Joanli Nor, Nordahl Jewellery, SON of NOA, Siersbøl and NOA Kids are Danish brands owned by Nordahl Andersen. Nordahl Andersen therefore also administers the competitions run by these brands.

Nordahl Andersen ApS, Færøvej 3, 8700 Horsens, Denmark, CVR 3007 4785, is the data responsible for the processing of the personal data we have received about you.
You can contact us regarding any queries about our processing of your personal data on +45 66 11 17 04 or customerservice@noa.dk
.

Purpose of processing, categories of personal data and legal basis

We regularly run competitions which you may choose to enter voluntarily. In some competitions you also sign up for our newsletters. Where that is the case, this will always be stated clearly, and it is always easy to unsubscribe again.

We only process your personal data if you win a competition. We process the following data: name, address, telephone number (for SMS service) and tracking number (for delivery).

The purpose of the processing is to contact you and arrange delivery of the prize, pursuant to GDPR Article 6(1)(f) (legitimate interests).

How long do we store your personal data?

Your data are stored only as long as necessary to fulfil the purposes for which they were collected. This means that name, address and telephone number will be kept until the prize has been delivered to you. The tracking number will be kept for six months, as delivery issues may occur, pursuant to GDPR Article 6(1)(f) (legitimate interests).

Other recipients who may process your data

If you win a competition, it may be necessary to disclose your data to a courier/shipping company, as it is in our legitimate interest to ensure the prize reaches you safely, pursuant to GDPR Article 6(1)(f) (legitimate interests).

Transfers to third countries

If you win a competition held on social media, we will contact you via Instagram’s or Facebook’s messaging function. In that context, there is a possibility that your personal data may be transferred to a third country. This is because Facebook and Instagram are, among other places, established in the USA. To ensure an adequate level of protection in the event of any transfer, Instagram has entered into the EU Commission’s Standard Contractual Clauses, and Facebook has adhered to the EU–US Privacy Shield.

Facebook’s EU–US Privacy Shield certificate can be found here:
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Your rights

Under the GDPR you have a number of rights in relation to our processing of your personal data. If you wish to exercise your rights, please contact us.

Right of access – You have the right to obtain access to the personal data we process about you, as well as supplementary information.

Right to rectification – You have the right to have inaccurate personal data about yourself corrected.

Right to erase – In certain circumstances, you have the right to have personal data about you erased before the time of our general deletion routines.

Right to restriction of processing – In certain circumstances, you have the right to have the processing of your personal data restricted. If you are entitled to restriction, we may subsequently process the data—apart from storage—only with your consent, or for the establishment, exercise or defence of legal claims, or for the protection of a person or important public interests.

Right to object – In certain circumstances, you have the right to object to our otherwise lawful processing of your personal data.

Complaint to the Danish Data Protection Agency

You have the right to lodge a complaint about our processing of your personal data with the Danish Data Protection Agency (Datatilsynet). You can find Datatilsynet’s contact details on their website: www.datatilsynet.dk