Privacy Policy
Last updated: 27.11.2024
Your data
We know how important it is for you to understand how we use your personal data. Our privacy policy explains the collection, storage, processing and sharing of your personal data. We will always be open with you about what we do with your personal data.
This privacy policy describes what you can expect when you contact us or use our services, and your rights regarding your personal data.We collect your information to improve your IKEA shopping experience and tailor it to your preferences. We comply with the regulations and ask for your consent when necessary.Your personal data belongs to you, and you can withdraw your consent at any time. We ensure the security of your personal data, in accordance with GDPR and Norwegian laws.
IKEA AS (Reg. no. 914 787 521), with registered office at Nesbruveien 42, 1396 Billingstad, is responsible for the processing of the personal data that is processed for the purposes stated below in these guidelines.
Personal data is any information that can be directly or indirectly linked to a natural person, including name, address, e-mail address, IP address and mobile number.
- Your name, gender and date of birth.
- Your email address, address and your mobile number.
- Your IKEA Family membership number.
- Your image on video surveillance cameras in the warehouses.
- Your purchase activity.
- Information about you as a customer, such as order information, payment information/purchase history and inquiries to our customer service. Web and search history on mobile/PC, date and time of the visit, operating system and browser, IP address and data from location-based cookies (please read our cookie policy for more information).
- Your preferences to help us suggest products/services.
- Information you share with us in connection with a planning session.
- Your comments and product ratings on surveys you answer.
- Personal data received from other sources, such as for example from publicly available registers, to ensure that the information we process is correct and up-to-date.
You can shop with us as a guest or create an IKEA Family profile.
IKEA Family is open to everyone over 18 years of age. You can read more about our processing of personal data in connection with your membership under the privacy guidelines for IKEA Family here.
IKEA is obliged to base its processing of personal data on a legal basis for processing. Our processing of personal data is based on one or more of these bases:
- The processing is necessary to fulfill an agreement with you.
- The processing is necessary for purposes linked to a legitimate interest we have.
- You have given your consent to the processing of your personal data for one or more specific purposes.
- The processing is necessary to fulfill a legal obligation.
- To deliver your order, receive payment and update you on the order's status.
Why we do it:
We do this to be able to fulfill our agreement with you to deliver our goods and services. - To handle deviations or changes to the order (This also includes Click and Collect, refunds, planning and measuring services).
Why we do it:
IKEA relies on the contract with you to fulfill the agreement. This is also necessary to fulfill legal obligations. - To verify your identity for the administration of your IKEA Family membership, or to carry out security checks when you speak to our customer center or with Exchange and return at the store.
Why we do it:
We do this to be able to fulfill our agreement with you to deliver our goods and services. - If we uncover fraud or other crimes. We will also be able to process personal and internet traffic information to ensure security in all our services.
Why we do it:
IKEA har legitim interesse i å beskytte seg fra svindel eller andre typer bedrageri og misbruk. - To administer prize draws or competitions that you voluntarily choose to enter. Sometimes we may use third parties to help us do this – we will make this clear in theterms and conditions of the prize draw or competition.
Why we do it:
We will do this based on the consent you give us when you participate. If a third party wants to use this information to contact you directly, as part of the prize draw or competition, we will ask for your consent for the third party to contact you. - To administer planning sessions with you.
Why we do it:
We do this to be able to fulfill our agreement with you to deliver our goods and services. - To send you service emails or communications as required by law to update you on any changes to our goods and services, any information required by law relating to your order or recall of products.
Why we do it:
We do this to comply with our legal obligations. We do not need your consent to send you this communication, but it will not include any promotional content. - Personal data that must be shared, e.g. in connection with accounting and to provide information to the relevant authority when this is required of us in accordance with Norwegian law.
Why we do it:
We do this to comply with our legal obligations. - Personal information we need when your child visits Småland.
Why we do it:
We will do this based on the consent you give us when you drop your child off at Småland. - IKEA Family When you register as an IKEA Family member and subscribe to our newsletter.
Why we do it:
We do this based on your consent to receive marketing newsletters.
Device information, preferences and cookies provided when you browse IKEA.no: - To tailor your online experience and send you personalized emails (in combination with other information you have provided to us or our third parties) so that we can offer you goods and services and promotions, offers and events we think you will like interested in.
Why we do it:
We will do this where you have consented to the use of cookies in our database. See our cookie policy for more information. You can manage your cookie settings at any time. - Job advertisement and employment
We use personal data to assess candidates who apply for positions with us. The information about you will be used by the IKEA company making the appointment to assess your application, contact references, verify the information you have provided and possibly contact you about a position. If you are employed by IKEA, information about you may also be sent to the human resources department of the IKEA company in which you are employed, so that it becomes easier for them to carry out administrative tasks in connection with your employment.
Why we do it:
Once you have given your consent, we will process your application for the purpose of assessing you for the specific position and managing the recruitment process. We do not use the application to assess you for other positions in the INGKA Group, unless you have given express consent to this. - Camera surveillance
We may use camera surveillance in our warehouses for safety reasons for both our employees and customers. We delete all recordings no later than 7 days after the recordings have been made. If it is likely that the recording will be handed over to the police in connection with the investigation of criminal offenses or accidents, the recordings can be kept for up to 30 days.
Why we do it:
IKEA has a legitimate interest in protecting itself from crime and maintaining a safe working environment for our employees. - Wireless network (Wi-Fi) in the store: Device information and details when you use our wireless network. We do this to allow you to use our wireless network in the warehouse. We use Yo Wireless to deliver wireless internet.
Why we do it:
We do this to be able to fulfill our agreement with you to deliver our services.
Other purposes you have consented to:
We will be able to process your personal data for any other purpose for which you have specifically given us consent.
- To deliver your order, receive payment and update you on the order's status.
We use social media to keep you updated on the latest trends and products and to offer smart solutions. You can follow us on Facebook, Instagram, YouTube and others. If you choose to like or share information from IKEA through these services, you should review the privacy policy of that service. We also receive personal data directly and indirectly from you when you visit ourFacebook page, e.g. when you follow us on Facebook, contact us on Facebook's chat solution, or when you share, like or comment on our Facebook posts. For such personal data, we are jointly responsible for the processing with Facebook. You can read more about how Facebook processes your personal data here.
We may use AI (artificial intelligence) in our interaction with you if you contact our customer support centre. We anonymize your interaction with us, after which AI systems are used to review and analyze the interactions to identify trends, common problems and areas for improvement. While AI systems improve our ability to provide efficient and personalized service, there are inherent risks, such as biases in algorithms. To mitigate any potential risk, in some cases human reviewers will also review transcripts of interactions to ensure our service standards are consistently met. All data reviewed, whether by AI or by human employees, is handled in strict accordance with our privacy and data protection guidelines to protect your personal information.
We may share your personal data with other companies in INGKA group. We will also be able to share your personal data with our subcontractors if it is necessary to deliver the agreed service. However, we will never sell or disclose your personal information to a third party for the use of information for purposes other than those described in these privacy guidelines. We ensure that your personal data is protected when it is sent outside INGKA group to trusted business partners with whom we have a contract in place.
A company that processes personal data on our behalf is called a data processor. When we use a data processor, we make sure to enter into a Data Processing Agreement. A Data Processing Agreement is a contract that regulates how the data processor can process the personal data to which they are given access. Each subcontractor is obliged to ensure that the data is processed in accordance with the law.
If there is a statutory disclosure obligation, we will also have to share your personal data with public authorities. As we are a global company, we may be required to assist international authorities with information. This may apply, for example, to export controls, financial sanctions, sanctions, anti-corruption work, etc.Your personal data may be transferred to companies outside the EU/EEA area, including our group companies or subcontractors, so that we can deliver our services to you.
In such cases, we will ensure that any transfer of your personal data is subject to guarantees that ensure that the personal data is processed in line with the data protection legislation that applies within the EU/EEA area and otherwise in accordance with these guidelines. This means that your personal data will not be transferred to countries outside the EU/EEA area without this taking place in accordance with the EU's standard agreements, according to current privacy legislation, which makes the transfer legal.We are committed to data minimization and only keep your personal data for as long as is necessary for the purposes described in these privacy guidelines. This means that the retention periods will vary according to the type of data and the reason we have the data in the first place.
We have procedures for our retention periods which we keep under review considering our reasons for processing your personal data and the legal basis for doing so. However, this does not apply if storage is required by law for a longer period than the purpose dictates.We have established routines and measures to ensure that unauthorized persons do not gain access to your personal information and that all processing of the information otherwise takes place in line with applicable law. The measures include, among other things, regular risk assessments, adapted technical systems and physical procedures to safeguard information security, as well as routines to verify access and other rights requests.
The GDPR gives you a number of rights, including the right to access, correction and deletion of the personal data we have stored about you.
We are concerned that the personal data we have stored about you is correct and up-to-date. If you discover that your information is incorrect, we encourage you to contact us. This also applies if you want your personal data to be deleted. When it comes to requests for deletion, this does not apply to information that is necessary for us to be able to deliver a service that you still want to have access to, or that is required by law to keep the information for a specific period.
Your also have the right to object to the processing of personal data and the right to object to personal profiling and automated decisions. This means that you can demand that your personal data is not analysed to reveal your behaviour, preferences, abilities or needs. However, this does not apply if the processing is necessary to fulfill an agreement you have entered into with us or if you have previously given your express consent to the processing. If you wish to request access, correction or deletion, you can contact us at any time. We will answer you no later than 30 days after you have made contact. To ensure that we send the information to the right person, use the access request for verification if you want to be sent the information we have stored on you, and send it to: [email protected].
If you think we are not following these guidelines for privacy, or applicable legislation, you can send us a complaint. You can also complain to the Norwegian Data Protection Authority (Datatilsynet).Our services are in continuous development. We may therefore need to update our privacy policy. If the guidelines are updated, the updated guidelines will be made available on our website, IKEA.no.
Please let us know if you have any other questions related to our privacy policy. You can reach us on phone +47 640 01 273.