info@hydroxy.health +372 56 454 181
Privacy Policy
Personal Data Processing
The responsible processor of personal data for the online store www.hydroxy.health is HK Lifestyle Capital OÜ (registry code 17287023), located at Pirni tn 6, Aruküla alevik, 75201, tel 56454181 and e-mail info@hydroxy.health
What Personal Data We Process
− name, phone number and e-mail address;
− parcel locker location− bank account number;
− cost of goods and services and payment-related data (purchase history);
− customer support data.
Purpose of Personal Data Processing
Personal data is used for managing customer orders and delivering goods. Purchase history data (date of purchase, goods, quantity, customer data) is used to compile an overview of purchased goods and services and to analyze customer preferences. The bank account number is used to refund payments to the customer if necessary. Personal data such as e-mail, phone number, customer name, are processed to resolve issues related to the provision of goods and services (customer support). The IP address or other network identifiers of the online store user are processed for the provision of the online store as an information society service and for generating website usage statistics.
Legal Basis
Personal data is processed for the purpose of fulfilling the contract concluded with the customer. Personal data is processed to fulfill a legal obligation (e.g., accounting and resolution of consumer disputes).
Recipients of Personal Data
Personal data is transferred to the online store’s customer support for managing purchases and purchase history and resolving customer issues.
Name, phone number, and e-mail address are transferred to the transport service provider selected by the customer. If the goods are delivered by courier, the customer’s address is also transferred in addition to the contact details.
If the online store’s accounting is handled by a service provider, personal data is transferred to the service provider for accounting operations.
Personal data may be transferred to information technology service providers if necessary to ensure the functionality or data hosting of the online store.
Security and Data Access
Personal data is stored on hhoestonia.com servers located in the territory of a European Union member state or countries associated with the European Economic Area. Data may be transferred to countries whose data protection level has been deemed adequate by the European Commission, and to US companies that have joined the Privacy Shield framework.
Access to personal data is granted to online store employees who can view personal data to resolve technical issues related to the use of the online store and provide customer support services.
The online store implements appropriate physical, organizational, and information technology security measures to protect personal data from accidental or unlawful destruction, loss, alteration, or unauthorized access and disclosure.
The transfer of personal data to authorized processors of the online store (e.g., transport service provider and data hosting) takes place based on agreements concluded between the online store and the authorized processors. Authorized processors are obliged to ensure appropriate protective measures when processing personal data.
Retention
Upon closing an online store customer account, personal data is deleted, except in cases where such data needs to be retained for accounting purposes or for resolving consumer disputes.
If a purchase has been made in the online store without a customer account, the purchase history is retained for three years.
In the event of disputes related to payments and consumer disputes, personal data is retained until the claim is fulfilled or the statute of limitations expires.
Personal data required for accounting is retained for seven years.
Deletion
To delete personal data, please contact customer support via e-mail. Deletion requests will be answered within one month at the latest, and the exact time of data deletion will be specified.
Direct Marketing Communications
The e-mail address and phone number are used for sending direct marketing messages if the customer has given their consent. If the customer does not wish to receive direct marketing messages, they should select the corresponding link in the e-mail footer or contact customer support.
If personal data is processed for direct marketing purposes (profiling), the customer has the right to object at any time to the initial and further processing of their personal data, including profiling related to direct marketing, by notifying customer support via e-mail. (such information must be presented clearly and separately from any other information).
Dispute Resolution
Disputes related to the processing of personal data are resolved through customer support (tel 56454181, email info@hydroxy.health). The supervisory authority is the Estonian Data Protection Inspectorate (info@aki.ee).