Processing of personal data
The responsible processor of personal data of the mnectar.eu online store is Aromamoda OÜ reg. number. 16107757, phone: +372 53042757, e-mail: mnectaoils@gmail.com, address: Taevasilma tn 5, Alliku küla Saue vald Harjumaa 76403, Estonia, (also known as Merchant).
What data is processed
- name and surname;
- contact information such as phone number and email address;
payer and targeted delivery; - Bank account number;
- cost of goods and services, data on payments (purchase history);
- data service clients;
- Other information related to customer research and/or customer offerings.
For what purposes is the data processed
The processing of personal data is carried out in programs with a client with a client. Processing of statistics data on accounts and programs.
Personal data is used when servicing customer orders and delivering goods to them.
Purchase history data (purchase date, product, quantity, customer data) is used to compile feedback on the goods and services purchased by the customer and analyze his preferences.
The bank account number is used to return the payment to the customer.
Personal data, such as e-mail address, telephone number, first and last name of the customer, are processed when resolving questions about goods and services (customer support).
The IP address or other online identifiers of the user of the online store are processed when the online store provides services to the information society, as well as when collecting website usage statistics.
Transferring data to an authorized processor
The Buyer keeps in secret the personal data of the client, which became known to him as a result of registering an account and in the process of using the site, and discloses them to third parties only with the consent of the client, except in cases where the obligation or right to disclose data arises from legal acts. The user of the online store agrees that the Merchant has the right to receive data in order to adapt services to the client, incl. changed their face, which is reflected with the formation of customer service Merchant.
List of authorized processors:
Suppliers – to deliver orders to the customer:
DPD
Omniva
Payment intermediaries – to pay for orders:
Swedbank
PayPal
Collection of statistics – collection of information in order to improve the user experience of the online store:
Google Analytics
Facebook
gmail
Security and data access
Personal data is stored on the servers of FASTVPS Eesti OÜ, the company’s data center is located in the EU, Estonia. Data may be transferred to countries with an adequate level of data protection, as assessed by the European Commission, as well as to US companies that have joined the data protection agreement (English Privacy Shield, or EU-US Privacy Shield).
The online store takes appropriate physical, organizational and information technology security measures to protect personal data from accidental destruction, loss, alteration, unauthorized access or disclosure.
The transfer of personal data and their processing to the authorized processor of the online store takes place on the basis of agreements between the online store and the authorized processor. Authorized processors are required to take security measures when processing personal data.
Acquaintance with personal data and their correction
The personal data stored in the online store can be viewed and changed in the account management section of the online store. If the purchase was made as a guest (without an account), you can submit a request for personal data using the data request form.
Withdrawal of consent
If the processing of personal data is based on the consent of the client, he has the right to withdraw his consent in the account management section of the online store.
Storage
When a customer account is closed, personal data is deleted, unless it is necessary for accounting purposes or the resolution of consumer disputes.
If the purchase in the online store was made as a guest (without an account), then the personalized purchase history is stored for three years.
In the event of payment and consumer disputes, personal data is stored until the claim is fulfilled or until the statute of limitations (three years) expires.
Personal data required for accounting purposes are kept for seven years.
Removal
The personal data stored in the online store together with the account can be deleted in the account management section of the online store.
To delete other data, you must submit a request using the data request form. A response to a request to delete data is given within one month, if necessary, specify the period whose data will be deleted.
Transfer
The personal data stored in the online store together with the account can be downloaded in the account management section of the online store.
For the transfer of other data, you must submit a request using the data request form. A request for data portability will be answered within one month, during which the customer service will verify the identity of the individual and notify you of the personal data to be ported.
Direct marketing mailings
The email address and phone number are used for direct marketing communications if the customer has given their consent. If a customer does not wish to receive direct marketing communications, they should follow the link in the message or contact customer support.
If personal data is processed for direct marketing purposes (profiling), the customer has the right to object at any time to (commence) the processing of their personal data, including profiling for direct marketing purposes, by notifying the support team by e-mail.
Dispute Resolution
Disputes regarding the processing of personal data are resolved through the customer support service (Kupets support contacts). Data processing is supervised by the Estonian Data Protection Inspectorate (info@aki.ee).