1. GENERAL PROVISIONS
1.1. Malio OÜ, enrolled in the Register of Enterprises of the Republic of Estonia, reg. number 10307490, legal address: Lastekodu 18, Tallinn, Estonia (hereinafter referred to as the Company), is a personal data manager that complies with the requirements of the EU General Data Protection Regulation (EU Directiv 95/46/EC, 2002/58/EC and ETS108/ETS181, ETS185, ETS 189)
1.3. This policy applies to the processing of personal data of all kinds which employees, visitors and customers (hereinafter referred to as personal data subjects) provide on home pages, in e-mail correspondence, digital applications, surveys, contracts and other sources.
1.4. The company guarantees the transparent and honest processing of customer and user personal data.
2. PROCESSING AND USE OF PERSONAL DATA
2.1. By processing personal data, the Company complies with the regulations regardless of the country the user is accessing its resources from.
2.2. One is considered informed that personal data in Estonia can be also processed on the basis of the current national legislation.
2.3. The company informs that by specifying e-mail address, one agrees that it is submitted to the database and a notification / reminder about the initiated and unfinished orders of goods and services can be sent to it from the www.gaismasmarket.lv online store.
2.4. By using the www.valgusmaailm.ee online store, the visitor agrees that Malio OÜ, its trustees and partners, can collect and store data that will allow tracking and selecting:
2.4.1. the total number of the online store visitors;
2.4.2. the number of visitors in each section of the online store;
2.4.3. domain names of the Internet providers serving visitors;
2.4.4. IP addresses;
2.4.5. payment information in case of a transfer (card number and expiration date);
2.4.6. delivery methods for automated filling of repeated orders;
2.4.7. payment history and methods for financial and accounting statements to government agencies;
2.4.8. other data to improve and manage the online store.
2.5. The seller has the right to transfer to third parties the data collected and processed in the online store with the purpose of analyzing statistics and information; in this case, confidential data that could identify the buyer during the process are not revealed or transmitted, except the orders where the type of payment or form of the deal involves a tripartite relationship and the identity of the buyer must be verified.
2.6. The seller does not associate the user's IP address and e-mail with the identifying data, i.e. each user's session is registered, but the online store user remains anonymous.
2.7. All materials that are sent or entered into the online store forms become the property of the seller who in turn is eligible to utilize them for personal use, except for individuals’ data.
2.8. The company has the right to transfer the collected and processed data in order to analyze statistics and information, in cases provided by law, to third parties; in this case, confidential data that could identify the personal data subject in this process is not revealed or transmitted, except the orders where the type of payment or form of the deal involves a tripartite relationship and the identity of the buyer must be verified.
3. OBJECTIVES AND BASES OF DATA PROCESSING
3.1. The company processes personal data for the following purposes:
3.1.1. Reception and processing of orders;
3.1.2. Preparation, conclusion and dispatch of services and remote agreements, invoices and other official documents;
3.1.3. Distribution of useful information and special offers;
3.1.4. Ensuring effective management of the company's resources;
3.1.5. Statistics and market analysis;
3.1.6. Search and personnel management;
3.1.7. Analysis and statistics of purchases for individual offers.
3.1.8. Processing and payment of orders via transfers.
3.2. The company processes personal data on the following grounds:
3.2.1. use of electronic services and company resources;
3.2.2. consent of the personal data subject;
3.2.3. conclusion of remote agreements;
3.2.4. legal obligations set forth in regulations;
3.2.5. protection of interests of personal data subjects
4. TERMS OF PERSONAL DATA STORAGE
4.1.1. within the whole period when the company fulfills its obligations and conducts commercial activities;
4.1.2. due to a legal obligation to store and protect personal data;
4.1.3. due to the agreement of the personal data subject.
5.1. Cookies are text files appearing in the user's browser at an Internet resource to improve the display of information and regular operation of the resource.
5.2. Saved cookies allow to identify your computer and avoid re-entering data when returning to the company's Internet resource.
5.3.1. session management and user authentication sessions;
5.3.2. ensuring functionality of Internet resources;
5.3.3. obtaining statistics on visits and behavior of users of the Internet resource;
5.3.4. improving efficiency of the online resource.
5.5. The company does not associate the user's IP address and e-mail with user identifying data.
5.6. The resource user can delete cookies.
5.7. One can delete all cookies stored on the computer, in this case some services and home page functions may not function.
6. PERSONAL DATA SECURITY
6.1. The Company takes care of personal data protection and respects the buyer's confidentiality in accordance with regulation provisions and other applicable acts regarding personal data processing.
6.2. The Company takes all the necessary organizational, administrative, technical, physical and other security measures in order to secure personal data.
6.3. Personal data processing is conducted by the company to ensure the necessary personal data security and confidentiality, including protection of personal data from unauthorized and illegal processing, accidental loss, and damage or destruction.
6.4. As soon as it becomes aware of a violation of the rules related to personal data protection, the company should immediately notify the supervisor.
7. RIGHT OF REFUSAL TO PROCESS PERSONAL DATA
7.1. In order to obtain information about personal data the company is processing, one has to submit an application in writing to the company's office at the legal address in Tallinn, providing an identity document.
7.2. The personal data subject may request the deletion of personal data, restriction or objection to personal data processing, and corrections of personal data by sending a request at firstname.lastname@example.org.
7.3. The company communicates with the personal data subject by means of the contact information indicated by the subject (phone number, email, address).
7.4. If the right to protect personal data seems violated, you can file a complaint to the corresponding supervisory authority.
8.1. The company has the right to make changes to be published on the official Internet resource or the online store at any time.
Malio OÜ, Reg nr 10307490
Lastekodu 18, Tallinn, Estonia