Found in Estonia is the controller of your personal data. Found in Estonia processes personal data in accordance with applicable law, including consistent with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
|Name||Narmla Disain OÜ|
|Address||Kuristiku 18, Tallinn 10127|
- What kind of personal data does Found in Estonia collect?
- Basic identification data: First and last name;
- Contact data: E-mail address, mobile number, address;
- Purchase history;
- Order notes (optional).
- How does Found in Estonia collect the personal data?
We collect your data when:
- you request information about our products via our website https://foundinestonia.ee/ (the “Website”);
- you order goods or services on our Website, by telephone, email or mail;
- you subscribe to our mailing lists;
- you connect with us through social media services (Twitter, LinkedIN, Facebook);
- you submit information in a public forum linked to Found in Estonia;
- you sign up for our social media notifications.
- What are the purposes of the processing?
Found in Estonia shares stories and sells some goods in the Found in Estonia’s ecommerce store at http://foundinestonia.ee/Shop/ (the “Shop”) to promote our stories. You can find more information about Found in Estonia in the “About Us” section at https://foundinestonia.ee/about-us/. To buy the goods sold in Shop, you have to conclude a contract with Found in Estonia. Therefore, Found in Estonia processes your personal data for the performance of the contract and in order to take steps prior to entering into a contract. Found in Estonia will process your data to deliver the ordered goods to the address you have indicated in your order. It is not possible to purchase any goods in the Shop without providing identification data, contact data and transaction data.
Furthermore, the processing might be necessary for compliance with legal obligations to which Found in Estonia is subject. For example, Found in Estonia is required to organise the accounting and financial reporting.
Found in Estonia will also process your personal data if the processing is necessary for the purposes of the legitimate interests pursued by Found in Estonia. In every such case Found in Estonia will consider whether such interests might be overridden by the interests or fundamental rights and freedoms of the data subject. For example, Found in Estonia has the legitimate interest to process your data to help with fraud identification and prevention.
Found in Estonia can process your personal data if you have given consent to the processing of your personal data for one or more specific purposes. For example, Found in Estonia can send you marketing offers and news if you have expressly given such consent. You have the right to withdraw your consent at any time. However, we remind you that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
- Where we store and process personal data?
We place great importance on the security of all personally identifiable information associated with our users. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal information under our control. Due to technical reasons, some of the data may be physically located on the servers and equipment of an external service provider, in which case the data is processed remotely. The personal data will not be transferred outside the EU or EEA, unless it is necessary for the technical implementation of the service. The transfers of personal data are based on the model contract clauses approved by the European Commission or other transfer mechanism in accordance with data protection legislation. In such case, we will ensure sufficient data protection as required by the GDPR.
- How long do we retain your personal data?
Found in Estonia has both the right and the obligation to retain the personal data collected for a period of time. Found in Estonia does not retain personal information longer than necessary to achieve the purposes of processing and comply with the obligations of Found in Estonia. However, Found in Estonia may retain the personal data for a longer period of time if you have given consent for longer storage and processing of the data.
As a general rule Found in Estonia will keep your personal information for […].
The information contained in the accounting records will be retained for seven years in accordance with the law.
If Found in Estonia sends personal information to another controller, the data retention periods will be determined by the recipient of the data.
- To whom and why we transfer your personal data?
Found in Estonia may transfer your personal data to other data controllers or processors. Found in Estonia may share information with companies that provide support services to Found in Estonia. These companies may need information about you in order to perform their functions. Data processors are not authorized to use the shared data for any other purpose. Found in Estonia works with a print-on-demand drop shippers to provide the wearables sold in Shop. Your order and shipping details will be forwarded to the print-on-demand drop shipper.
Found in Estonia is required to transfer personal data if Found in Estonia is legally bound by such an obligation. For example, Found in Estonia might be obligated to disclose personal data to public authorities upon their legitimate request.
- What are your rights as a data subject?
You have the right to receive information about the personal data processed by Found in Estonia. You also have the right to request the correction or updating of data if it turns out that the personal data being processed is inaccurate. You have the right to obtain restriction of processing or the erasure of your personal data if the preconditions set under GDPR are met. Please note that it is not an absolute right. We can only delete data for which there is no legal basis or need to process it.
Found in Estonia will fulfil your request within a reasonable time, but no later than one month after receiving the request.
In case of any suspected infringement of your privacy, please contact us. We’ll try to resolve the dispute by negotiation. However, you also have the right to lodge a complaint to the supervisory authority. In Estonia the supervisory authority is Estonian Data Protection Inspectorate (www.aki.ee).