Processing of Personal Data

• Name;
• Contact information, such as phone number and email address;
• Billing and delivery address;
• Bank account number;
• Cost of goods and services and payment-related data (purchase history);
• Customer support data;
• Other information related to customer surveys and/or offers.

You can read more about the use and storage of cookies here.

• Personal data processing is carried out for the performance of the contract concluded with the customer. Personal data is processed to fulfill a legal obligation (e.g., accounting and resolving consumer disputes).
• Personal data is used to manage customer orders and deliver goods. Purchase history data (purchase date, product, quantity, customer data) is used to prepare an overview of purchased goods and services and to analyze customer preferences.
• The bank account number is used to refund payments to the customer.
• Personal data such as email address, phone number, customer name, are processed to address issues related to the provision of goods and services (customer support).
• The e-store user’s IP address or other network identifiers are processed for the purpose of providing the e-store as an information society service and for generating web usage statistics.

• The merchant keeps the personal data of the customer, which is made known during the user account registration and use, confidential and will disclose it to third parties only with the customer’s consent, except when the obligation or right to disclose data arises from legal acts. The e-store user agrees that the merchant has the right to process their data, including transferring the customer’s data to individuals involved in providing services to the customer. List of authorized processors:
• Google – Personal data (IP, browser, operating system, and other network identifiers) is collected for statistics and analysis to improve the e-store user experience and technical solution.
• Itella – Personal data (name, phone number, and email address) is transferred to the transport service provider chosen by the customer. In case of goods delivered by a courier, in addition to contact details, the customer’s address is also transmitted.
• Pocopay, Maksekeskus, Swedbank, SEB, LHV, Luminor, Coop, Holm Bank AS – Personal data is transmitted to the payment solution provider selected by the customer for storing transaction-related information.
• Hotjar – Personal data (IP, browser, operating system, and other network identifiers) is collected for statistics and analysis to improve the e-store user experience and technical solution.
• Directo – Personal data is transmitted to accounting software service providers for accounting operations.
• Mailchimp – Personal data is transmitted to the e-store newsletter service provider for direct marketing purposes and only with the customer’s consent.
• [Name] – Personal data is transmitted to a service provider for direct marketing purposes and only with the customer’s consent.

• Personal data is stored on Zone Media OÜ servers located in the territory of a member state of the European Union or countries associated with the European Economic Area. Data may be transferred to countries whose data protection level has been deemed adequate by the European Commission, and to U.S. companies that are part of the Privacy Shield framework.
• The e-store implements appropriate physical, organizational, and IT security measures to protect personal data from accidental or unlawful destruction, loss, alteration, or unauthorized access and disclosure.
• The transfer of personal data to the e-store’s authorized processors – personal data processing takes place based on contracts between the e-store and the authorized processors. Authorized processors are required to ensure appropriate safeguards when processing personal data.

• The personal data stored in the e-store can be viewed and corrected in the e-store account management. If the purchase was made as a guest (without a user account), a personal data inquiry can be submitted via email tanel@luxador.ee.

• If personal data processing is based on the customer’s consent, the customer has the right to withdraw consent in their e-store account management.

• When the e-store customer account is closed, personal data will be deleted unless such data needs to be retained for accounting purposes or for resolving consumer disputes.
• If a purchase was made as a guest (without a user account), the personalized purchase history is retained for three years.
• In case of payment and consumer disputes, personal data is retained until the claim is fulfilled or the expiration period ends (three years).
• Personal data required for accounting purposes is retained for seven years.

• Personal data stored in the e-store with the user account can be deleted from the e-store account management.
• For deletion of other personal data, an inquiry can be submitted via email tanel@luxador.ee. A response to the data deletion request will be provided within one month, and if necessary, the period of data deletion will be clarified.

• An electronic extract of personal data stored in the e-store can be requested via email tanel@luxador.ee.
• For transferring other personal data, an inquiry can be submitted via email tanel@luxador.ee. A response to the data transfer request will be provided within one month, where customer support will verify the identity and notify of the personal data applicable to the transfer.

• Email address and phone number are used to send direct marketing notifications if the customer has given the corresponding consent. If the customer does not wish to receive direct marketing notifications via email, they can choose the appropriate link in the email header or contact customer support. If the customer does not wish to receive direct marketing notifications via SMS, they should contact customer support.
• If personal data is processed for direct marketing purposes (profiling), the customer has the right to object to both the original and further processing of their personal data, including the profiling related to direct marketing, at any time by notifying customer support via email.

• Disputes related to the processing of personal data are resolved through customer support (info@luxador.ee). The supervisory authority is the Estonian Data Protection Inspectorate (info@aki.ee).