Privacy policy

Home / Privacy policy
PROCESSING OF PERSONAL DATA The controller of personal data the online store is Ehekaru OÜ (registry code 16480060) located at Tartu maantee 133, 10112, Estonia, Tallinn, phone +37258587679 and e-mail Which personal data are processed? Name, phone number and email address; - delivery address; - bank account number; - cost of goods and services and data related to payments (purchase history); - customer support data. For what purpose do we process your personal data? Personal data is used to manage customer orders and deliver goods. Purchase history data (date of purchase, goods, quantity, customer data) is used to compile an overview of purchased goods and services and to analyze customer preferences. The bank account number is used to refund payments to the customer. Personal data such as e-mail, phone number, customer name, are processed in order to resolve issues related to the provision of goods and services (customer support). The IP address or other network identifiers of a user of the online store are processed for the provision of the online store as an information society service and for the production of web usage statistics. Legal basis Personal data are processed for the purpose of performing the contract concluded with the customer. Personal data are processed for the performance of legal obligations (e.g. accounting and settlement of consumer disputes). Recipients to whom personal data are transmitted Personal data is transmitted to the customer support of the online store for the management of purchases and purchase history and for solving customer problems. The name, telephone number and e-mail address are forwarded to the transport service provider selected by the customer. In the case of goods delivered by courier, in addition to contact details, the customer's address is also forwarded. If the accounting of the online store is carried out by the service provider, the personal data will be transferred to the service provider for performing accounting operations. Personal data may be transferred to information technology service providers if this is necessary to ensure the functionality of the online store or data hosting. The online store forwards the personal data necessary for making payments to the authorized processor Montonio Finance. Security and access to data Personal data are stored on servers located on the territory of a Member State of the European Union or countries of the European Economic Area. Data may be transferred to countries whose level of data protection has been assessed as adequate by the European Commission and to US companies that are affiliated to the Privacy Shield framework. The employees of the online store have access to personal data, who can access the personal data in order to resolve technical issues related to the use of the online store and to provide customer support services. The online store implements appropriate physical, organizational and IT security measures to protect personal data from accidental or unlawful destruction, loss, alteration or unauthorised access and disclosure. The transfer of personal data to the authorized processors of the online store (e.g. transport service provider and data hosting) takes place on the basis of agreements concluded with the online store and authorized processors. Authorized processors are obliged to ensure appropriate safeguards when processing personal data. Access to and correction of personal data Personal data can be accessed and corrections made to the user's profile of the online store. If the purchase has been made without a user account, personal data can be accessed via customer support. Withdrawal of consent If the processing of personal data takes place on the basis of the customer's consent, the customer has the right to withdraw the consent by notifying the customer support thereof by e-mail. Retention When closing a customer account in the online store, personal data will be deleted, unless such data needs to be stored for accounting purposes or for the resolution of consumer disputes. If a purchase has been made in the online store without a customer account, the purchase history will be stored for three years. In the case of disputes related to payments and consumer disputes, personal data will be stored until the claim is fulfilled or the limitation period expires. Personal data required for accounting purposes are stored for seven years. Delete In order to delete personal data, customer support must be contacted by e-mail. A request for erasure shall be responded to no later than within a month and the period during which the data will be deleted shall be specified. Transfer A request for the transfer of personal data submitted by e-mail will be answered within a month at the latest. The customer support identifies the person and informs about the personal data that is to be transferred. Direct marketing messages The e-mail address and phone number are used to send direct marketing messages if the customer has given the respective consent. If the customer does not wish to receive direct marketing messages, they must select the corresponding link in the footer of the e-mail or contact customer support. If personal data are processed for the purposes of direct marketing (profiling), the customer has the right to object at any time to both the initial and further processing of his/her personal data, including profiling related to direct marketing, by notifying customer support thereof by e-mail (this information must be provided clearly and separately from any other information). Settlement of disputes Disputes related to the processing of personal data are resolved through customer support, possible ways to contact them are e-mail and phone +372 58587679 The supervisory authority is the Estonian Data Protection Inspektsioon(