Privacy policy Midea Nordics

Privacy policy

Revised draft for website use | Last updated: June 2026

1. Introduction

Midea Europe GmbH ("Midea", "we", "us", "our") respects your privacy and is committed to processing personal data in a transparent, fair and lawful manner. This Privacy Policy explains how we collect, use, disclose, store and otherwise process personal data when you visit our websites, contact us, purchase products or services, register products, request warranty or after-sales services, participate in promotions, cashback campaigns, surveys or competitions, subscribe to newsletters or marketing communications, interact with our social media channels, engage with us as a customer, supplier, distributor or business partner, or otherwise communicate with us.

This Privacy Policy applies to users located in Denmark, Sweden, Norway, Finland and other countries within the European Economic Area (EEA), unless a separate local privacy notice applies.

2. Data Controller

The data controller responsible for the processing activities described in this Privacy Policy is:

Midea Europe GmbH
Ludwig-Erhard-Straße 14
65760 Eschborn, Germany
Email: privacy-meg@midea.com
Phone: +49 6196 9020-0

3. Data Protection Officer

You may contact our Data Protection Officer at: DSB-Midea_Europe@intersoft-consulting.de

4. Applicable Data Protection Laws

We process personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation - GDPR), applicable national data protection legislation in the relevant Nordic country, and guidance issued by competent supervisory authorities.

5. Categories of Personal Data We Process

Category

Examples

Identity data

Name, title, company name, customer number, user account details.

Contact data

Email address, telephone number, postal address, delivery address.

Transaction and service data

Purchase information, delivery information, warranty claims, product registration, service requests, complaint records.

Technical and usage data

IP address, device identifiers, browser information, operating system, website usage information, log files, consent ID.

Marketing data

Newsletter subscriptions, marketing preferences, campaign participation, consent records.

Business partner data

Professional contact details, company role, contract information, payment information, compliance documentation.

Voluntary data

Any information you voluntarily provide in forms, emails, surveys, feedback or messages.

6. Purposes, Legal Bases and Legitimate Interests

Purpose

Data used

Legal basis

Where Art. 6(1)(f) applies: legitimate interest

Customer service and communication

Identity, contact, message and service data.

Art. 6(1)(b) and/or Art. 6(1)(f) GDPR.

Responding to inquiries, managing customer relationships and documenting communications.

Contract performance

Identity, contact, transaction, delivery, warranty and service data.

Art. 6(1)(b) GDPR.

Not applicable unless the requester is a business contact rather than the contractual party.

Legal compliance

Data required by applicable laws, tax, accounting, warranty, product safety or regulatory obligations.

Art. 6(1)(c) GDPR.

Not applicable.

Website operation and security

Technical, log and usage data.

Art. 6(1)(f) GDPR.

Providing a secure, stable and functional website and preventing misuse, fraud or attacks.

Consent management

Consent status, timestamp, browser information, IP address, consent ID.

Art. 6(1)(f) GDPR.

Documenting and managing consent choices and legal accountability.

Analytics and website improvement

Usage and technical data.

Art. 6(1)(a) GDPR where consent is required; otherwise Art. 6(1)(f) GDPR where permitted.

Improving website performance and user experience. Non-essential analytics cookies are used only with consent where required.

Marketing communications

Contact and marketing preference data.

Art. 6(1)(a) GDPR and/or Art. 6(1)(f) GDPR where permitted by applicable direct marketing rules.

Informing existing business contacts about relevant products, services and events, subject to opt-out and applicable local rules.

Promotions, cashback and competitions

Identity, contact, purchase documentation, payment details and participation records.

Art. 6(1)(b), Art. 6(1)(c) and/or Art. 6(1)(f) GDPR.

Managing campaigns, preventing fraud and documenting eligibility.

Legal claims

Relevant contract, communication, transaction, technical and service records.

Art. 6(1)(f) GDPR.

Establishing, exercising or defending legal claims.

7. Website Usage Information and Cookies

When you visit our website, we may automatically collect certain technical information, including IP address, browser type and version, operating system, date and time of access, referrer URL, requested pages and device information. Strictly necessary cookies and similar technologies are used where permitted by law to operate and secure the website. Analytics, preference and marketing cookies are used only where required consent has been obtained. You may manage or withdraw your consent at any time through the Cookie Settings link available on our website.

8. Contact Forms and Communications

When you contact us, we may process your name, email address, telephone number, message content and any information voluntarily provided. Depending on the nature of the request, the legal basis may be Art. 6(1)(b), Art. 6(1)(a) and/or Art. 6(1)(f) GDPR.

9. Product Registration, Warranty and After-Sales Services

Where you register products or request warranty or after-sales services, we may process product details, purchase information, contact details, service records and communication records. The legal basis is generally Art. 6(1)(b) GDPR and, where legal obligations apply, Art. 6(1)(c) GDPR.

10. Business Partners

We process personal data of suppliers, distributors, contractors and other business partners for contract administration, supplier management, payment processing, business communications, compliance obligations and relationship management. The legal bases are Art. 6(1)(b), Art. 6(1)(c) and/or Art. 6(1)(f) GDPR.

11. Social Media

We may operate pages and accounts on social media platforms. If you interact with these services, personal data may be processed by both Midea and the respective platform provider in accordance with their privacy notices. Please review the privacy information of the relevant platform.

12. Recipients of Personal Data

We may share personal data with IT service providers, hosting providers, cloud service providers, logistics providers, payment service providers, marketing service providers, customer support providers, professional advisers, public authorities and companies within the Midea group. Recipients only receive personal data necessary for the relevant purpose and, where required, are contractually bound to protect the data.

13. International Data Transfers

Where personal data is transferred outside the EEA, including to Midea group companies or service providers located in third countries, we implement appropriate safeguards, such as European Commission adequacy decisions, EU Standard Contractual Clauses, transfer impact assessments where required and additional technical or organisational measures. Further details may be requested using the contact details above.

14. Data Retention

We store your personal data for as long as necessary to fulfil our legal and contractual obligations.

If the storage of your data is no longer required for the fulfilment of contractual or legal obligations, your data will be deleted unless further processing is necessary for the following purposes:

  • Compliance with commercial and tax retention requirements. Retention periods may be up to 10 years.
  • Preservation of evidence within the framework of statutory limitation periods. Under the limitation provisions of the German Civil Code (Bürgerliches Gesetzbuch – BGB), these periods may extend up to 30 years in certain cases, although the regular limitation period is three years.

15. Automated Decision-Making

We do not make decisions based solely on automated processing that produce legal or similarly significant effects unless permitted by applicable law and described separately.

16. Children

Our websites and services are not directed to children under the age of 16. We do not knowingly collect personal data from children without an appropriate legal basis or parental authorisation where required.