Privacy Policy

General settings 

  • This privacy policy regulates the principles regarding the collection, processing and storage of personal data. Personal data is collected, processed and stored  by the responsible personal data processor Linen Nordic OÜ, registry code  16139332, address Pärnu mnt 82-25, Tallinn, Harjumaa, 10131 (hereinafter the  data processor). 
  • A data subject in the sense of the privacy policy is a customer or other natural  person whose personal data is processed by the data processor. A customer in  the sense of the privacy policy is anyone who buys goods or services from the  website of the data processor. 
  • When placing an order from the online store of the data processor, the data  subject agrees to the terms of this privacy policy by checking the corresponding  box in the order. 
  • The data processor complies with the principles of data processing stipulated in  legislation, among other things, the data processor processes personal data  legally, fairly and securely. The data processor is able to confirm that personal  data has been processed in accordance with the provisions of legislation. 
  • The personal data that the data processor collects, processes and stores is  collected electronically, mainly through the website when placing an order and  via e-mail. The personal data of the data subject entered by the data subject  when submitting the order are entered into the customer register and are used to  fulfill the sales contract and offer products to the data subject. 
  • By sharing his personal data, the data subject gives the data processor the right  to collect, organize, use and manage personal data for the purposes specified in  the privacy policy, which the data subject directly or indirectly shares with the  data processor when purchasing goods or services on the website. 
  • The data subject is responsible for ensuring that the data provided by him is  accurate, correct and complete. Knowingly providing false information is  considered a violation of the Privacy Policy. The data subject is obliged to immediately notify the data processor of changes in the provided data. • The data processor is not responsible for damage to the data subject, or third  parties caused by the data subject providing false information.

Processing and storage of customers’ personal data 

  • The data processor processes the following personal data of the data subject: 
  • first and last name; 
  • phone number; 
  • e-mail address; 
  • delivery address; 
  • payment method; 
  • purchase history; 
  • Bank account number; 
  • payment card details; 
  • IP address. 
  • The Data Processor cannot see the Data Subject’s bank card details. To  complete the transaction, the client is directed to the secure environment of  Montonio Finance OÜ. At the time of payment, the client’s card data is entered  into the database located on the server of Montonio Finance OÜ, and the data is  stored on the server of Montonio Finance OÜ. The data processor is not  responsible for the use of data by Montonio Finance OÜ. 
  • In addition to the above, the data processor has the right to collect data about  the customer that are available in public registers. 
  • The legal basis for the processing of personal data is Article 6(1)(a), (b), (c) and (f)  of the General Regulation on the Protection of Personal Data: 
  1. a) the data subject has given his consent to process his personal data for one or more  specific purposes; 
  2. b) the processing of personal data is necessary for the performance of a contract  concluded with the participation of the data subject or for taking measures prior to the  conclusion of the contract in accordance with the request of the data subject; c) the processing of personal data is necessary to fulfill the legal obligation of the data  controller; 
  3. f) the processing of personal data is necessary in case of a legitimate interest of the  data controller or a third party, unless such interest is outweighed by the interests of  the data subject or the fundamental rights and freedoms for which personal data must  be protected, especially if the data subject is a child.
  • The source of personal data and the basis of their processing is the creation of a  customer relationship when registering an order in the e-shop under the terms of  use. The processing of personal data is a condition of the contractual  relationship. 

Purpose and storage of personal data processing 

Purpose 

  • Personal data is used/processed to manage customer orders and deliver goods.  Purchase history data (purchase date, product, quantity, customer data) is used  to create an overview of purchased goods and services and to analyze customer  preferences. The bank account number is used to return payments to the  

customer. Personal data such as e-mail, phone number, customer name are  processed in order to resolve issues related to the provision of goods and  services (customer support). The online store user’s IP address or other network  identifiers are processed for the provision of the online store as an information  society service and for online usage statistics. 

Storage 

  • The data processor stores the data of data subjects depending on the purpose of  the processing. 
  • Upon closing the customer account of the online store, personal data will be  deleted, except in cases where it is necessary to keep such data for accounting  purposes or to resolve consumer disputes. 
  • If a purchase is made in the online store without a customer account, the  purchase history is stored for three years. 
  • In the case of disputes related to payments and consumer disputes, personal  data will be stored until the claim is fulfilled or the expiration date expires.