Cookies and privacy

May 2024

The Website is owned by Nøie ApS, Skelbækgade 4, 1717 Copenhagen, CVR no. 39359197 ("NØIE"), and operated by Nøie ApS (hereinafter "NØIE", "we", "us", "our" ).

Cookie Policy

We use cookies and some of these are necessary to keep our website functioning. Others are voluntary and are used to analyse our visitors, to make more relevant advertising, and to analyse these advertisements. We share this data with our advertising partners. By accepting cookies you give permission for us to use voluntary cookies. If you do not wish to use cookies then refrain from pressing accept or deactivate cookies in your browser.

We and our affiliates collect certain information using cookies. The use of cookies may result in the processing of personal data (as defined in our Privacy Policy) and we therefore recommend that you read our Privacy Policy below as well. By using the applications and / or the website ("Services"), you agree that we will use cookies on the Services as described below, unless you have disabled cookies in your browser.

What are cookies and what types of cookies do we use?

Cookies are small information units that the Services may place in your browser or your computer, smartphone or other electronic memory device. Cookies contain information that the Services use, for example, to make communication between you and your web browser more efficient. Cookies are common technology on the Internet and are also used in our Services. "Session cookies" are temporary sources of information that are deleted when you leave the Services. Session cookies are typically used to improve navigation and collect statistics. The services use session cookies. "Persistent cookies" are more permanent types of information stored and remain on your electronic device until deleted by you. Persistent cookies erase after a certain period, but are renewed every time you visit the Services. This type of cookie stores information on your computer / phone for a variety of purposes; e.g. to automatically log in. NØIE and our partners use the following cookies (i.e. third-party cookies) that we have no control over:

  • Microsoft Clarity
  • AWSALB
  • Shopify
  • Atlassian Jira
  • Cookie Information
  • YouTube
  • Snapchat
  • Google Analytics
  • Google Adwords
  • Facebook / Instagram
  • Klaviyo
  • Dixa
  • Segment
  • Trustpilot
  • PayPal
  • Google Pay

For what purposes do we use cookies?

These cookies help us gain a better understanding of how you use the Services; they are used to display applications and functionality to ensure that the user only has access to the information that he or she is entitled to, to optimise the user's experience, to assign a unique identification number to you, and to help you to remember your user ID and password when returning to the Services so that you do not have to log in again. We also use cookies to generate statistical information and for marketing purposes on NØIE-related platforms.

By using cookies, we collect information such as how often you visit the Services, how long you use the Services, your IP address, which pages you have seen, which site you visited just before you visited our website, which browser you use (for example, Internet Explorer, Safari, Google Chrome, Firefox), and whether your computer supports Flash, Java, and Javascript.

How do you avoid and delete cookies?

You can change your cookie preferences for the Services in your web browser setting; and here you can choose which cookies to accept, block or delete. Your browser's help feature tells you how to do this.

To delete cookies already on your device, if you are using a PC or newer browser, press CTRL + SHIFT + DELETE simultaneously. If keyboard shortcuts do not work in your browser, visit the support page for that browser.

The following are links to the most common browser support pages where you can find information on how to reject and delete cookies on your device:

Please note that if you do not accept cookies, you may not be able to access all parts or features of the Services.

Cookies

We use cookies to give you the best online experience.

Privacy Policy

This privacy policy describes our current policy and practice in regards to personal information which we collect on you via the website. This information is henceforth labelled personal information. The label “personal information” is a reference to identifiable information about you e.g. your name, birthdate, email address, postal address, phone number, or payment information.

Our privacy and security organisation

Our DPO
We have a Data Protection Officer (DPO) to oversee our data privacy and data protection measures and lead our compliance program to ensure that it is up to date and compliant.

If you have questions about the data processing activities that we carry out on your behalf, you are more than welcome to contact our DPO at privacy@noie.com.

Our security team
We have a highly skilled security team who govern our data protection and information security, and who are responsible for securing our product and services. When appropriate, we also engage external resources and experts.

Our DPO leads the security team.

Personal information that we gather

We can collect and process the following personal information about you:

  • Profile information, including first, middle, and last name, email address, and password. Information about questions, suggestions, and comments that you send us via the website when you are logged in.
  • Information about product preferences if you purchase or review them via the website.
  • Your phone number and address if you have shared this with us.
  • Cookie information (if these have been accepted) through your visit and use of the website, including your IP address, browser type, operating system, platform, geographical location, browsing time on specific pages and page views, information of whether you visit other websites that we operate or other services that we supply.
  • Health information, if you fill out our surveys in connection with a potential purchase or engage in communication which includes your health.
  • Images and photos of your skin that you upload in our surveys or send us directly when claiming a guarantee or photos that you send to us for marketing purposes. We will always ask for your explicit consent before using photos or quotes for marketing purposes.

Use of personal information

We use your personal information for the following purposes:

  • To create and update your profile and administrate your use of the website. This makes us among other things able to answer your inquiries and register your preferences in connection with earlier purchases or reviews of products as well as giving you the option to share product reviews with others on the website or other websites managed by NØIE.
  • To improve our products and services, including our algorithm.
  • To register and identify you when visiting the website in order to improve our service.
  • To register, complete, and document purchases through the website, as well as deliver the purchased products.
  • To perform obligations as a result of the commitments there may have been made between you and us.
  • To adjust our content and advertising our social media administered by NØIE or one of our partners within social media advertisement.
  • To send you marketing communication (if you have requested this). See also”Direct Marketing” below.
  • To create statistics and to get an overview over which behaviour the visitors on the website normally have, including to better be able to adjust and target the website and email marketing to the recipient. Note: The purpose of product reviews are to share these with others, and they may be published on the website and other platforms. We recommend that you in our product review do not publish information that may identify you.
  • As NØIE is constantly improving not only the user experience, but also the efficacy and safety profile of our products, we utilise collaboration with external stakeholders and organisations in order to tap into specialised competencies beyond the ones employed at NØIE. We may share minimally identifiable data with other academic institutions or commercial organisations to carry out scientific research (where this is in the public interest or necessary for the purposes of a third party’s  legitimate research interests). We will always make sure that any such sharing for further research is done in compliance with data protection laws, with the appropriate safeguards, such as pseudonymization, and under terms that protect your privacy and the confidentiality of your data.
  • The above mentioned data sharing for the sole purpose of research holds no external stakeholders with a direct commercial incentive, but solely to improve the lives of our users by guiding us in developing more accurate, gentle and efficient products.

Direct Marketing

As mentioned above, we may use your personal information to notify you of any new products or services and special offers, which we deem that you might be interested in. However, you will only receive these messages if you have requested such when creating an order, when you register, or at any time after. You can at any point unsubscribe to these messages by contacting our support at privacy@noie.com.

Protection and sharing of personally identifiable information

NØIE can make your personal information available for:

  • Those third parties which provide technical support as data processors in connection with the maintenance of the website (fx SHOPIFY Inc., which provides hosting services), support in connection with sending communication to you, and shipping companies that deliver purchased products to you.
  • Any possible appropriator, acquirer, or buyer for a NØIE group company which processes your personal information in compliance with this privacy policy.
  • We may share data with third parties (e.g. universities and hospitals) for the purpose of conducting scientific research.
  • Any governmental, administrativ, judicial, or regulatory authority in collaboration in cases, investigations, and investigations performed by such authority, or to comply with regulatory requirements.
  • Above mentioned recipients may be located in countries and states outside the European Economic Area (“EEA”), including the United States, which may not have laws that comply with EEA data protection laws. NØIE has concluded appropriate contractual agreements for these recipients located outside the EEA.

Below is a list of sub-processors we work with:

  • Amazon Web Services, Hosting provider
  • Corpay, Invoice system
  • E-conomic, Accounting system
  • Google Analytics, Website analytics
  • Google Cloud, Email and file storage services
  • ITN Vision, Stock management
  • Keepers, Bookkeeping
  • Klaviyo, Email marketing services
  • Link Logistics, Outbound logistics
  • Openli, Consent management
  • PayPal, Payment processing
  • QuickPay, Payment processing
  • ReCharge, Subscription management
  • Segment, Website analysis
  • Shopify, Ecommerce platform & payment processing
  • Webshipper, Freight service platform
  • Dixa, Customer support services
  • Typeform, Survey platform

Account creation and profile
In order to provide our services we ask you to create an account. Since our concept relies on getting feedback on our products from our users, each user has a profile that is used to identify them and their journey with their skin. This setup also allows us to better and more easily decouple your skin data with your personal information in our technical backend.

User skin profile
Our services and products rely on users to fill out a skin profile; a series of questions about themselves, their skin and well-being. We feed these answers to our Bayesian statistical model in our backend, which then recommends an ingredient combination in a product that statistically performs best on their skin. It knows this from learning other users’ feedback. The more feedback the model receives, the better it can become at recommending a good ingredient combination.

The personal data is registered with Nøie and stored for five years (after inactivity), after which the information is deleted.

Processing your payment (PCI Compliance)

If you choose a direct payment gateway to complete your purchase, ClearHaus stores your credit card data. It is encrypted via the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data will only be stored for as long as necessary to complete your purchase transaction. Then your purchase transaction information is deleted.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its providers.

Security

To prevent unauthorised access, maintain data accuracy and ensure correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to secure the information we collect online. In addition, we have entered into data processing agreements with all third-party suppliers to ensure that they meet our high standards, including in connection with security.

If you provide us with your credit card information, the information is encrypted using Secure Socket Layer (SSL) technology and stored with AES-256 encryption. Although no transmission method over the Internet or electronic storage is 100% secure, we comply with all PCI-DSS requirements and implement additional generally accepted industry standards.

Your rights and responsibilities

You may request us or a third party instructed by us to:

  • Obtain insight into your personal data, as well as information on the purpose of the processing, the categories of recipients of the information, and any available information about the source of such data.
  • Correct, delete, or block any personal information that we or any third-party instructed by us has about you if it proves inaccurate or misleading.
  • You may revoke this consent at any time with respect to our use of your personal information. If you have requested to receive information from us, e.g. newsletters, etc. and do not want to receive further information, you can easily choose not to receive further information from us by sending an email to or unsubscribe from the link contained in the newsletter.
  • If the personal information that we or a third-party have about you is changing, please notify the change as soon as possible so that we can update our information.

Request deletion of your data

If you would like your data deleted from our systems please write privacy@noie.com. We will confirm that your request has been completed as fast as possible.

Questions and contact information

The data controller for this website is NØIE.

If you want to exercise any of your data protection rights, register a complaint, or just want more information, please contact us at privacy@noie.com, via the contact form on our website or via letter to Nøie ApS, Skelbækgade 4, 1717 Copenhagen, Denmark.