0
0.00 €
0 items
1. General provisions
1.1 This privacy policy regulates the principles of collection, processing and storage of personal data. Personal data is collected, processed and stored by the online store kosmetoloog.ee (You are You OÜ, reg. n 16522551, Tallinn, Estonia, address Tartu mnt 55-34, tel. 5088995, e-mail info@kosmetoloog.ee ), as of this moment the data processor.
1.2 The data subject in the sense of the privacy policy is the customer or another natural person whose personal data is processed by the data processor.
1.3. The customer in the sense of the privacy policy is anyone who purchases goods or services from the data processor's website.
1.4. the Data Processor complies with the principles of data processing required by law, including the Data Processor processes personal data lawfully, in good faith and securely. The data processor can confirm that the personal data has been processed in accordance with the provisions of the law.
2. Collection, processing and storage of personal data
2.1- The personal data that the data processor collects, processes and stores is collected electronically, mainly via website and e-mail.
2.2. By submitting their personal data, the data subject authorizes the data processor to collect, organize, use and manage personal data for the purposes defined in the privacy policy, which the data subject shares directly or indirectly with the data processor when purchasing goods or services on the website.
2.3- It is the responsibility of the Data Subject to ensure that the data provided is accurate, correct and complete. Providing knowingly false information is considered a breach of the Privacy Policy. The Data Subject is obliged to notify the Data Processor immediately of any changes to the data provided.
2.4. the Data Processor shall not be liable for any damage caused to the Data Subject or third parties as a result of false information provided by the Data Subject.
3. Processing of personal data of customers and its purpose
3.1- The Data Processor shall process the following personal data of the data subject:
3.1.1. First and last name;
3.1.2 Date of birth;
3.1.3. Telephone number;
3.1.4. E-mail address;
3.1.5. Delivery address;
3.1.6. Bank account number;
3.1.7. Cost of goods and services, as well as data related to payments (purchase history). 1.8;
3.1.8. - IP address.
Personal data is used to manage customer orders and delivery of goods.
Purchase history data (date of purchase, product, quantity, customer data) is used to create an overview of purchased goods and services and to analyze customer preferences.
Bank account number is used to refund payments to the customer.
Personal data such as e-mail address, telephone number, customer name are processed for the purpose of solving issues related to the provision of goods and services (customer support).
3.2.The Data Processor is entitled to transfer personal data of customers to third parties, such as authorized data processors, accountants, transport and courier companies, companies providing translation services.The Data Processor is the responsible processor of personal data. The Data Processor shall transfer the personal data required for making payments to an authorized processor of Maksekeskus AS.
3.3. When processing and storing the personal data of the data subject, the Data Processor implements organizational and technical measures to ensure the protection of personal data against accidental or unlawful destruction, alteration, disclosure and any other unlawful processing.
3.4 The data processor shall store the data of data subjects depending on the purpose of processing, but not longer than 3 years.
4. Rights of the data subject
4.1- The data subject has the right to access and familiarize himself/herself with his/her personal data.
4.2. the data subject has the right to receive information about the processing of his/her personal data.
4.3. the data subject has the right to supplement or correct inaccurate data.
4.4. If the data processor processes the data subject's personal data on the basis of the data subject's consent, the data subject has the right to withdraw consent at any time.
4.5. the data subject may contact the customer service of the online store at info@kosmetoloog.ee to exercise his or her rights.
4.6. the data subject may lodge a complaint with the Data Protection Inspectorate to assert his or her rights.
5. Security and access to data
5.1 Personal data is stored on ShopRoller.com servers located in a member state of the European Union or countries that have joined the European Economic Area. Data may be transferred to countries whose level of data protection has been assessed as adequate by the European Commission and to US companies associated with Privacy Shield.
5.2 Access to personal data is available to the employees of the Online Shop, who can access personal data for the purpose of solving technical issues related to the use of the Online Shop and providing customer support services.
5.3 The Online Shop implements appropriate physical, organizational and IT security measures to protect personal data from accidental or unlawful destruction, loss, alteration or unauthorized access and disclosure.
5.4 The transfer of personal data to an authorized processor of the online store (e.g. transport service provider and data hosting) is based on contracts concluded with the online store and authorized processors. Authorized processors are obliged to ensure appropriate protection measures when processing personal data.
6. Storage of collected personal data
6.1 When closing a customer's account with the Online Shop, personal data is deleted, except where such data needs to be retained for accounting purposes or for the resolution of consumer disputes.
If a purchase is made in the Online Shop without a customer account, the purchase history is stored for three years.
In the case of payment and consumer disputes, personal data will be retained until the claim is settled or expires.
Personal data required for accounting purposes is retained for seven years.
7. Deletion or transfer of collected personal data
7.1 To delete personal data, you must contact the Helpdesk by email. The deletion request will be answered within one month at the latest, indicating the deadline for deleting the data.
7.2 A response to a request to transfer personal data sent by e-mail will be given within one month at the latest. The support service identifies the person and informs about the personal data to be transferred.
8. Notifications about direct marketing
8.1 The e-mail address and telephone number are used to send direct marketing messages if the customer has given his/her consent. If the customer does not wish to receive direct marketing messages, they must select the appropriate link in the footer of the email or contact customer service.
8.2 If personal data is processed for direct marketing purposes (profiling), the customer has the right to object at any time to the initial and further processing of their personal data, including profile analysis related to direct marketing, by notifying customer service by e-mail (the relevant information must be provided clearly and separately from all other information).
9. Final provisions
9.1 These data protection conditions have been drawn up in accordance with Regulation (EU) No 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as well as the repeal of Directive 95/46/EC/EC (General Data Protection Regulation), the Personal Data Protection Act of the Republic of Estonia and the legislation of the Republic of Estonia and the European Union.
9.2 The Data Processor has the right to partially or completely change the data protection conditions by notifying the data subjects of the changes via the website info@kosmetoloog.ee.
9.3 Disagreements related to the processing of customer data shall be resolved primarily by negotiation or through the customer service at info@kosmetoloog.ee. If this fails, the customer may file an application with the Estonian Data Protection Inspectorate (info@aki.ee)