Privacy policy

Last updated: August 26, 2025

This Privacy Policy explains how Cords Sweden AB (“Cords”, “we”, “us”) collects, uses, and shares personal information when you visit or shop on cords.com (including subdomains) and when you interact with our customer support and marketing (together, the “Services”). If this Policy conflicts with our Terms of Service regarding personal information, this Policy controls.

By using the Services, you acknowledge you have read and understand this Policy.

Controller

Cords Sweden AB, Jungfrugatan 4, 114 44 Stockholm, Sweden
Contact: hello@cords.com

Personal information we collect (categories)

Depending on how you use the Services, we may collect:

  • Contact details: name, email, phone, billing/shipping addresses.

  • Account details: username, password, preferences.

  • Transaction & order data: items viewed/added/purchased/returned/exchanged; order history; payment references.

  • Payment information: processed by payment providers; we do not store full card numbers.

  • Communications: information you share with customer support.

  • Device & usage information: IP address, browser, device IDs, cookie identifiers, and activity on our site.

Sources of personal information

  • Directly from you (account, checkout, customer support).

  • Automatically through cookies and similar technologies.

  • Our service providers (e.g., ecommerce platform, payments, logistics).

  • Partners/third parties (e.g., marketing/ads, where applicable).

How we use personal information (purposes & legal bases)

  • Provide and improve the Services (fulfilment, payments, shipping, returns, account management, recommendations, troubleshooting). Legal basis: Contract, legitimate interests.

  • Communicate & support (order updates, service and security notices). Legal basis: Contract, legitimate interests.

  • Marketing (newsletters/offers via email/SMS with your consent; you can unsubscribe at any time). Legal basis: Consent.

  • Security & fraud prevention (authentication, detect/prevent misuse). Legal basis: Legitimate interests; legal obligation.

  • Compliance with legal obligations (e.g., accounting). Legal basis: Legal obligation.

Cookies

We use cookies and similar technologies for functionality, analytics and—where you consent—marketing. You can adjust settings in your browser and/or via our cookie banner.

How we disclose personal information

We share data only as described here:

  • Shopify (ecommerce platform/hosting) for store operation and certain enhanced features.

  • Payment providers (e.g., Shopify Payments/Klarna/PSP) to process payments.

  • Logistics/3PL & carriers for warehousing, fulfilment and tracking.

  • IT vendors (e.g., hosting, storage, security, email/CRM).

  • Marketing/advertising partners (only where you’ve consented to marketing cookies).

  • Legal/authorities where required by law, to protect our rights, or in connection with corporate transactions.

Our relationship with Shopify

Our store is hosted by Shopify. For certain cross-merchant security and advertising features, Shopify acts as an independent controller of personal information. In those cases, Shopify is responsible for that processing and for handling your rights requests relating to it. See the Shopify Consumer Privacy Policy and Shopify Privacy Portal (available on Shopify’s website) for details.

International transfers

We and/or our providers may process data outside the EEA/UK. Where we transfer personal data internationally, we use recognized safeguards such as Standard Contractual Clauses (SCCs) or rely on adequacy decisions, as applicable.

Security

We employ technical and organizational measures to protect your data. However, no method is completely infallible. Please avoid sending sensitive information via unsecured channels.

Retention

We retain personal data as needed for the purposes above and to meet legal requirements (e.g., accounting). After that, data is deleted or anonymized.

Children’s data

The Services are not intended for children below the age of majority in your jurisdiction. If you are a parent/guardian and believe your child provided data to us, contact hello@cords.com and we will assist with deletion.

Your rights (EEA/UK)

Subject to legal exceptions, you may:

  • request access, rectification, or erasure;

  • request restriction or object to certain processing;

  • exercise data portability;

  • withdraw consent (for future processing).

Contact hello@cords.com to exercise your rights. You can also lodge a complaint with a supervisory authority, e.g., the Swedish Authority for Privacy Protection (IMY).

Communication preferences

You can unsubscribe from marketing at any time via the link in our emails. We may still send transactional/service emails (e.g., order confirmations).

Third-party links

Our site may link to third-party websites. We are not responsible for their content or privacy practices.

Changes to this Policy

We may update this Policy as needed. The latest version will be posted here with an updated “Last updated” date.

Contact
Questions about privacy or this Policy: hello@cords.com
(Cords Sweden AB is the controller for the processing described here, except where Shopify acts as an independent controller as outlined above.)