Privacy Policy

Your privacy is important to us at Pancho And Lefty ’cause also by that we can provide better service for you. That’s why we’ve created this privacy policy to explain Pancho And Lefty’s information collection and use practices in connection with the site. You’re bound to the Privacy Policy, too: it’s part of the Agreement, and by using our service you agree that you have read it, that you understand it, and that you will comply with it.


About GDPR in General

GDPR stands for General Data Protection Regulation and is a new data protection regulation from the EU that will become law in all EU Member States on 25 May 2018. The GDPR will replace the current Personal Data Act (PDA). The Act is intended to protect individuals’ privacy and to modernise, harmonise and reinforce protection within the EU.

Each EU Member State has a supervisory authority that will monitor this. In Sweden this authority is the Privacy Protection Authority, formerly the Data Protection Authority. On their website there is more information and help that you can read to find out what you need to do.


Who we are

Pancho And Lefty is a clothing webstore curated and run by Mikko Engström and David Irigoyen and owned by

Wideloom AB,
Slakthusgatan 20,
121 62 Johanneshov, Stockholm, Sverige.

VAT-number: 5567372593.

Our website address is:
For any issues concerning your privacy, contact:


Personal Data Controller

The Personal Data Controller (PDC) is the party that under the law has the ultimate responsibility for data processing and decides the purpose and the means of this. The Personal Data Controller must ensure compliance with the law, must inform those persons whose personal data is being processed and must ensure regulatory compliance by the Personal Data Processor. We are the Personal Data Controller for all processing of personal data about you as a customer or user when you use Pancho And Lefty’s services or, for example, contact us. What we do, or do not do, with your personal data is described here in our Privacy Policy.


What Personal Data We Collect And Why We Collect It

We don’t collect any Personal Data from Visitors or Users when they use the Service, unless they provide such information voluntarily, for example, by ordering products from us.

When you order from our website, your personal order form data will be stored into our (Pancho And Lefty) database records. It will be stored there indefinitely but you have the right to ask it to be removed and we will do so. When you visit our site, we have Google Analytics tool and Jetpack Analytics in use, which both monitor your ip-address and, for example, where do you visit from and for how long do you visit our site. After you leave our site, no records of where you go next are not stored or known by us. We have these analytics tools in use to be able to provide better service for you, our customers.


The Information We Store When You Order

When you order from us, the following data is stored in our database to secure that the item/items you ordered really go to you or to the recipient you tell us to send it.

Your full name, Company name (not obligatory but if you type it in, it will be also stored in our records), Street Address and Country, Postcode, Town, E-mail address, Phone Number and possible personalised order notes you want to leave for us in the extra order comment section. If you want us to ship your order to another address than to your billing address, then we also store the extra shipping information on our records too. This includes the same information fields as above: Recipients full name, Company name (not obligatory but if you type it in, it will be also stored in our records), Street Address and Country, Postcode, Town, Phone Number and E-mail address.

Also, the information of the item/items you order will be stored in our database indefinitely. This means: the item name, size, color, brand name, price. If you are a frequent customer, your whole order history is stored in our database in order for us to be able to offer better service and products for you. Also, the automatically calculated shipping price for your location will be stored in our records. We also need to store someo of the information of the sold products for legal reasons, for example, the Swedish Bookkeeping Act.


About Your Payment Information

We do not store or have the access to your payment information, such as your credit card number etc. For the payment options, we have Paypal and Dibs in use which are run on their respected and secure third party servers. When you order from us, you will be securely redirected to the respected services of either Paypal or Dibs, whichever you select to use when you decide to order from us. When using Paypal or Dibs, you acknowledge that the information you provide will be transferred to them for processing in accordance with their Privacy Policy and Terms.

 When you have completed your purchase on either one of those services, you will be securely redirected back to our site. We do not have any access to your personal payment information. We only know, if and when your payment is completed in order for us to be able to ship you the item/items you ordered from us. The same applies to the refund process.


Access to Personal Data

Only those at Pancho And Lefty who need access to the Personal Data to perform their work tasks are processing the Personal Data. Those people have entered into confidentiality agreements.


Subscriptions To E-mail List

When you have subscribed to our e-mail list you have agreed to receive information from us about our shop updates, such as product offers and more. At any time, you can remove yourself  from the e-mail list and your e-mail information will be removed from our servers.


Marketing Permissions

Pancho and Lefty will use the information you provide by joining our e-mail list in the e-mail subscription form to be in touch with you and to provide updates and marketing.

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at We will treat your information with respect. By joining our e-mail list, you agree that we may process your information in accordance with these terms.


Mailchimp GDPR

We use MailChimp as our marketing automation platform. By joining our e-mail list, you acknowledge that the information you provide will be transferred to MailChimp for processing in accordance with their Privacy Policy and Terms.


Personal Data Processor

In certain cases personal data will be processed by external parties acting as the Personal Data Processor for Pancho And Lefty. The Personal Data Processor (PDP) will process personal data on behalf of Pancho And Lefty and will be responsible for the technical and organisational security measures.


How Long We Retain Your Data

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. We retain that data indefinitely.


What Rights You Have Over Your Data

  • Right to access your data
  • You can request to receive an extract containing the data that we have about you. The extract will be sent free of charge in one copy on one occasion per year.
  • Right of rectification.
  • You have the right to have rectified any wrong or incomplete information about yourself.
  • Right to be forgotten
  • You have the right to request the removal of your personal data when the purpose of the processing is no longer current. The removal cannot be revoked/recreated and once the removal is complete, no person can be associated with the user account any longer. However, there may be legal obligations for Pancho And Lefty and The Denim Grocery AB as the Institution which prevent the immediate deletion of your personal data or parts of it. These obligations stem from accounting and tax legislation, but also from consumer rights legislation. In such a case, only the personal data that we are required to save in order to fulfil such legal obligations will be saved.

If you have an account on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. Also, if you want to request us to collect your personal data in an exported file more than in one copy per year, we will apply an extra fee minimum of 100€ per data collection request.


Right to Access Personal Data

You have the right to obtain from Pancho And Lefty confirmation as to whether or not Personal Data concerning you are being processed, and, where that is the case, access to the Personal Data.

You have the right to obtain from Pancho And Lefty the erasure of Personal Data concerning you and Pancho And Lefty has the obligation to erase Personal Data when the Personal Data is no longer necessary in relation to the purposes for which they were collected or otherwise processed or you have withdrawn consent on which the processing is based.


Restriction of Processing

You have the right to obtain from Pancho And Lefty restriction of processing if you have a particular reason for wanting the restriction. This may be if you have issues with the content of the information we hold or how we have processed your personal data. It can also be the case when Pancho And Lefty no longer needs the Personal Data.


Who We Collaborate With To Be Able To Provide Our Services For You

We use MailChimp as our marketing automation platform. By joining our e-mail list, you acknowledge that the information you provide will be transferred to MailChimp for processing in accordance with their Privacy Policy and TermsMailchimp GDPR.

For the payment processes we use Paypal (read their privacy policy here) and Dibs (read  their privacy policy:

Our site webhotel is provided by Fsdata (

Our site has been built by Juxtalab Creative Solutions (, and they have admin privileges of this site in order to provide scheduled maintenance updates to keep this site running smoothly. They have agreed into confidentiality agreements and only approved staff have access to the platform. 



About our site

The webstore platform we have in use is Shopify, read their privacy policy: 

Our website has been designed by Juxtalab Creative Solutions.


Below you can read more about the tools we have in use on our site.


Additional information

How we protect your data

We make sure to protect your data the best we can and your data is stored only in highly protected places. We have many different data protection procedures in place, such as:

  • Only approved staff have access to the platform
  • Backups are done at predetermined intervals.
  • Ensuring about the latest updates, for example, for the cms, the store platform and plugins
  • Protecting personal data by employing techniques such as access restrictions, encryption, pseudonymization, backups, data minimization, and regular testing of all these techniques.

In which countries will processing of your personal data occur?
Your personal data will be processed within the EU/EEA.

Additional Notes and Contact

If you have any extra questions, please contact us at: