The managing body of personal data of this online shop at Estonian-Horses.com is the Estonian company Log Horse OÜ (reg. no. 12039208), located at Villema farm, Nehatu village, 90123 Lääneranna parish, Pärnu county, Estonia. The managing body has designated Kristjan Korsten as its data protection officer. You can reach Kristjan by phoning +372 5787 8389 or by writing an email to firstname.lastname@example.org.
What kind of personal data do we process?
- Names, phone numbers and email addresses,
- Delivery addresses,
- Bank account numbers,
- Costs of goods and services and data related to payments (purchase history),
- Customer support data.
Why is personal data being processed?
Generally speaking, personal data are used to manage customers’ orders and to deliver the ordered goods. More specifically:
- Purchase history details (date of purchase, goods, quantity, customer’s data) are used for preparing summaries of goods and services purchased and for analysing customer preferences.
- Bank account numbers are used to reimburse payments to the customer when needed.
- Personal data such as email addresses, phone numbers and customers’ names are processed to handle any issues relating to the provision of goods and services (generally, for customer service).
- IP addresses and/or other web identifiers of a user of this online shop are processed for the provision of statistics.
Personal data are processed for the purpose of executing a contract with the customer. Personal data are also processed for fulfilling legal obligations (such as accounting and the settlement of customer complaints).
Recipients of personal data
Personal data are transmitted to customer service personnel of this online shop for managing purchases and purchase history and for settling any issues that customers may have.
Names, phone numbers and email addresses are forwarded to the delivery service provider selected by the customer. When goods are delivered by a courier, the customer’s address is also forwarded together with other contact details.
Security and access to data
All of our data are stored on servers located on the territory of a member state of the European Union. Data may be transferred only to the countries whose data protection levels have been assessed as adequate by the European Commission and to the companies in the USA who have joined the Privacy Shield framework.
Personal data can be accessed by the staff of this online shop in order to settle technical issues related to the use of the online shop and to provide customer support.
This online shop takes appropriate physical, organisational and IT security measures to protect personal data against accidental or unlawful destruction, loss, alteration or unauthorised access and disclosure.
Access to and rectification of personal data
Personal data can be accessed and rectified in the user profile of the online shop, if this feature is activated. When a purchase has been made without a user account, personal data can be accessed through customer support.
Withdrawal of consent
Where personal data are processed on the basis of the customers’ consent, they have the right to withdraw their consent. This is done by notifying customer service by email (email@example.com).
Personal data are erased upon the closure of a customer account in the online shop, unless the storage of the data is necessary for accounting purposes or for settlement of consumer disputes. For online purchases made without a customer account, the purchase history is stored for three months.
In the event of disputes concerning payments and other consumer disputes, personal data are stored until the issue has been cleared or until the end of the limitation period.
Personal data needed for accounting purposes are stored for seven years.
For the erasure of the personal data, customer support must be contacted via email (firstname.lastname@example.org). Requests for erasure are responded to within one week and the period of erasure will be no longer than two weeks.
Requests for forwarding personal data are submitted by email are responded to within one week. Customer service personnel will always properly identify the person making the request and decided what information they have a right to have access to.
Direct marketing messages
Email addresses and phone numbers can only be used for direct marketing messages if the customer has given an explicit consent. If a customer no longer wants to receive direct marketing messages, he/she should click on the relevant link that is at the footer of each direct marketing message or contact customer service by email (email@example.com).
Where personal data are processed for direct marketing purposes (profiling), the customer has the right to object at any time both to the initial and further processing of his/her personal data. The customer should notify customer service of his/her objection by writing to firstname.lastname@example.org.
Disputes concerning the processing of personal data are settled through customer service at Barefoot Baltics who can be contacted by writing to email@example.com or by phoning +372 5787 8389. The supervisory authority for this online shop is the Estonian Data Protection Inspectorate. They can by contacted by writing to firstname.lastname@example.org. This online shop is subject to all laws of the Republic of Estonia.