Personal data policy

1. General

1.1 The data policy stated below describes how CIHA handles all personal data in accordance with applicable personal data law.

1.2 The personal data policy concludes agreements with guest and customers on delivery, purchase and sale on after providing their personal data.

1.3 CIHA holds the responsibility for handling all personal data. For any questions and general enquiries, please view contact information under article 7.

2. Personal data, purpose and personal data law – how and why

2.1 When a customer visits our website, we automatically collect personal data such as which browser is being used, search history, IP-address and location.             

2.1.1 The purpose of collection and processing of personal data is to give the customer the best possible user experience, to optimize and improve our website and for use in marketing, including retargeting through Facebook and Google. The administration of this information is used to improve our services and thereby be able to show you the very best offers possible.

2.1.2 The collection and processing of personal data will always be performed in accordance with the EU General data protection regulation (GDPR), article 6.1, schedule f.         

2.2 When the customer makes a purchase or communicates anything on our website, we collect the information stated by the customer such as Name, Address, Phone Number, E-mail Address, Payment method and product/purchase information.

2.2.1 The purpose of collecting this information is to deliver the purchased items correctly and to respect our responsibilities as agreed with the customer, regarding rights, returns and complaints. Purchase information is also used to fulfill legal requirements according to the Danish Bookkeeping Law and financial reports.   

2.2.2 The collection and processing of personal data will always be performed in accordance with the EU General data protection regulation (GDPR), article 6.1, schedule b,c and f.

2.3 When a customer signs up for CIHA’s newsletter, we collect data on Name and E-mail address.

2.3.1 The purpose is to send the newsletter to the customer correctly

2.3.2 The collection and processing of personal data will always be performed in accordance with the EU General data protection regulation (GDPR), article 6.1, schedule f.

3. Sharing of personal data

3.1 The customers personal data regarding Name, Address, E-mail address, phone number, order number and delivery requirements are shared with PostNord, DAO, GLS or any chosen hauler. If the purchased item is out of stock, we share the personal data with the manufacturer or sales representative of the item in question and this third party will oversee the delivery.

3.2 Personal data may be shared with external business partners, who handle the information on our behalf. Our external partners handle technical services, website improvements, mailing of newsletters, marketing and retargeting and customer ratings of our products and services. For example, we share data with Trustpilot, who may send the customer an invitation on CIHA’s behalf, to rate our services on Trustpilot’s website. If the customer decides to rate CIHA, Trustpilot will undertake the responsibility for handling the personal data given in the rating. The overall responsibility for personal data lies with CIHA and our business partners are under obligation not to use the personal data other than in agreement with CIHA. To honor this responsibility, we have written agreements with all our business partners.

3.3 Three of our business partners are based in America: Google Analytics, Facebook and Mailchimp of the Rockets Science Group. Sharing of personal data to America and security hereof is described in The General data protection regulation. (EU-U. S Privacy Shield, article 45).

3.3.1 Google data certification:

3.3.2 Facebook data certification:

3.3.3 Rocket science certification:

4. Customer rights

4.1.1 As CIHA handles personal data, we are responsible for informing the customer about various rights according to applicable law.
4.1.2 The customer has the right to ask about saved personal data at any time and has the right to be informed about the data we have collected, the purpose of this and sharing data with a third party.

4.2.2  The customer has the right to receive a copy of saved personal data. The request is sent to  and will be handed to the customer, after we have received documentation of ID.

4.3 The customer is always intitled to demand the correction and updating of personal data. We will correct any mistaken data after receiving a written request of alterations.

4.4 Customer rights regarding deletion of personal data

4.4.1 In some cases the customer has the right to have personal data deleted. This may be possible if the customer wishes to withdraw consent and CIHA cannot find just cause to keep the data. In the case, where keeping the data is necessary for CIHA to uphold our legal obligations, we are not under the obligation by law to delete the data.

4.5 Customer rights regarding restricted use of data

4.5.1 In some cases, the customers may request limited use and keeping of personal data.

4.6 Customer rights regarding data portability

4.6.1 In some cases, the customer has the right to receive our collected personal data in a clear and readable format and hand the responsibility over to another party.

4.7 Customer rights regarding objection

4.7.1 The customer always has the right to object to our use of personal data that is used in our marketing strategies at CIHA.

4.7.2 The customer always has the right to object to our use of personal data due to various personal reasons and can apply to changes in compliance with our legal obligation.

4.8 Customer rights regarding withdrawing consent

4.8.1 The customer has the right to withdraw consent at any time, regarding the use of personal data in marketing and public profiling. Withdrawing consent must be sent in writing to

4.9 Customer complaints

At any time, the customer has the right to send a complaint regarding our use of personal data directly to The Danish Data Protection Agency, Borgergade 28, 5, 1300 Copenhagen K, by mail at or by phone + 45 33 19 32 00.

5. Deletion of personal data

5.1 Personal data collected by CIHA is deleted no later than 5 years after being active on our website.

5.2 Personal data collected in regards to our newsletter may be deleted if the customer no longer wishes to receive the newsletter, unless we have any other just cause to keep the data.

5.3 Personal data collected in a purchase situation on our web shop will as a rule be deleted after 2 years. However, the data may be stored by CIHA if we have just cause to do so, for example regarding legal claims and obligations. Data used in financial reports will be kept for 5 years in compliance with The Danish Bookkeeping Act.

6. Security

6.1 CIHA has implemented various technical and administrative security measures to protect the collected personal data from being destroyed, lost or accidently shared with other parties.

6.2 Collected personal data is only handled by authorized staff members for use in necessary administrative tasks.

7. Contact information

7.1 CIHA is alone responsible for the personal data collected on our web site.

7.2 Any questions regarding the personal data policy should be sent to:


Skovstjernevej 33

8920 Randers NV

Phone: 88 44 43 44


8. Alterations of our personal data policy

8.1 If CIHA makes any alterations regarding our personal data policy, it will be visibly stated on our web shop.

8.2 If the customer has signed up for our customer-club, alterations regarding personal data policy will be sent by e-mail to the address given by the customer.

9. Versions

This version of CIHA’S personal data policy was updated 21. September 2018.