Privacy policy

1. The controller of personal data is OÜ Innermore (Aasa-Aare, Niidu küla, 87307 Tori vald, Pärnu maakond, registry code 16744518).
2. The processing of personal data is subject to the legislation of Estonia and the European Union.
3. The controller collects the following personal information: name, gender, birthday, personal identification code, phone number, e-mail and purchase history.
4. Among others, personal data is collected and processed for the following purposes: to make purchase analyses, to sell goods and provide services, to serve the client’s loyalty program. The controller has the right to query, analyze, sort, and take samples of personal data in the database.
5. The controller does not disclose the information received by him to third parties.
6. By joining the client program, the client gives consent to the processing of his/her personal data. Personal data transmitted to the controller is protected and treated as confidential information, including information stored on the customer and his/her orders stored in the e-store order environment.
7. The data communication between the client and the banks and the card payment centre is encrypted, which ensures the security of the customer’s personal data and bank details. The data controller does not have access to the client's confidential bank and payment card requisitions.
8. The data controller will implement all measures, including information technology and organizational measures, for the protection of the personal data collected. Access to data editing and processing is restricted to authorized persons.
9. OÜ Innermore may authorize other legal entities (authorized processors) to process personal data, provided that an agreement has been entered with such a processor under which the processor is required to keep the personal data processed as confidential and to ensure the protection of personal data in accordance with the requirements provided by law. Such authorized processors are software development partners, logistics service providers and marketing service providers.
10. The updated list of authorized processors will be made available to the client by OÜ Innermore on the basis of a client’s request submitted to the e-mail address info@innermore.eu , as well as on the website’s privacy policy sub-page.
11. The customer has the right to get information and check his/her personal data, request access to the personal data, request corrections to the personal data, request limiting the personal data, request the deletion of personal data, request the transfer of personal data, rights relating to the automated processing of data, right to an evaluation by a supervisory authority. The customer also has a right to renege on his/her permission to process personal data. To get information and to check his/her personal data, the client should send a written application to info@innermore.eu.
12. The controller of personal data may send newsletters to the client, including satisfaction surveys and offers to the client’s e-mail address or via SMS only if the client has given prior consent at the time of joining the client program or in the self-service environment.
13. The client can at any time cancel the offers and newsletters by emailing it to info@innermore.eu or by following the instructions in the email.
14. The client can at any time check his/her personal information by sending an email to info@innermore.eu In order to delete personal information collected, the client shall submit a written request to info@innermore.eu. The data controller changes and/or deletes the client data after the client has been identified.
15. The deadline for maintaining client’s personal data is five years from the last purchase.
16. In the event of personal data being processed for a new purpose, different from the purpose for which the data was initially collected, or if collection of the data is not based on the subject’s consent, OÜ Innermore will carefully consider the permissibility of such processing. In order to determine whether processing of personal data for a new purpose is compliant with the purpose for which the personal data was initially collected, OÜ Innermore will, among other things, consider:
    (1) Connections between the purposes for which the personal data was collected and the purposes of the intended further processing;
    (2) The context of collection of the personal data, primarily the connection between the data subject and OÜ Innermore;
    (3) The type of the personal data;
    (4) The potential consequences of the intended further processing for the data subjects;
    (5) Existence of relevant security measures.

OÜ Innermore may make unilateral amendments to the terms and conditions of the privacy policy pursuant to the law. Any amendments will be communicated by OÜ Innermore to the data subjects on the website of OÜ Innermore or in another manner.