PROCESSING OF PERSONAL DATA
The chief processor of personal data of the online store hmkauto.ee is OÜ HMK Auto (registry code 11387918) located at Männiku tee 104A, 11216, Tallinn, phone 6001600 and e-mail firstname.lastname@example.org.
HMK Auto OÜ forwards the personal data necessary for making payments to the authorized processor Maksekeskus AS. ”
What personal data is processed
- name, telephone number and e-mail address;
- delivery address;
- bank account number;
- cost of goods and services and data related to payments (purchase history);
- customer support details.
For what purpose is personal data processed?
Personal data is used to manage customer orders and deliver goods.
Purchase history data (purchase date, goods, quantity, customer data) are used for purchased goods and
to compile an overview of services and analyze customer preferences.
The bank account number is used to return payments to the customer.
Personal information such as email, phone number, customer name is processed in order to settle the goods and
service delivery issues (customer support).
The online address of the online store user or other network identifiers are processed by the online store as
information society services and web usage statistics.
Personal data is processed for the purpose of fulfilling the contract entered into with the customer.
The processing of personal data is carried out in order to fulfill a legal obligation (eg accounting and
consumer dispute resolution).
Recipients to whom personal data are transmitted
Personal information is passed to online store customer support to manage purchases and purchase history, and
to solve customer problems.
The name, telephone number and e-mail address will be forwarded to the transport service chosen by the customer
provider. In the case of goods delivered by courier, they will also be forwarded
contact details also include the customer's address.
If the online store is accounted for by a service provider, personal data will be transferred
service provider to carry out accounting operations.
Personal data may be transferred to IT service providers if necessary
to ensure the functionality or data hosting of the online store.
Security and access to data
Personal data is stored on zone.ee servers located in a Member State of the European Union or the European Union
in the territory of the countries which have acceded to the European Economic Area. Data may be transmitted to countries which:
the level of data protection has been assessed by the European Commission as adequate and for US companies that are
an hour to the Privacy Shield framework.
Online store employees have access to personal data, who can access personal data in order to
to solve technical issues related to the use of the online store and to provide customer support services.
The Online Store implements appropriate physical, organizational and IT security measures to
protect personal data from accidental or unlawful destruction, loss, alteration or unauthorized access
access and disclosure.
Transfer of personal data to authorized processors of the online store (eg transport service provider and
data hosting) takes place on the basis of contracts with the online store and authorized processors. Authorized
processors are obliged to ensure appropriate safeguards for the processing of personal data.
Access to and correction of personal data
Personal data can be accessed and corrections made to the online store's user profile. Once the purchase is made
without a user account, personal data can be accessed via klint support.
Withdrawal of consent
If the processing of personal data takes place on the basis of the customer's consent, the customer has the right to consent
withdraw by notifying customer support via email.
When closing the customer account of the online store, personal data will be deleted, unless such data exists
need to be kept for accounting or consumer dispute resolution purposes.
If the purchase in the online store has been made without a customer account, the purchase history will be stored for three years.
In case of disputes related to payments and consumer disputes, personal data will be kept until the request
until the expiry or expiry of the limitation period.
Personal data required for accounting purposes shall be kept for seven years.
To delete personal information, contact customer support via email. Deletion request
will be answered no later than one month and the period of erasure will be specified.
A request for the transfer of personal data submitted by e-mail will be answered within a month at the latest.
Customer support identifies and notifies you of the personal data that is to be transferred.
Direct marketing communications
The email address and phone number are used to send direct marketing messages when the customer is
has given its consent. If the customer does not want to receive direct marketing notifications, an e-mail must be selected
or contact customer support.
If personal data is processed for the purpose of direct marketing (profiling), the customer has the right to his own
both initial and further processing of personal data, including direct marketing
object to the profiling at any time by notifying customer support email
(the relevant information must be provided clearly and separately from any other information).
Disputes related to the processing of personal data are resolved through customer support
(email@example.com). The supervisory authority is the Estonian Data Protection Inspectorate (firstname.lastname@example.org).