Privacy policy

Last Updated: December 16, 2025

Introduction

Klohy ("we", "our" or "us") is committed to protecting your privacy. This privacy policy explains how your personal information is collected, used, and disclosed by Klohy.

This privacy policy applies to our website (https://klohy.co/) and its associated subdomains (collectively, our "Service"), alongside our application, Klohy. By accessing or using our Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.

Data Controller

Klohy is the data controller responsible for your personal data. Our registered address is Eastmansvägen 8B, 113 61 Stockholm, Sweden. For privacy-related inquiries, please contact our Data Protection contact at privacy@klohy.co.

Definitions and Key Terms

Cookie: A small amount of data generated by a website and saved by your web browser, used to identify your browser, provide analytics, and remember information about you.

Personal Data: Any information that directly, indirectly, or in connection with other information allows for the identification of a natural person, as defined under the EU General Data Protection Regulation (GDPR).

Processing: Any operation performed on personal data, including collection, recording, organisation, storage, adaptation, retrieval, use, disclosure, or erasure.

Data Subject: The individual to whom the personal data relates (i.e., you).

Service: The services provided by Klohy as described on our website and platform.

Third-party Service: External services that we may integrate with, or that provide content or functionality to our Service.

What Information Do We Collect?

We collect information from you when you visit our website, register on our site, place an order, subscribe to our newsletter, respond to a survey, or fill out a form. This information may include:

  • Name or username
  • Email address
  • Phone number
  • Mailing and billing addresses

Lawful Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following lawful bases:

  • Contractual Necessity: To fulfill our contract with you, including processing orders, managing your account, and providing customer support.
  • Consent: Where you have given explicit consent, such as subscribing to our newsletter or opting in to marketing communications. You may withdraw consent at any time.
  • Legitimate Interests: For purposes such as improving our services, fraud prevention, and website security, where these interests do not override your fundamental rights.
  • Legal Obligation: To comply with applicable laws and regulations, including tax, accounting, and anti-fraud requirements.

How Do We Use the Information We Collect?

The information we collect may be used in the following ways:

  • To personalise your experience and respond to your individual needs
  • To improve our website and services based on your feedback
  • To process transactions and send related information
  • To provide customer service and respond to support requests
  • To send periodic emails (where you have consented)
  • To administer contests, promotions, surveys, or other site features

Sharing Information with Third Parties

We may share your information with trusted third-party service providers who assist us in operating our website, conducting our business, or serving you, provided that those parties agree to keep your information confidential. These include hosting providers, payment processors, email service providers, and analytics services.

We may also share aggregated, anonymised data with analytics partners and advertisers. This data cannot be used to identify you personally.

We may disclose your information where required by law, to respond to legal processes, or to protect our rights, property, or safety, or that of others.

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity, provided they agree to honour the terms of this Privacy Policy.

Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

  • Right of Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure: You have the right to request that we delete your personal data, subject to certain legal exceptions.
  • Right to Restrict Processing: You have the right to request that we limit how we use your personal data.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw that consent at any time.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority (UK residents: Information Commissioner's Office (ICO), Wycliffe House, Water Lane, Wilmslow, SK9 5AF, United Kingdom - www.ico.org.uk EEA residents: Integritetsskyddsmyndigheten (IMY), Box 8114, 104 20 Stockholm, Sweden — www.imy.se).

To exercise any of these rights, please contact us at privacy@klohy.co. We will respond to your request within 30 days.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Specifically:

  • Account information: Retained while your account is active and for up to 2 years after account closure.
  • Transaction records: Retained for 7 years to comply with tax and accounting regulations.
  • Marketing preferences: Retained until you withdraw consent or unsubscribe.
  • Support communications: Retained for up to 3 years after the issue is resolved.

When data is no longer required, we will securely delete or anonymise it.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption via SSL/TLS, secure server infrastructure, access controls, and regular security assessments.

Payment information is transmitted via Secure Socket Layer (SSL) technology directly to our payment gateway providers and is not stored on our servers.

While we strive to protect your personal data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to taking all reasonable precautions.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

International Data Transfers

Klohy is based in Sweden. Your information may be transferred to, and processed in, countries outside of Sweden and the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or transfers to countries with an adequacy decision.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. Cookies are small text files stored on your device that help us recognise you, remember your preferences, and analyse site usage.

Cookie Consent

When you first visit our website, you will be presented with a cookie consent banner. You may choose to accept or reject non-essential cookies. Essential cookies, which are necessary for the website to function, will be placed regardless of your choice.

Managing Cookies

You can control and manage cookies through your browser settings. Please note that disabling cookies may affect the functionality of our website. You may also withdraw your cookie consent at any time by adjusting your preferences via our cookie settings.

How We Use Your Email Address

By providing your email address and opting in to receive communications, you agree to receive emails from us. You can unsubscribe at any time by clicking the unsubscribe link in any email. Email addresses submitted during order processing will only be used to send order-related information unless you have separately consented to marketing communications.

Children's Privacy

Our Service is not directed at children under the age of 18. We do not knowingly collect personal data from children under 18. If we become aware that we have inadvertently collected personal data from a child under 18, we will take steps to delete that information as soon as possible. If you believe we may have collected data from a child under 18, please contact us immediately.

Links to Third-Party Websites

Our Service may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to review the privacy policies of any third-party sites you visit.

Advertising

Our website may display third-party advertisements. These advertisers may use cookies to collect information about your browsing activity for interest-based advertising. You can opt out of interest-based advertising through your browser settings or by visiting industry opt-out pages.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a new "Last Updated" date. For significant changes, we may also notify you via email. Continued use of our Service after changes are posted constitutes acceptance of the updated policy.

Governing Law

This Privacy Policy is governed by the laws of Sweden and applicable European Union regulations, including the General Data Protection Regulation (EU GDPR). For users in the United Kingdom, this policy also complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Disputes arising from this policy shall be subject to the jurisdiction of the courts of Sweden, without prejudice to your right to bring proceedings in your country of residence if you are a consumer in the UK or EEA.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

Trade Name: Klohy

Address: Eastmansvägen 8B 113 61 Stockholm, Sweden

General Email: support@klohy.co

Privacy Inquiries: privacy@klohy.co

Phone: +46703206149

Website: https://klohy.co/

Customer Service Hours: Monday to Friday, 9:00 AM to 5:00 PM (CET)