PROCESSING OF PERSONAL DATA
The controller of the personal data of the online shop is IDESIGN OÜ (registry code 10072977), located at Paadi tee 3, Viimsi vald, phone +37256873236 and email [email protected]
What personal data are processed
– name, phone number and email address;
– delivery address;
– bank account number;
– cost of goods and services and data related to payments (purchase history);
– customer support data.
Why personal data are processed
Personal data are used to manage the customer’s orders and deliver goods. Purchase history details (date of purchase, goods, quantity, customer’s data) are used for preparing summaries of goods and services purchased and for analysing customer preferences. The bank account number is used to reimburse payments to the customer. Personal data such as email, phone number and the customer’s name are processed to handle any issues relating to the provision of goods and services (customer support). The IP address or other web identifiers of a user of the online shop are processed for the provision of the online shop as an information society service and for web use statistics.
Personal data are processed for the purpose of performing a contract concluded with the customer. Personal data are processed for performing legal obligations (such as accounting and the settlement of consumer complaints).
Recipients of personal data
Personal data are transmitted to the customer support of the online shop for managing purchases and purchase history and for settling any problems that the customers may have. The name, phone number and email address are transmitted to the transport service provider selected by the customer. When the goods are delivered by a courier, the customer’s address is also transmitted together with the contact details. The transport service provider to whom the personal data is transmitted is Omniva. If the accounts of the web shop are kept by a service provider, the personal data are transmitted to the service provider for performing accounting operations. Personal data may be transmitted to IT service providers if this is necessary for ensuring the functionality of the online shop or for data hosting. The web store delivers the personal data necessary for the execution of the payments to the authorized processor, Maksekeskus AS.
Security and access to data
Personal data are stored in the servers of Zone Media, which are located on the territory of a member state of the European Union or states of the European Economic Area. Data may be transferred to the countries whose data protection levels have been assessed as adequate by the European Commission and to the companies in the USA who have joined the Privacy Shield framework. Personal data can be accessed by the staff of the online shop in order to settle technical issues related to the use of the online shop and to provide customer support. The online shop takes appropriate physical, organisational and IT security measures to protect personal data against accidental or unlawful destruction, loss, alteration or unauthorised access and disclosure. Personal data are transmitted to the data processors of the online shop (such as the providers of transport and data hosting services) and processed under contracts concluded between the online shop and the processors. The processors must ensure appropriate safeguards when processing personal data.
Access to and rectification of personal data
Personal data can be accessed and rectified in the user profile of the online shop. When a purchase has been made without a user account, personal data can be accessed through customer support.
Withdrawal of consent
Where personal data are processed on the basis of the customer’s consent, the customer has the right to withdraw his/her consent by notifying customer support by email.
Personal data are erased upon the closure of a customer account of the online shop, unless the storage of the data is necessary for accounting purposes or for the settlement of consumer disputes. For online purchases made without a customer account, the purchase history is stored for three years. In the event of disputes concerning payments and consumer disputes, the personal data are stored until the claim is satisfied or until the end of the limitation period. Personal data needed for accounting purposes are stored for seven years.
For the erasure of the personal data, customer support must be contacted via email. requests of erasure are responded to no later than within one month and the period of erasure shall be specified.
Requests to transmit personal data submitted via email are responded to within one month. Customer support identifies the person and indicates what personal data are to be transmitted.
Direct marketing messages
Email address and phone number are used for sending direct marketing messages if the customer has given the respective consent. If the customer does not want to receive direct marketing messages, the customer should select the relevant link at the footer of the email or contact customer service. Where personal data are processed for direct marketing purposes (profiling), the customer has the right to object at any time both to the initial and further processing of his/her personal data, including profiling related to direct marketing by notifying customer support thereof via email (the respective information must be submitted clearly and separately from any other information).
Disputes concerning the processing of personal data are settled through customer support [email protected]esign.eu. The supervisory authority is the Estonian Data Protection Inspectorate ([email protected]).
Cookies are data stored in your web browser, such as web pages you have visited.
Session cookies or temporary cookies are used every time when you visit our website, and they are deleted when you shut down your web browser. Temporary cookies are used for instance to remember the language you have selected for the website, or the content of your shopping cart.
Permanent cookies stay in the user’s device after you have closed the website. Permanent cookies have different periods of expiry, and some of them are stored in the user’s device for days, months or even years. Permanent cookies are used, for instance, to remember user preferences and store user names and passwords so that users do not need to log in every time they visit the site.
Third party cookies:
List of third-party cookies:
Terms of cookies applied by Facebook: https://www.facebook.com/policies/cookies/
Terms of cookies applied by Google: https://www.google.com/policies/technologies/cookies/
Analytical cookies that collect information about how the site is used. For example, what kind of content pages are most visited or what your visitors are looking for on a website etc. These cookies do not contain information that would allow the website user to be directly identified. This includes, for example, Google Analytics cookies.
Ad-serving cookies that can help you deliver targeted ads to your interests. For example, the Facebook Pixel code has been added to the homepage of the Alacartedesign website, and if you do not want to see Alacartedesign’s website promotion on Facebook again, you can disable it. Go to https://www.facebook.com/ads/preferences and delete the “Advertisers you’ve contacted” option under Alacartedesign.
If you do not want this information to be collected from you during your stay in Alacartedesign, you can remove cookies from your browser’s internet settings. For more information on how to use and store cookies, contact Customer Service Center.
Here are instructions for changing the most common cookie settings:
Manage third-party cookies
When blocking cookies, the user must take into account that all features of the website may no longer be available to the user.