Privacy Policy


TOBE Outerwear (Vebua AB) is committed to respecting and protecting your privacy. Our goal is to be clear about what information we collect and how we use and protect your personal information. 

The below Privacy Policy (together with our Terms and Conditions, any other documents referred to in it and our Cookie Policy) outlines how we may collect, use, store and process your personal information.

We truly hope that you will take time to read it through as we have no other goal but to maintain your privacy. Please remember that you can manage your information and protect your privacy anytime by, for instance, viewing and editing your information in your account or controlling what kind of cookies are used when you visit our website.



This Privacy Policy is for the website operated by Vebua AB (hereinafter referred to as “TOBE Outerwear”, “us” or ”we”), a company registered in Sweden under registration number 556834-8311 and Headquarters located at Solberg 504, 833 48 Hammerdal, Sweden. We also have a subsidiary in the United States of America located at 970 Yuma St. Ste 140, Denver, CO 80204.



This Policy is based on the following principles:

  • Personal data shall be processed lawfully, fairly and transparently;
  • Personal data shall only be collected for specific, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  • Personal data shall be adequate, relevant and limited to what is necessary for processing;
  • Personal data shall be accurate and, where necessary, kept up to date with every effort to erase or rectify without delay;
  • Personal data shall be kept in a form such that the data subject can be identified only as long as is necessary for processing;
  • Personal data shall be processed in a manner that ensures the appropriate security;
  • Personal data shall not be shared with third parties except when necessary in order for them to provide services upon agreement;
  • Data subjects must easily exercise their rights.



Personal information is data that can be used to identify or contact you.

Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as: “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

If we do collect personal data, we will nevertheless never collect sensitive personal data about you. The EU’s General Data Protection Regulation (GDPR) defines sensitive personal data as “categories of personal data related to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.”

When you use the Website and/or purchase from us, we may gather various information. In any event, we are committed to ensuring that the information we receive and use are appropriate for the below purposes.



We may collect and process the following information:

Email address, Full name, Phone number, Billing address, Shipping address, Payment information details**

** When purchasing, rest assure that your payments are secure. TOBE Outerwear does not collect your payment data but only payment identifiers. All of your bank details are collected only by our payment service providers that are all certified for their security standards.


We use the above information from the following purposes:

  • So you can purchase and receive your order
  • So we can prevent and detect fraud
  • So you can receive updates about your order via e-mail, sms or our app
  • So you can receive marketing communication via email or SMS
  • So we can send you NPS surveys and contact you to know what you think about our services
  • So we can notify you about changes to our services
  • So you can receive your refund, and we can manage the whole return process

The legal grounds to process your personal data are:

  • The processing of your personal data is necessary for the contract between you and TOBE Outerwear (to fulfill and deliver your purchases), for compliance with our legal obligations and our legitimate interests*

We may collect and process the following information:

Contact information, purchase history, information gathered when you visit our website

We use the above information from the following purposes:

  • So you can sign up to our newsletters and receive information, news and offers about our products
  • So we can inform you and remind you of any task which remains uncompleted (incomplete orders, abandoned baskets)
  • So we can inform you when a product is back in stock
  • So we can provide, update, maintain, improve and protect our website, business and services
  • So we can deliver relevant website content and online advertisements.
  • So to prevet misuse, crime and fraud

 The legal grounds to process your personal data are:

  • The processing of your personal data is based on your consent (when you sign up for our NL and ask to be reminded when a product is back in stock) or based on our legitimate interests*  

We may collect and process the following information:

Name, Email address, Telephone number, Correspondence history, order information, shipping address, payment information, ID documentation

We use the above information from the following purposes:

  • So you contact, communicate with us
  • So we can manage, administrate all your queries
  • So we can verify your identity when you request further information based on your rights

 The legal grounds to process your personal data are:

  • The processing of your personal data is necessary for the contract betwwen you and us, and based on our legitimate interests*

We may collect and process the following information:

Contact details such as email address, full name, telephone number, shipping addres, your written replies and information submitted in the contest

We use the above information from the following purposes:

  • So we can smoothly and perfectly manage the competitions (contact contestants, identify contestants, deliver prize deliveries)

 The legal grounds to process your personal data are:

  • The processing of your personal data is necessary for the contract between you and us
  1. #tobeouterwear

We may collect and process the following information:

Instagram account name, photo and video

We use the above information from the following purposes:

  • So to upload above information you submit to us on some of our platforms (ie product pages)

 The legal grounds to process your personal data are:

  • The processing of your personal data is based on your consent

We may collect and process the following information:

Social handle name, public photo and video, your comments

We use the above information from the following purposes:

  • So to monitor our customer views and opinions
  • So to answer your comments

 The legal grounds to process your personal data are:

  • The processing of your personal data is based on your consent

*When we rely on the ‘legitimate interests’ condition, TOBE Outerwear will always meet the following requirements:

  • We must process the information for the purposes of our legitimate interests or for those of a third party to whom we disclose it;
  • The above interests must be balances against your interests. The “legitimate interests” condition will not be met if the processing is unwarranted because of its prejudicial effect on your rights and freedoms, or legitimate interests. TOBE Outerwear legitimate interests do not need to be in harmony with those of the individual for the condition to be met. However, where there is a serious mismatch between competing interests, your legitimate interests will always come first.



If you happen to purchase or willingly give us your email address, you will receive marketing messages by email and/or SMS.

These marketing messages are only meant to warn you about our current and next offers.

You can of course decide to unsubscribe from us at any time.

How do you unsubscribe from marketing communications?

  1. SMS
  • By following instructions given at the end of the SMS message
  • By contacting our Customer Service
  • By clicking on the unsubscribe link at the end of the email
  • By contacting our Customer Service



We happen to use data collected during your visit to create banners and ads when you visit other third websites. Those ads are created via pixels and are based on information we hold about you (such as search history) which explains why you will be able to see ads matching items that are similar to those you have checked out on our website.

All information use to create those ads are pseudonymized and we will never use data that clearly identify you.



We use cookies when you visit our website – They can be enabled/disabled through your browser settings or via our cookies settings (found at the bottom of this page). You can find out how to manage cookies on your devices below.

Cookies are data files that can hold small amounts of info and are stored on your device (computer, smartphone etc) when you first visit a website.

We use cookies for various reasons, such as website navigation, allowing you to add items to your shopping bag, saved your language preference, analyzing the number of visitor on our site, assessing the success of our advertising campaigns, offers and communications or making our website work efficiently and secure.



We will never sell your personal data to any third party.

However, we may share your personal information with companies who are experts in their field and assist us in operating the website, conducting our business or servicing you.

Do not worry though! Each of our service providers have been selected by us for their ability to provide the particular services needed, including their ability to handle your personal information. All those providers provide sufficient guarantees to implement the technical and organizational measures necessary to meet the requirements of the GDPR and our own.

We share your personal information in the following cases:

  • To any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries;
  • In the event that we sell or buy any business or assets, data may be disclosed to the prospective seller or buyer of such business or assets;
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions and other agreements; or to protect the rights, property, or safety of TOBE Outerwear, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction;
  • If we are processing it on behalf of a customer;
  • To companies for the performance of any contract we enter into with you or them and that help us provide our services adequately such as, payment service providers, delivery companies or our warehouse.
  • To other professional services companies such website hosts, advertising/marketing agencies and analytics or search engine providers helping us run, improve and optimize the Website or helping us store your data.
  • With your express consent.



Where a third-party provider is located outside the European Economic Area, we will always ensure that the transfer of personal data will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission where the data protection authority does not believe that the third country has adequate data protection laws or with companies that are Privacy Shield Certified.



At any point while we are in possession of or processing your personal data, your rights are as follows:

Right to be informed Our goal is to be as clear as possible about how we use and process your data. You will be able to easily find this Privacy Notice on various locations on our website and app. You can request a pdf. copy of this Notice by contacting us.
Right to access You have the right to request a copy of the information that we hold on you. Please note that there are exceptions to this right. We may be unable to make all information available to you if, for example, making the information available to you would reveal personal data about another person, if we are legally prevented from disclosing such information, or if your request is manifestly unfounded or excessive.
Right to rectification You have the right to correct data that we hold about you that is inaccurate or incomplete. You will be able to rectify/edit the information we hold about you in your Account settings.
Right to be forgotten In certain circumstances (i.e if we do not have a legal reason to continue to store your data), you can ask for the data we hold about you to be erased from our records.
Right to restrict processing Under certain conditions, you have the right to restrict the processing of your data.
Right to portability You have the right to have the data we hold about you transferred to another organization in a safe and secure way.

This right only applies to personal data that TOBE Outerwear holds and must be held by TOBE Outerwear by consent or for the performance of a contract, and processing is carried out by automated means.

Right to object You have the right to object to certain types of processing such as direct marketing. You can unsubscribe from our newsletters at any time, by for instance, clicking on the unsubscribe link at the end of our newsletters.
Right to withdraw consent If you have given TOBE Outerwear your consent to process your data, you have the right to withdraw your consent at any time.
Right to complain to a Supervisory Authority In the event that TOBE Outerwear has not correctly responded to your request, you have the right to lodge a complaint to a Supervisory Authority. TOBE Outerwear’s Supervisory Authority is The Swedish Data Protection Authority (DPA). You will find their contact information here.




Where you request access to your information, we are required to use all reasonable measures to verify your identity before doing so. These measures only exist to protect your information and to reduce risk of identity fraud, theft or unauthorized access to your information.

We therefore kindly ask you to send us original or certified copies of the following documentation: passport, identity card, birth certificate or driving license. One of those above documents is required in order to request personal information.

We will endeavor to respond within one month. If you want to exercise one of the above rights, please contact us.



We will hold your personal data for as long as you have an account and for as long as is necessary to comply with our legal/ regulatory obligations, resolve disputes, prevent fraud and abuse or enforce our terms and conditions.

When we no longer need to retain your personal data, it will be deleted or be anonymised so that you can no longer be identified from it.

We securely destroy all financial information once we have used it and no longer need it.



TOBE Outerwear will use all reasonable efforts to protect your personal information. We are using the latest industry standards and security measures such SSL/TLS encryption for protection of user data and personal information.

Our goal is to have all appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing and using personal data. We have safeguard processes in place in order to ensure the ongoing confidentiality, integrity, availability and resilience of our or third parties processing systems and services as well as the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.

Your data is always stored in secure environments and we provide training to our Staff on data protection best practices and require them to enter into a confidentiality agreement.

You can access and edit personal information after signing into your account. To sign in, you are required to know your login credentials – email address and password. There is no way to access personal information without knowing the login credentials, therefore no unauthorized party can access it. We therefore ask you to keep your password secret and to not share it with any person (even a friend!). Please, immediately inform us if you know or suspect to have lost your login or that someone else is accessing your account.



Our site or newsletters may contain on occasion links to and from other websites of our partners, advertisers and affiliates. Please note that this Privacy Policy only applies to this website. If you visit any of these websites, we therefore suggest you read their own privacy policy as we do not accept any responsibility or liabilities for these policies.

United States only:

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personally identifiable information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under 13.

California Requirements

If the California Consumer Privacy Act (CCPA) applies to your information, we provide these disclosures described in this Privacy Policy so you can exercise your rights to receive information about our data practices, as well as to request access to and deletion of your information. We do not sell your personal information. We only share your information as described in this Policy.  We process your information for the purposes described in this Privacy Policy, which include “business purposes” under the CCPA. These purposes include:

  • Protecting against security threats, abuse, and illegal activity. We use and may disclose information to detect, prevent and respond to security incidents, and for protecting against other malicious, deceptive, fraudulent, or illegal activity. For example, to protect our services, we may receive or disclose information about IP addresses that malicious actors have compromised.
  • Auditing and measurement. We use information for analytics and measurement to understand how our Services are used, as well as to fulfill obligations to our business partners like developers. We may disclose non-personally identifiable information publicly and with these partners, including for auditing purposes.
  • Maintaining our services. We use information to ensure our services are working as intended, such as tracking outages or troubleshooting bugs and other issues that you report to us.
  • Research and development. We use information to improve our services and to develop new products, features and technologies that benefit our users and the public.
  • Use of service providers. We share information with service providers to perform services on our behalf, in compliance with our Privacy Policy and other appropriate confidentiality and security measures. For example, we may rely on service providers for storage of Your Materials.
  • Laws and regulations.  We also use information to satisfy applicable laws or regulations, and discloses information in response to legal process or enforceable government requests, including to law enforcement. 


California Do Not Track Disclosures

Do Not Track (DNT) is a privacy option that a user can set in certain web browsers. When a user turns on the Do Not Track signal, the browser will send a message to websites requesting them not to track the user. As of the effective date indicated above, we do not respond to Do Not Track browser settings or signals. Note, whether or not you have turned on the Do Not Track signal, we may deploy cookies and other technologies on our websites and those of our customers to collect information about you and your internet activity as provided elsewhere in this privacy policy.  We have no control over third parties’ use of or tracking collecting personally identifiable information even if such third party is accessed through our website.

CAN SPAM Act and E-mails

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out penalties for violations.

It is our intention to only send you e-mail communications that will be useful to you and that you want to receive. When you provide your e-mail address, we will periodically contact you via e-mail and provide information about special offers and promotions that may be of interest to you, and you consent to us doing so. If you do not wish to receive e-mails with updates and information, there is an UNSUBSCRIBE option. In addition, every time you receive an e-mail you will be provided the choice to opt-out of future e-mails by following the instructions.

Any opt-out will not stop emails we are required to send you for the purpose of providing you the Services we have agreed to provide or administration of those Services but these service emails will not include marketing material.  In any event we do not sell, rent or trade lists of personally identifiable information regarding our users or subscribers to third parties for marketing purposes.


If you have any questions about this Privacy Policy and/or have any enquiry relating to your Personal Data, please contact us online via this form or send us a letter to Data Privacy, TOBE Outerwear, Solberg 504, 833 48 Hammerdal, Sweden.


We keep our Privacy Policy under regular review. We will post any updates on this webpage. If significant changes are made, we will directly contact you by email so you can review the changes. Please check back frequently to see any updates or changes to our Privacy Notice.

The Privacy Policy was last updated June 1, 2023.