to provide the service" " (see art. 5.3 of the ePD, which has been incorporated into section 3-15 of the Nw. Electronic Communication Act).

    These cookies allow the user to navigate the websites and use their functionality (so-called "essential" or "strictly necessary"). They are usually used to enable efficient navigation between pages, store user preferences (language, searches performed, etc.) store information about specific user configurations, perform user authentication, store items in the shopping cart during online purchases, etc.

    Pursuant to section 3-15 of the Nw. Electronic Communication Act, technical cookies do not require consent, but it should be explained to the user what they do and why they are necessary or important in order for the user to use the website.

    Analytical cookies (also known as “Statistic cookies” or “Performance cookies”) collect information about how you use a website, which pages you visited, and which links you clicked on in order to improve website functions.

    Analytical cookies, unless these are necessary for the function of the website or important for the user, require the users’ consent.

    Targeting and advertising cookies are used to track the users’ browsing, analyse their behaviour for marketing purposes and create profiles on their interests so as to transmit targeted ads in line with the preferences expressed when browsing online. These cookies, section 3-15 of the Nw. Electronic Communication Act, may be installed on the user´s device only if the user has given his/her consent after being informed (publication on the site of a "short" notice/policy contained in a banner that appears immediately on the home page (or other page through which the user can access the site), which refers to an "extended" notice/policy, which is accessed through a clickable link by the user).

    Permanent and session cookies

    Based on their duration, cookies are distinguished into persistent, which remain stored until they expire, on the user's device, subject to removal by the user, and session cookies, which are not stored persistently on the user's device and vanish when the browser is closed.

  3. What are the cookies used by this Site?

    Technical cookies

    The Site uses cookies or other technical tools installed for the purposes indicated below, for which the prior consent of the users is not required pursuant to section 3-15 of the Nw. Electronic Communication Act.

    Below, the name, purpose of use, the first or third party to which it refers, and duration are reported for each cookie used.

    Name First or third party Purposes Duration
    CompareItems_<storeid> First Cataloging Entry IDs of the products purchased. Session
    cookieconsent_dismissed First Cookie consent custom library. 1 year
    didomi_token First This cookie contains consent information for personalized purposes and for personalized partners, as well as information specific to Didomi (e.g. user ID). 11 months
    euconsent-v2 First This cookie contains the chain of consent for the IAB's "Transparency and consent framework" as well as the consent information for all IAB standards (partners and purposes). 11 months
    homeSlider_LastViewedInitialSlide First Allowing the homepage slider. 1 year
    JSESSIONID First Maintaining an anonymous user session. Session
    last-search-term First Memorizing the last searched term on search box. Session
    priceMode First Display mode for showing prices in the storefront. Session
    searchTermHistory First Memorizing the last searched term on search box. Session
    slider__featuredProducts_piuVisti_NextInitialSlide
    slider__featuredProducts_ultimeNovita_NextInitialSlide
    slider__featuredProducts_ultimeNovitaUSA_NextInitialSlide     		First Allowing the page to show featured products. 1 year
    storeChecker First Geolocating the user's country of origin (via IP address) to suggest the user from country other than the Website to reach the Elesa branch Website of the user's country. Session
    WC_ACTIVEPOINTER
    WC_AUTHENTICATION_<userid>
    WC_CartOrderId_<storeid>
    WC_CartTotal_<orderid>
    WC_DeleteCartCookie_<storeid>
    WC_LogonUserId_<storeid>
    WC_PERSISTENT
    WC_recurringOrder_<orderid>
    WC_SESSION_ESTABLISHED
    WC_timeoffset
    WC_USERACTIVITY_<userid>     		First Ensuring the functionality and security of e-commerce services (e.g., storing user preferences such as language and currency, keeping users authenticated in ssl, dynamic caching systems to allow pages already viewed by the user to load faster, saving products in the shopping cart and order during the session). Session
    _GRECAPTCHA Google In order to activate reCAPTCHA service offered by Google for security purposes and, in particular, to prevent automated software ("bots") from using the Website pretending to be users. 179 days

    It should be noted that the Site uses YouTube's "Privacy Enhanced Mode" feature and, therefore, a user's viewing of a video on the Website will not be used to personalize the user's browsing experience on YouTube, nor within the Site.

    The Data Controller, by using the cookies specified above, processes – for the purposes explained – the following categories of data: IP address, URI (Uniform Resource Identifier), time of the request, method used to request submission to the server, information on cookie preferences, authentication data, language/currency selected, research done, etc.

    Anonymised analytical cookies

    The Site uses analytical cookies created and made available by third parties to statistically analyse access or visits to the Site, to allow the Data Controller to improve its structure, navigation logic and contents and to collect information on the use of the Site.

    For further details and information, you can visit the following link: https://support.google.com/analytics/answer/1011397

    These cookies, suitably anonymised (by masking out significant portions of the IP address), allow the collection of aggregate information on the number of users and how they visit the Site without being able to identify the individual user. For these tools, as indicated above, the prior consent of the users is required pursuant to section 3-15 of the Nw. Electronic Communication Act.

    Below, the name, purpose of use, the first or third party to which it refers, and duration are reported for each cookie used.

    Name First or third party Purposes Duration
    _ga_* First Cookies of Google Analytics used to distinguish unique users. 1 year
    _gid First Cookies of Google Analytics used to store information of how visitors use the Website. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form. 1 day
    _ga First Cookies of Google used to distinguish unique users by assigning a randomly generated number as an identifier. It is included in every page request on the Website and used to calculate visitor, session and campaign data. 2 years
    _gat First Cookies of Google Universal Analytics used to limit the request rate, limiting the collection of data on high traffic Websites. 1 minute
    _gid First Cookies of Google Analytics used to store and update a unique value for each page visited and is used to count and track page views. 1 day
    NID Google Saving the user's preferences and other information, such as preferred language, the number of search results to be displayed on the page as well as the decision as to whether the Google SafeSearch filter should be activated or not. 6 months
    1P_JAR Google Collecting Website statistics and track conversion rates. 30 days
    CONSENT Google Saving the user's preferences and other information, such as preferred language, the number of search results to be displayed on the page as well as the decision as to whether the Google SafeSearch filter should be activated or not. 2 years
    DV Google Saving the user's preferences and other information, such as preferred language, the number of search results to be displayed on the page as well as the decision as to whether the Google SafeSearch filter should be activated or not. 1 day
    SIDCC Google Confirming visitor authenticity, prevent fraudulent use of login data and protect visitor data from unauthorized access. 3 months
    SSID Google Saving the user's preferences and other information, such as preferred language, the number of search results to be displayed on the page as well as the decision as to whether the Google SafeSearch filter should be activated or not. 2 years
    SID Google For session state management. Session
    HSID Google For security purposes, i.e., to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorised parties. 2 years

    Targeting and advertising cookies

    The Site uses targeting and advertising cookies created and made available by third parties through which it is possible to monitor users while they are browsing, tracing, and storing their preferences and thus creating profiles that allow personalisation of messages in line with their interests on the above-mentioned domains. For these tools, as indicated above, the prior consent of the users is required pursuant to section 3-15 of the Nw. Electronic Communication Act.

    Below is the name of the tool, the third party to which it refers, the purpose of its use and its duration, as well as the link to the privacy policy of that third party.

    Name First or third party Purposes Duration
    __Secure-1PAPISID
    __Secure-1PSID
    __Secure-1PSIDCC
    __Secure-1PSIDTS
    __Secure-3PAPISID
    __Secure-3PSID
    __Secure-3PSIDCC
    __Secure-3PSIDTS
    __Secure-ENID     		Google Building a profile of website visitor interests to show relevant and personalized ads through retargeting. 1 year
    __Secure-BUCKET Google Building a profile of website visitor interests to show relevant and personalized ads through retargeting. 3 months
    _ga Google Cookie offered by Google, used to distinguish unique users by assigning a randomly generated number as an identifier. It is included in every page request on the website and used to calculate visitor, session and campaign data. 2 years
    APISID Google Personalizes Google ds on websites based on recent searches and interactions. 2 years
    OGP
    OGPC     		Google Monitoring the use and enable the functionality of Google Maps. 1 month
    SAPISID Google Allowing Google to collect visitors’ information for videos hosted by YouTube. 1 year
    SEARCH_SAMESITE Google Collecting information on the use of the Website by visitors each time web pages containing Google services are visited. This cookie is used for the correct sending of data to Google. 3 months
    AEC Google ‘AEC’ cookies ensure that requests within a browsing session are made by the user, and not by other sites. These cookies prevent malicious sites from acting on behalf of a user without that user’s knowledge. 6 months
    _gcl_au Google Cookie of Google AdSense used to test the efficiency of ads on websites that use their services. 3 months

    The Data Controller, by using such cookies, processes the following categories of data: information on the most visited pages and products viewed.

    The Site uses Google's “Enhanced Conversions” feature, which only works with your prior consent to the use of targeting and advertising cookies and allows Elesa to more accurately measure conversions (completed purchases, newsletter subscriptions, etc.) made by users on the Site.

    This feature involves the collection of “first party” personal data (e.g., your email address), its secure hashing (using the SHA256 algorithm), and its transmission to Google so that Google can reattribute, on behalf of Elesa, conversions from an advertising campaign carried out via Google Ads. To do this, conversions are matched with data collected on the Site and with connected Google accounts that have interacted with an advertisement.

    For more details and information, please visit the following link About Enhanced Conversions.

    Simply change your profiling cookie preferences as described in paragraph 6 by deselecting the “Targeting and advertising cookies” button to withdraw your consent to the use of targeting and advertising cookies and thus stop the processing of your data via the “Enhanced Conversions” feature and its transmission to Google”.

  4. Provision of data

    By browsing the Site, the provision of your personal data is necessary to give effect to the computer and telematic protocols.

    This is without prejudice to your freedom to give or not to give consent to targeting and advertising cookies and analytical cookies using the above-mentioned tracking tools.

  5. Categories of recipients - Data transfers to third countries

    Data may be processed, on Data Controller’s behalf, by third parties appointed as processors or sub-processors, who are provided with suitable operating instructions, i.e.:

    • hosting providers or e-mail platform/service providers;
    • companies authorized to perform technical maintenance (including maintenance of network equipment and electronic communications networks);
    • companies that provide management services of the Site;
    • Elesa S.p.A. which provides services to ELESA SCANDINAVIA AB, in particular with regards to the management of the website.

    Data may be disclosed to autonomous data controllers, such as authorities and supervisory and regulatory authorities and, more generally, public, or private entities, legally authorized to access to data, as well as to third party providers (or vendors) specified in the tables above containing the list of cookies, in which the link to the relevant policy is also provided.

    In case the aforementioned entities are based and operate in countries outside the European Union and the European Economic Area (i.e., transfer of data to "third" countries), where such countries have been deemed adequate by the European Commission the Data Controller will rely on an adequacy decision adopted by the European Commission such as “the data privacy framework” for data transfers to the USA. Where such countries have not been deemed adequate by the European Commission, one of the "transfer tools" referred to in Article 46 of the GDPR, such as standard contractual clauses, will be used. In addition, data are processed by Data Controller’s employees who have been expressly authorized to process such data for the above-mentioned purposes and have received adequate operating instructions.

  6. Procedures for giving and withdrawing consent to targeting and advertising cookies and analytical cookies

    Targeting and advertising cookies and analytical cookies will be installed on your devices only if you give your consent, expressed by selecting the "Agree and close" button inside the banner containing the short notice. Consent to the use of cookies is recorded with a special "technical cookie".

    Where you click the “Disagree and close” button, the Site will use only technical cookies.

    To express more specific preferences and configure your choices with respect to cookies, you may click on "Learn more".

    You can always change your preference by clicking on the link “Cookie Policy” located at the bottom of each page of the Site. However, users can also express their preferences regarding cookies through the settings of the browser used. Even if the web browser used by the user is set to automatically accept cookies, users can change the default configuration through the settings, deleting and/or removing all or some cookies, blocking or limiting cookies from being sent to certain websites.

    Different browsers offer differing ways to configure your browser's cookie settings. Find out how to manage cookies on popular browsers:

    For browsers other than the ones listed above, please consult the related guide.

  7. Your rights

    You may exercise your rights under Articles 15 to 22 of GDPR using the contact details highlighted in par. 1, in addition to what is pointed out in the previous paragraph, you have the right:

    1. to obtain the confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access the data concerning you in accordance with Article 15 GDPR,
    2. to obtain the rectification of inaccurate data,
    3. to have incomplete data completed,
    4. to obtain the erasure of data in the cases provided for by Article 17 GDPR,
    5. to obtain restriction of processing in the cases provided for by Article 18 GDPR,
    6. to object, at any time, on grounds relating to your own particular situation, to the processing carried out in the legitimate interest of the Data Controller,
    7. where the processing is based on consent or contract and is carried out by automated means, to receive the data in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

    Furthermore, you shall have the right to lodge a complaint with the competent Supervisory Authority in the Member State of your habitual residence, place of work or place of the alleged infringement.

    The contact details of the Norwegian Data Protection Authority (DPA) are:

    Datatilsynet (https://www.datatilsynet.no/en/).