The principles of FendaF for processing of personal data
The principles for processing personal data are developed for protecting the privacy of the clients. Considering this, there is a list of principles which address the collection, use, transmission, transfer and retention of personal data. The activity of FendaF is consistent with the corresponding European Union Legislations and acts and laws of the Republic of Estonia.
- Client – natural or legal person who wants to buy products or who has purchased products.
- Personal data – any information concerning an identified or identifiable natural person, regardless of the shape or form of the data. Personal data is the information about the client, for example name, sex, age, national identification number, e-mail address, location data, banking data, income, photos, videos and online identifiers (IP-addresses and cookies).
- Processing personal data – all the operations done with personal data, including collection, saving, retention, rectification, etc.
- Data controller – FendaF OÜ, registry number 14300214, Sära tee 11, Peetri, Rae Parish, Harju county, 10621, republic of Estonia, e-post address firstname.lastname@example.org and phone number 5151619 or 5270378. FendaF OY will transmit the necessary personal data for the payment process to the data processor Maksekeskus AS.
- Data processor – natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
General principles for processing
FendaF has the following principles for processing the data, ensuring the lawfulness of the procession of personal data:
- Processing is lawful, fair and transparent for the Client.
- Personal data is collected precisely and clearly for fixed and legitimate objectives and it is not later processed in a way that is incompatible with those objectives.
- Personal data is relevant, important and restricted according to the objectives of its procession;
- Personal data is correct and updated, if necessary, and all the reasonable measures are used to ensure that considering the objectives of processing, all the information that is incorrect is deleted or rectified immediately;
- Personal data is retained in a form that allows the Client to be identified as long as it is necessary for the objectives for which the data is processed for;
- Personal data is processed in a way that ensures the relevant protection of data, including protects from unauthorised or unlawful processing and accidental loss, destruction or deterioration, using relevant technical or organisational measures.
Purposes of processing
FendaF processes personal data which is freely given and authorised with the consent of the Client. Personal data is considered to be: first and last name, phone number, date of birth, national identification number, address, e-post address, medium of delivery of the products, payment method for the purchasing of products and the purchased products. Personal data is processed for the following purposes:
- 1.For the creation and enforcement of a sale contract with the client;
- 2.For shipping and delivery. When the client chooses to receive the package via parcel terminal or courier, FendaF has the right to disclosure the service providers the personal data of the Client to an extent that is necessary for the delivery process of the product to the Client;
- 3.For invoicing and issuing the invoice to the Client;
- 4.For correspondence with the Client;
- 5.For providing service to the Client, including resolving disputes. All of the personal data of the Client can be processed for providing a service for the Client depending on the service situation;
- 6.For forwarding newsletters and other information sent by FendaF via e-post. The Client has the right to unsubscribe, using the hyperlink in the newsletter or offer;
- 7.For creating a registered Client. In addition, we process the following personal data: purchase history and wish list;
- 8.Uploading the photos sent by the Client to the website, to Facebook or Instagram, in which case the Processor of FendaF processes the photographic material sent by the Client. The Client has the right to ask for the removal of a certain photographic material by sending an e-mail to email@example.com;
- 9.For the protection of FendaF showroom’s people and property, we use security cameras and process video recordings;
Võimaldamaks Kliendil kasutada FendaF’i e-poodi;
- 10.For enabling the Client to use FendaF online shop;
The transfer of personal data to the processors.
FendaF maintains the confidence of the personal data of the client, which are accessible to FendaF through the process of registration and use, and discloses the data to third party only with the consent of the Client, except when the obligation or right for data disclosure comes from legislative acts.
The user of the online shop agrees that FendaF has the right to process their personal data for the purpose of offering the right service, including the disclosure of personal data to people who are connected to FendaF for providing service for the clients.
Security and access to the data
Personal data is kept in servers which are located in the territories of countries that belong to the European Union or EU economic region.
Online shop applies relevant physical, organisational and infotechnical security measures to protect the personal data from accidental or unlawful destruction, loss, alteration or unauthorised access and disclosure.
The rights of the Client for the processing of personal data
The private individual has the following rights, concerning the processing of personal data:
- 1.To submit an application for the rectification of their incorrect personal data, in case it is imprecise, wrong or absent
- 2.To partially or completely withdraw their consent for the processing of personal data (e.g. consent for receiving direct marketing offers).
- 3.To limit the processing of personal data according to the law in force.
- 4.To receive their data which they have submitted and which are processed based on the consent or for signing an agreement, in written form or electronically;
- 5.The right for erasure of data;
- 6.The right to object. FendaF responds to the application of the Client as soon as possible but not later than one month after receiving the application from the Client. When the client submits the application electronically, the information will also be given electronically, if possible, unless the Client requests differently. The Client has the right to turn to data-control authority or the court, in case the Client feels that their rights have been violated.
The retention and erasure of data
In the case of purchases done as a regular client, the data is retained for at least 7 years.
In case of disputes concerning payments and consumers, personal data is retained until the requirements are met or until the limitation date ends after three years.
Personal data which is necessary for accounting is retained for seven years.
When a client account is closed, the personal data is deleted, except for when the data is necessary for accounting or resolving consumer disputes.
Personal data together with the user account saved for the online shop can be deleted in the online shop of FendaF.
Direct mail and marketing
E-post address and phone number are used for sending direct marketing notifications, in case the client has given their permission for it.
If the client does not with to receive direct marketing notifications, they can retreat from them via a hyperlink found in the e-mail.
Cookies are used for analysing the user preferences of e-environments, which makes it possible to make the experience more convenient.
Cookies are small data files which are saved into your computer when visiting a website. Cookies help your browser to be identified automatically in the server of FendaF.
The client can block cookies in their web browser if they wish but this might cause problems when using the website.
Validity and amendments
Data protection conditions are accessible for Clients on the website of FendaF and in the showroom.
FendaF has the right to unilaterally update, clarify and amend the data protection conditions, in accordance with the applied right and by notifying the Client about the changes through the website of FendaF and/or via e-mail.
In case the Client withdraws the consent for data processing, it is not possible to use the regular client account until a new consent is given. The request for deleting data, in the case of a regular client, is handled as a request to cancel the account of the regular client.
Settlement of disputes
Resolving and addressing the disputes concerning the processing of personal data is done through FendaF service and the monitoring agency is the Estonian Data Protection Inspectorate (firstname.lastname@example.org).