PROCESSING OF PERSONAL DATA
The responsible processor of personal data of the online store maglia.ee is OÜ Amedeo (registry code 12180125) located at Rävala pst 8, Tallinn 10143, Estonia, phone +372 53031311 and e-mail email@example.com.
What personal data is processed
– name, telephone number and e-mail address;
– delivery address of the goods;
– bank account number;
– cost of goods and services and data related to payments (purchase history);
– customer support details.
For what purpose is personal data processed?
Personal data is used to manage customer orders and deliver goods.
Purchase history data (purchase date, goods, quantity, customer data) is used to compile an overview of purchased goods and services and to analyze customer preferences.
The bank account number is used to return payments to the customer.
Personal data, such as e-mail, telephone number, customer name, are processed to resolve issues related to the provision of goods and services (customer support).
The IP address or other network identifiers of the online store user are processed to provide the online store as an information society service and to compile online usage statistics.
Personal data is processed for the purpose of fulfilling the contract entered into with the customer.
The processing of personal data is carried out in order to fulfill a legal obligation (eg accounting and settlement of consumer disputes).
Data processing is performed with the consent of the customer to perform the following activities: sending and profiling direct marketing messages.
Recipients to whom personal data are transmitted
Personal data is passed on to the online store’s customer support to manage purchases and purchase history and to solve customer claims.
The name, telephone number and e-mail address will be forwarded to the transport service provider chosen by the customer. In the case of goods delivered by courier, in addition to the contact details, the customer’s address will also be provided.
If the online store accounting is done by the service provider, the personal data will be transferred to the service provider for accounting purposes.
Personal data may be transferred to IT technology service providers if this is necessary to ensure the functionality of the online store or data hosting.
The online store forwards the personal data necessary for making payments to the authorized processor Maksekeskus AS.
Security and access to data
Personal data is stored on servers located in the territory of a Member State of the European Union or countries that have joined the European Economic Area. Data may be transferred to countries whose level of data protection has been assessed as adequate by the European Commission and to US companies that are affiliated to the Privacy Shield framework.
The employees of the online store have access to personal data in order to resolve technical issues related to the use of the online store and to provide customer support services.
The Online Store implements appropriate physical, organizational and IT security measures to protect personal data from accidental or unlawful destruction, loss, alteration or unauthorized access and disclosure.
The transfer of personal data to the authorized processors of the online store (eg transport service provider and data hosting) takes place on the basis of agreements concluded with the online store and the authorized processors. Authorized processors are obliged to ensure appropriate safeguards for the processing of personal data.
Access and correction of personal data
Personal data can be accessed and corrections made to the online store’s user profile. If the purchase has been made without a user account, personal data can be accessed via client support.
Withdrawal of consent
If the processing of personal data takes place on the basis of the customer’s consent, the customer has the right to withdraw the consent by notifying the customer support by e-mail.
After closing the customer account of the online store, personal data will be deleted, unless such data needs to be kept for accounting or for resolving consumer disputes.
If the purchase in the online store has been made without a customer account, the purchase history will be stored for three years.
In the case of disputes related to payments and consumer disputes, personal data will be kept until the claim is fulfilled or the limitation period expires.
Personal data required for accounting purposes shall be kept for seven years.
Deletion of personal information
For delating personal information, contact customer support via email. A request shall be answered no later than one month and the period for delating of data shall be specified.
A request for the transfer of personal data submitted by e-mail will be answered within a month at the latest.
Customer support identifies person and notifies of the personal data that is to be transferred.
Direct marketing communications
The e-mail address and telephone number will be used to send direct marketing messages if the customer has given his consent. If the customer does not wish to receive direct marketing communications, customer shall select the appropriate link in the footer of the email or contact customer support.
Personal data and purchase statistics can be used to conduct a profile analysis to better understand the customer’s expectations and, as a result, to offer the customer better goods and services. The online store does not make any legally binding decisions as a result of profiling. If personal data is processed for direct marketing purposes (profiling), the customer has the right to object at any time the initial and further processing of his personal data, including direct marketing profiling, by notifying customer support by e-mail (this must be clearly and separately from any other information) .
A cookie is a small text file that a web browser automatically saves to a device used by a user. Cookies are used to collect information about how the user uses the website in order to provide the user with a better user experience. The following cookies are used in the online store:
-session cookies, the purpose of which is to allow the use of the website;
-persistent cookies, the purpose of which is to remember the customer’s choices on the website;
-first and / or third-party cookies intended to show the user appropriate advertising and offers;
-third party analysis cookies aimed at optimizing marketing communications.
In addition to the use of analysis cookies, the website uses pixel tags (web-beacons) to monitor the use of the website. In doing so, personally identifiable data will not be processed.
Processing of non – personal data
When you visit an online store, the online store may collect non-personal information such as the date and time you visited the website, information downloaded from the website, information about your browser name and operating system, Internet service provider, and other similar information. The online store processes this data anonymously and the data is used primarily to improve the functionality of the website.
Disputes related to the processing of personal data are resolved through customer support (tel +372 53031311 and e-mail firstname.lastname@example.org). The supervisory authority is the Estonian Data Protection Inspectorate (email@example.com).