Privacy Policy

Privacy Policy (Bikescroll.com)

Last updated: 7 January 2026

This Privacy Policy explains how Memil AB (“Bikescroll”, “we”, “us”) processes personal data when you visit bikescroll.com, place an order, contact customer service, or otherwise interact with us. This Privacy Policy should be read together with our Terms & Conditions and Cookie Policy (where you can also manage your cookie choices).

1) Data Controller

Bikescroll.com is operated by Memil AB, which is the data controller for the processing described in this Privacy Policy.

Memil AB
Org. no.: 559052-9003
VAT no.: SE559052900301
Address: Ängalagsvägen 222, 269 95 Båstad, Sweden
Email: support@bikescroll.com
WhatsApp (Customer Service): +46763238565

Data Protection Officer (DPO): We have not appointed a data protection officer.

2) What personal data we collect

Depending on how you use bikescroll.com, we may collect:

2.1 Information you provide to us

  • Contact details: name, email address, phone number/WhatsApp number
  • Delivery and billing details: address information needed to deliver your order
  • Order details: products purchased, order notes, return/complaint information you submit
  • Customer service communications: messages you send via email/WhatsApp (including attachments such as photos/videos)

Please do not send sensitive personal data (e.g., health data, personal ID numbers) to customer service unless we specifically ask for it.

2.2 Information we collect when you shop with us

  • Purchase and order history: order number, products, quantities, prices, delivery method and status
  • Delivery information: shipment status and tracking details (where available)

2.3 Information we receive from others (payment and delivery partners)

  • Payment status and order confirmation details: from Klarna (Klarna Checkout) to confirm payment approval and handle your order, delivery, returns, and customer service
  • Shipment and tracking updates: from carriers and delivery partners (where available)

We do not receive or store full card details.

2.4 Information we collect automatically

  • Technical data: IP address, device/browser type, basic log information (primarily for security and troubleshooting)
  • Usage data (with consent): if you accept analytics cookies, information about website usage (e.g., page views/interactions) via Google Analytics

2.5 Marketing and newsletter data (if you choose to sign up)

  • Newsletter subscription data: email address and (if provided) name
  • Marketing preferences: consent choices and opt-out status

3) Why we process your personal data (purposes and legal bases)

We process personal data only when we have a lawful basis under the GDPR:

3.1 Manage purchases and deliver orders

Purpose: create/manage orders, delivery, returns, customer service.
Legal basis: performance of a contract (GDPR Art. 6(1)(b)).

3.2 Payments (Klarna Checkout)

Purpose: offer Klarna payment methods and complete payment; Klarna may carry out fraud checks and (where applicable) credit assessments.
Legal basis: performance of a contract (GDPR Art. 6(1)(b)).
Important: Klarna may act as an independent controller. Klarna’s privacy information is shown in the checkout.

3.3 Legal obligations

Purpose: comply with applicable laws (e.g., accounting/tax/consumer law).
Legal basis: legal obligation (GDPR Art. 6(1)(c)).

3.4 Security and misuse prevention

Purpose: secure the website/checkout, prevent fraud, troubleshoot, and maintain IT security.
Legal basis: legitimate interests (GDPR Art. 6(1)(f)).
Our legitimate interests include protecting our business, customers, and systems against misuse and security incidents.

3.5 Legal claims

Purpose: establish, exercise, or defend legal claims (e.g., disputes, complaints, chargebacks, or legal proceedings).
Legal basis: legitimate interests (GDPR Art. 6(1)(f)).

3.6 Analytics (Google Analytics — only with consent)

Purpose: analyze website usage and improve performance/user experience.
Legal basis: consent (GDPR Art. 6(1)(a)).
Google Analytics runs only if you accept analytics cookies. You can withdraw consent at any time via cookie settings.

3.7 Marketing/ads measurement (only with consent and only if enabled)

Purpose: measure ads and show relevant ads (e.g., retargeting) if we enable marketing tools such as Meta.
Legal basis: consent (GDPR Art. 6(1)(a)).
You can withdraw consent at any time via cookie settings.

3.8 Newsletter (if you subscribe)

Purpose: send newsletters/offers and manage subscriptions/unsubscribes.
Legal basis: consent (GDPR Art. 6(1)(a)).
You can unsubscribe anytime via the link in each email.

4) Is providing your personal data mandatory?

Certain personal data is required to enter into and perform a purchase contract with you (for example name, delivery address, and contact details for delivery updates). If you do not provide the required data, we may not be able to complete your purchase or deliver your order.

Where processing is based on consent (newsletter, analytics cookies, marketing cookies), providing data is optional and you can withdraw consent at any time.

5) Who we share your personal data with (recipients)

We do not sell your personal data. We share personal data only when necessary:

  • Payment provider: Klarna (Klarna Checkout)
  • Shipping/logistics partners: carriers and delivery partners (name, address, contact details, shipment details)
  • IT and e-commerce service providers: hosting/infrastructure, WooCommerce/plugins, technical support, security, backup, fraud-prevention (under data processing agreements)
  • Analytics provider (with consent): Google Analytics
  • Marketing partners (with consent and if enabled): Meta/Facebook/Instagram
  • Customer communication services: WhatsApp (if you choose to contact us via WhatsApp)
  • Authorities/legal claims: when required by law or necessary to establish, exercise, or defend legal claims

A list of our current processors/sub-processors can be provided upon request.

6) International transfers (outside the EU/EEA)

Some providers may process personal data outside the EU/EEA (for example global services such as Google Analytics, WhatsApp/Meta, or marketing tools if enabled).

When personal data is transferred outside the EU/EEA, we ensure transfers are made in accordance with the GDPR and based on appropriate transfer mechanisms, such as:

  • an adequacy decision adopted by the European Commission (where applicable, e.g., EU–U.S. Data Privacy Framework for certified organisations), and/or
  • Standard Contractual Clauses (SCCs) with supplementary technical and organisational measures where required.

Contact us at support@bikescroll.com if you want more information about the safeguards used for a specific transfer.

7) How long we keep your personal data (retention)

We keep personal data only as long as necessary for the purposes described:

7.1 Orders, payments, and accounting

Order-related information (invoices/receipts, payment confirmations, transaction records) is stored as required by Swedish accounting rules (generally 7 years after the end of the calendar year in which the financial year ended).

7.2 Customer service, returns, complaints, and legal claims

We normally keep case information for up to 3 years from purchase (to handle consumer complaints) and longer if needed to establish, exercise, or defend legal claims.

7.3 Newsletter

Stored until you unsubscribe or withdraw consent.

7.4 Analytics/marketing cookie data

Stored according to the retention settings in the relevant tool and deleted/anonymised according to those settings or when you withdraw consent.

7.5 Security logs and fraud prevention

Security logs (e.g., IP/security events) are normally kept for up to 12 months, unless a longer period is necessary to investigate or handle a security incident.

8) Automated decision-making

Klarna may use automated processes (including profiling) for fraud prevention and, where applicable, credit assessment and the availability of payment methods. This may affect which payment options are offered to you. Klarna provides information about such processing in the checkout and in its own privacy information. If you have questions or wish to exercise rights related to Klarna’s processing, please refer to Klarna directly.

9) Your rights under GDPR

You have rights under GDPR, including the right of access, rectification, erasure, restriction, data portability (where applicable), and the right to object to processing based on legitimate interests.

Right to object to direct marketing: If we process your personal data for direct marketing, you have the right to object at any time.

Withdrawing consent: You can withdraw consent at any time (newsletter unsubscribe link; cookie settings for analytics/marketing cookies). Withdrawing consent does not affect the lawfulness of processing before withdrawal.

How to exercise your rights: Contact support@bikescroll.com. We may need to verify your identity. We normally respond within one month, which may be extended where permitted by law.

Complaints: You can lodge a complaint with the Swedish Authority for Privacy Protection (IMY).

10) Cookies and tracking

We use cookies to make the website work, keep it secure, and (if you choose) to analyze and improve it. Optional cookies (analytics/marketing) are used only if you consent via our cookie banner/settings. Details of cookies (name, purpose, category, storage period) are provided in our cookie banner/settings and in our Cookie Policy.

11) Children

Bikescroll.com is not intended for children, and we do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us.

12) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will be published on bikescroll.com and the “Last updated” date will be updated.