Conditions for the processing of personal data

Personal data controller

The responsible data controller for the processing of personal data of visitors and customers of the online store (hereinafter referred to as the online store) is PureHarmony OÜ.
Reg. Code 16447861
Address Veeriku 8–23, Tartu, 50407, Estonia
Phone: +372 53733501

Dispute Resolution

In the event of disagreements or disputes regarding the processing of personal data the parties, first of all, try to reach an agreement through negotiations. If the disputes arising from the contract have not been resolved through negotiations, the customer may submit a claim with the court or the Personal Data Protection Inspectorate.
Data Protection Inspectorate:
Tatari 39, Tallinn, 10134
tel: 627 4135

Purposes of data processing

– Conclusion and perfomance of contracts, including processing incoming orders and arranging delivery;
– With the prior consent from customers, direct marketing to customers and registered users for the purpose of sending news and special offers;
– Analysis and profiling of users of online store to improve the quality of services;
– In other cases, when the online store has a legitimate interest.

Legal Basis for personal data usage

– For the conclusion and perfomance of a contract between PureHarmony OÜ and the customer;
– Legitimate interest of PureHarmony OÜ;
– Obtained consent for the processing of personal data;
– To fulfill the obligations arising from legislation.

Whose personal data is processed

PureHarmony OÜ collects and uses the necessary personal data of customers who have placed an order and / or registered on the website of the online store.

Data for processing

Name, surname, contact information (address, phone, e-mail), payment details, order history, browsing history, email correspondence, data of representatives and suppliers data.

Third parties receiving personal data

PureHarmony OÜ transfers the necessary personal data of customers to:
– postal and delivery services (Omniva, SmartPost, DPD) for the purpose of order delivery;
– payment center Montonio Finance OÜ for payment processing;
– debt collection companies (in case of customer debt), and the payment default registry;
– legal service providing for consultation services related to customer relations;
– Supervisory and law enforcement authorities in accordance with the requirements and scope of the legislation.
The online store does not transfer the personal data of its customers to third countries.

Retention period of personal data

Customer data is processed throughout the duration of the contract, and for 3 years after the last order. After that, the data is deleted. If there is a legal obligation to observe a longer retention period, the online store complies with the requirements of the legislation.
In the case of consent for marketing communications, the online store processes personal data until the consent is withdrawn.

Security of personal data

To ensure the security and confidentiality of data, we use strong passwords, encryption, and two-factor authentication. Additionally, the system is protected by Kaspersky Internet Security antivirus.

Client rights

Customers have the right to:
– contact us to inquire about the personal data being used;
– request correction or supplementation of data if it is incomplete or incorrect;
– limit the processing of their data;
– object to the processing of personal data;
– request the transfer of their personal data;
– opt-out of receiving marketing communications;
– withdraw consent for the processing of personal data, if it does not contradict the legislation;
– request the cessation of processing or deletion of their personal data, if it does not contradict the legislation.
In the case of a request, the online store undertakes to respond within 30 days.

Changes to the privacy policy

The online store may unilaterally change the conditions for the processing of personal data. The latest version can be found on the online store’s page Terms of Use and Privacy Policy.