Processing of personal data
The chief processor of personal data of the E-shop S1.ee is Roller Äritarkvara OÜ with the address Veerenni 24c.
Phone 6871400 ja e-mail firstname.lastname@example.org
Which personal data is processed:
- name, telephone number, e-mail address;
- delivery address of goods;
- bank account number;
- cost of goods and services and data related to payments (purchase history);
- customer support information.
For what purpose personal information is processed
Personal data is used to manage customer ’s orders and deliver goods.
Purchase history data (date of purchase, merchandise, quantity, customer details) are used to compile an overview of purchased goods and services and analyze customer preferences.
The bank account number is used to return the payment to the customer.
Personal data such as email, phone number, customer’s name, are processed to resolve issues related to the provision of goods and services (customer support).
The webstore user's IP address or other network identifiers are processed to provide a webstore as an information society service and to compile web usage statistics.
The data processor, including the holder, is Roller Äritarkvara OÜ.
Legal grounds for processing data
The processing of personal data is performed for the purpose of performance of the contract with the customer.
Processing of personal data takes place in order to comply with a legal obligations (for example accounting and consumer dispute settlement).
Recipients to whom personal data is transmitted
Personal data is transmitted to the E-store customer support for managing purchases and purchasing history and for solving customer issues.
Name, telephone number and e-mail address are transmitted to the transport service provider selected by the customer. In the case of goods delivered by a courier, the customer 's address is also transmitted in addition to the contact details.
If the accounting of the E-shop is done by a service provider, then the personal data is transmitted to the service provider for carrying out accounting activities.
Personal data may be passed on to IT service providers if this is necessary to ensure the functionality of the webstore or data storage.
Security and data access
Personal data is stored on the servers of Roller Äritarkvara OÜ located on the territory of a Member State of the European Union or the countries party to the economic area of the European Union. The data may be forwarded to countries whose data protection level has been assessed by the European Commission to be adequate and to US companies that are members of the Privacy Shield framework.
Access to personal data is provided to employees who can access personal data in order to resolve technical issues related to the use of the webstore and provide customer support services.
The webstore implements appropriate physical, organizational and information security measures to protect personal data against accidental or unlawful destruction, loss, alteration or unauthorized access and disclosure.
The transfer of personal data to authorized processors (for example transport service provider and data storage) is carried out on the basis of contracts with the webstore and authorized processors. Authorized processors are required to ensure appropriate protective measures in the processing of personal data.
Accessing and correcting personal information
Personal data can be viewed and corrected in the webstore user profile. If the purchase has been made without a user account, you can access personal information through customer support.
Withdrawal of consent
If the processing of personal data takes place on the basis of the customer 's consent, the customer has the right to withdraw the consent by informing customer support via e-mail.
When closing a webstore customer account, personal data will be deleted, unless such data is required to be kept for accounting purposes or for resolving consumer disputes.
If a purchase has been made without a customer account at the webstore, the purchase history will be kept for three years.
In the event of disputes relating to payments and consumer disputes, personal data shall be retained until the claim has been executed or until the expiry of the limitation period.
Personal data necessary for accounting purposes will be kept for seven years.
To delete personal data, contact customer support by e-mail. The request for deletion will be answered no later than within a month and the deadline for the deletion of the data will be specified.
An application for transfer of personal data submitted by e-mail will be answered no later than within a month. Customer support identifies the identity and personal data that is subject to transfer.
Direct marketing messages
The e-mail address and telephone number are used to send direct marketing messages, provided the customer has given his / her consent. If the customer does not want to receive direct marketing messages, contact customer support.
When personal data is processed for direct marketing purposes (profiling), the customer has the right to object at any time to his or her personal data for both initial and further processing, including direct marketing, by notifying customer support via e-mail.
Disputes relating to the processing of personal data are resolved through customer support at email@example.com. The supervisory authority is the Estonian Data Protection Inspectorate (firstname.lastname@example.org).
Data communication between the Customer and the banks and the card payment center is encrypted, which ensures the security of the Customer's personal data and bank data.
The payment is made outside of the E-shop environment, in the secure payment environment of the respective bank or service provider. The E-shop lacks access to the Customer's bank details and credit card information.
Here are the different types of cookies that are used at the S1 E-shop:
Essential / Mandatory Cookies – these cookies are indispensable to allow movement on the website and using it’s elements, for example, to access secure areas on the website. Without these cookies, your requested services cannot be provided. They do not collect visitor identification information;
Performance cookies - these cookies collect information about the ways in which the visitor's use the website, for example, which pages most visitors visit, and whether websites give them error messages. They do not collect visitor identification information. All information they collect is aggregate information and as such anonymous. It is used only to improve the work of the website;
Functionality cookies - these cookies allow the website to remember the choices you make (such as the username, language, or region where you are) and provide enhanced and personalized features with it. For example, a website may display local weather or traffic news for you by storing cookie information for the area you are currently in. Functionality cookies can also be used to memorize changes to text size, font type, and other custom elements of websites. They can also be used to provide the services you are requesting, such as watching videos or commenting on blog posts. The information collected by the cookies may be anonymous and cookies are not able to track the browsing of other websites.