The controller of personal data of the online shop hinnapomm.ee is AmeiZing OÜ (16512038) located in Võru County, Võru, Räpina mnt 16, 65606, +372 546 23306 and info@hinnapom.ee .
What personal data is processed
- name, telephone number and e-mail address;
- delivery address;
- bank account number;
- the cost of goods and services and payment details (purchase history);
- customer support details.
- IP address
Purposes for which personal data is processed
Personal data is used for the management of customer orders and the delivery of goods.
Purchase history data (date of purchase, goods, quantity, customer details) is used to compile an overview of goods and services purchased, to analyse customer preferences and for the purpose of, among other things, resolving consumer disputes.
The bank account number is used to return payments to the customer.
Personal data, such as e-mail, telephone number, customer name, are processed in order to resolve issues related to the provision of goods and services (customer support). Email is also used to send invoices and the telephone number is used to notify the parcel machine of the arrival of the goods.
The IP address or other network identifiers of the user of the online shop are processed for the purpose of providing the online shop as an information society service and for the purpose of web usage statistics.
Legal basis
The processing of personal data is carried out for the purposes of the performance of the contract with the customer (management of customer orders, delivery, return of goods and payments).
Processing of personal data for the fulfilment of a legal obligation (e.g. accounting).
Recipients to whom personal data are disclosed
Personal data will be transferred to the online shop’s customer support for the purpose of managing purchases and purchase history and resolving customer issues.
The name, telephone number and e-mail address will be forwarded to the transport service provider chosen by the customer. In the case of goods delivered by courier, the customer’s address will be provided in addition to the contact details.
If the accounting of the online shop is carried out by the service provider, the personal data will be transferred to the service provider for the purpose of carrying out accounting operations.
Personal data may be transferred to information technology service providers if this is necessary to ensure the functionality or data availability of the online shop.
Security and data access
Personal data is stored on servers located in the territory of a Member State of the European Union or in the territory of countries that have acceded to the European Economic Area. Data may be transferred to countries whose level of data protection has been assessed as adequate by the European Commission or to an undertaking in a third country which has been subject to a safeguard measure as referred to in Articles 46 or 47 or 49(1) of the GDPR.
Access to personal data is granted to the employees of the online shop, who can access personal data in order to resolve technical issues related to the use of the online shop and to provide customer support services.
The online shop implements appropriate physical, organisational and IT security measures to protect personal data against accidental or unlawful destruction, loss, alteration or unauthorised access and disclosure, including: (Data exchange with the e-shop is carried out over an encrypted connection (TSL), customer passwords are stored in encrypted form (hashes), standard encryption is used for sending e-mails, a firewall and appropriate anti-virus protection is implemented to protect the e-shop servers, regular backups are created and stored separately from the e-shop server).
Transfers of personal data from the online shop to recipients (e.g. transport service providers and data aggregators) are based on contracts between the online shop and the processors. Controllers are required to ensure appropriate safeguards for the processing of personal data in accordance with Article 28 of the GDPR.
Accessing and correcting personal data
Personal data can be accessed and corrected in the online shop’s user profile or via customer support. If the purchase has been made without a user account, you can access the personal data via the login. If the request for access to personal data is made by electronic means, the information shall also be provided by means of publicly available electronic media.
Withdrawal of consent
If the processing of personal data is based on the customer’s consent, the customer has the right to withdraw the consent in the customer account settings or by informing customer support by e-mail.
Storage
When you close your online shop customer account, your personal data will be deleted, except for personal data (purchase history data) that need to be stored for accounting purposes or to resolve consumer disputes.
In the case of disputes relating to payments and consumer disputes, personal data will be kept until the claim is settled or the limitation period expires.
Personal data contained in the accounting records are kept for seven years.
Restriction
You have the right to request the restriction of the processing of your personal data if the data is inaccurate or incomplete or if your personal data is processed unlawfully.
Objections
The customer has the right to object to the processing of his/her personal data if he/she has reason to believe that there is no lawful basis for the processing of his/her personal data.
Deletion
In order to delete personal data, you must contact customer support by e-mail. A reply to the erasure request will be given within one month at the latest, specifying the period of erasure. The reply to the request will also indicate which personal data will not be deleted and on what legal basis and for what reason.
Transfer to
Requests for the transfer of personal data made by e-mail will be answered within one month at the latest. The customer support will verify the identity and notify the personal data to be transferred.
Direct marketing communications
The email address and telephone number will be used to send direct marketing messages if the customer has given their consent. If the customer does not wish to receive direct marketing communications, he/she should select the appropriate reference in the footer of the e-mail or contact customer support.
Where personal data is processed for the purposes of direct marketing (profiling), the customer has the right to object at any time to both the initial and further processing of his or her personal data, including profiling in relation to direct marketing, by informing Customer Support by e-mail.
Cookies and other web technologies
Here you can find information on which Cookies or similar technologies are used in the price bomb and where you can find more information on the respective processing.
We may collect data about www.hinnapomm.ee Visitors and Users using Cookies (i.e. small pieces of information stored by the Visitor’s/User’s browser on the hard drive of the Visitor’s/User’s computer or other device) or other similar technologies and process that data (e.g. IP address, device information, location information).
We use the data we collect to enable the consumption of the service according to the Data Subject’s habits; to ensure the best quality of service; to inform the Visitor and User about content and make recommendations; to make advertisements more relevant and enhance marketing efforts; to facilitate log-in and data protection. The data collected is also used to count Data Subjects and to record their usage patterns.
We use session and permanent cookies. A session cookie is automatically deleted after each visit; persistent cookies are retained in the price bomb for repeated use.
The Price Bomb may contain third party Cookies for which Our partners are the data controllers.
We use the following types of Cookies:
Necessary Cookies – are necessary to use – to navigate around the site and use its features, including allowing necessary Cookies to log in, perform various important functions, distinguish botsfrom people and provide other security features. Without these Cookies, the Website cannot function properly and the provision of the Service may be prevented. Since the necessary Cookies are essential for the functioning of the www.hinnapomm.ee site, these Cookies are always enabled.
Preferences cookies – these cookies allow us to remember choices and characteristics of the Data Subject (such as username, language or country of location) in order to provide a more personalised and convenient experience on www.hinnapomm.ee. The data stored depends on the specific cookie. In general, technical data of the device is collected and the choices and characteristics (e.g. username, language, country of location) of the Data Subject are stored.
Functional/Statistical/Analytics Cookies – are Cookies that collect information about how Data Subjects use the www.hinnapomm.ee site, such as which subpages are most frequently visited and which error messages occurred. These cookies do not generally collect information that identifies an individual. They are used to improve the functioning of the website and the provision of the service.
Marketing and personalised analytics Cookies – Cookies used to optimise marketing activities and/or display personalised advertising. These Cookies may also be third party Cookies.
With regard to cookies, Visitors/Users agree to their use on www.hinnapomm.ee. Processing is based on the user’s consent. Without Cookies, not all features of the website may be available to the Visitor/User. Allowing or disallowing cookies and other similar technologies is under the control of the Visitor/User through their web browser settings and the Cookies solution on www.hinnapomm.ee. The data subject can turn cookies on and off by type (except for necessary cookies, which are automatically enabled).
More information about Cookies and the use of other similar technologies can be found at www.hinnapomm.ee via the relevant Cookies solution.
Dispute resolution
Disputes relating to the processing of personal data can be resolved through the Customer Support (info@hinnapomm.ee). The supervisory authority is the Estonian Data Protection Inspectorate (info@aki.ee).
Final provisions
6.1. These Data Protection Terms and Conditions have been drafted in accordance with Regulation (EU) No 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC / EC (General Data Protection Regulation), the Personal Data Protection Act of the Republic of Estonia and the legislation of the Republic of Estonia and the European Union.
6.2. The data controller reserves the right to amend the data protection conditions, in whole or in part, by informing data subjects of changes via the website www.hinnapomm.ee .
6.3. Latest changes to the Privacy Policy and effective date:
| Publication on | Entry into force | Main changes |
| 01.10.2023 | 01.10.2023 |
