Privacy
This privacy policy applies to the processing of personal data by Sky Haldus Oü, legal entity code 12341947, Pärnu mnt 22, Tallinn, 10141, Estonia, phone +37258600387, e-mail support@theawesome.com (also the Controller) and individuals processing personal data under its authority. This policy provides information as required by the General Data Protection Regulation of the European Union 679/2016 (GDPR) and describes the practices and purposes of personal data processing at Sky Haldus Oü.
Sky Haldus Oü processes personal data in accordance with the GDPR and applicable national law. This privacy policy is intended to help us make personal data processing lawful, fair, transparent, secure, accurate and limited to necessary purposes. Unless otherwise specified, terms and definitions in this privacy policy are used in accordance with Article 4 of the GDPR.
1. Aim of the personal data that we collect
TO PROVIDE AN ORDER AND CONCLUDE PURCHASE AGREEMENT
Basic personal information is processed regarding the person to verify the identity of the person and to complete the payment. For this aim, we may process your name, surname, e-mail, address, city postcode, phone number, credit card details (number, expiration date, CVC code).
TO DELIVER GOODS
In relation to delivery of goods, we process transportation addresses and names and identity of the clients.
YOUR COMMUNICATION WITH US>
We may collect and process your communication with us. When you contact us via phone or e-mail we also process the content of our communication to provide an adequate reply to your inquiry.
WARRANTY AND RETURNS
We may process your name, surname, address, city postcode, phone number, e-mail, information about the purchased product, purchase details, information related to product defect for the purpose of providing you with the warranty services.
In case you decide to return purchased goods, you will have to provide your name, surname, address, city, postcode, e-mail, phone number, information about the purchased product, purchase details, information related to product defect. We will process this personal data in order to handle your product return requests.
LEGAL OBLIGATIONS
Purchase and transaction data is necessary for our book-keeping, after sale warranty, accounting, tax declaration and business administration purposes as we comply with relevant legal obligations.
DIRECT MARKETING
Your e-mail and home address are required to send you direct marketing letters.
2. Legal basis of processing personal data
AGREEMENT
Customer identification data (name, surname, e-mail, address, city postcode, phone number) are generally processed to provide customers with our basic services. Your purchases of goods and services at the terms offered by us constitute a legal agreement and to implement it, we need the information that allows us to process and implement the transaction. In such case the legal ground for processing of personal data would be the execution of the purchase agreement.
LEGAL OBLIGATIONS
Purchase and transaction data is necessary for our book-keeping, after sale warranty, accounting, tax declaration and business administration purposes as we comply with relevant legal obligations. In such case the legal ground for processing of personal data would be Controller’s legal obligation.
CONSENT
We will send you direct marketing letters only if you will provide us with your consent to receive such letters. You will be able to revoke such consent at any time.
3. Periods of storing your personal data
We keep personal data only as long as it is necessary or required in relation to the purpose of their processing, but no longer than 10 years after the execution of the order.
With regards to the direct marketing letters, we undertake at least once in two years, starting from the day on which you have placed an order in our e-shop, to verify the relevance of personal data by contacting you by e-mail. If we receive information indicating that you no longer wish to receive direct marketing letters or it is not possible to contact you as well as verify the relevance of personal data regarding direct marketing, such personal data shall be immediately deleted and not processed anymore.
4. Sharing of your personal data
Your personal data will not be disclosed to any persons, except for the Controller’s partners, without whom the services described in this Privacy Policy cannot be provided smoothly. Such persons may include database software providers, database and website administration service providers, cloud service providers, payment institutions, couriers, etc.
Your personal data may also be disclosed to government or law enforcement agencies, such as the police or supervisory authorities, but only at their request and only when required by applicable law or to ensure our rights or the safety of our customers, employees and resources.
Your personal data might be transferred to the third countries – in such case the data transfer will be permitted under an adequacy decision by the European Commission or the appropriate safeguard measures will be applied in accordance with the requirements of the applicable law. In case you would like to receive a copy of such safeguard measures – please contact us using requisites indicated in this document.
5. Consequences in case personal data is not provided
You have the right to refuse to provide your personal data, but the provision of your personal data is necessary to implement the purposes specified in this Privacy Policy, so if you do not provide your personal data, we will not be able to set the order and conclude the purchase agreement with you.
6. Your Rights
You can exercise your rights as a data subject by contacting us at support@theawesome.com. We will provide relevant replies and/or records without undue delay. We will provide you a confirmation of the actions we have taken in response to your request (for example, confirmation of deletion). We will also let you know if we cannot fulfil a certain request, as well as the reasons behind such a decision. We reserve the right to reject requests that are unreasonably repetitive, excessive or clearly unfounded.
RIGHT TO WITHDRAW CONSENT
The customer can withdraw his or her consent to processing of personal data at any time and at no cost. After the withdrawal of the consent, we will stop activities and services associated with the consent.
RIGHT TO ACCESS
When requesting access to your information, we will inform you whether or not we are processing personal information about you. Upon request, we submit you a copy of the personal data processed. The right to access comprises the right to make more detailed inquiries about the purpose, extent and terms of the processing.
RIGHT TO CORRECT DATA
You have the right to fill in incomplete personal information and also correct information. For instance, when you need to change your contact data or you have changed your name, we will correct that information in our databases at your request.
RIGHT TO ERASURE
You have the right to request the removal of your personal data from our database. Your data will be deleted if there is no further legitimate basis for processing.
RIGHT TO RESTRICT OR LIMIT THE PROCESSING
You may have the right to limit the processing of your personal data when you have contested the accuracy of the data. While you have requested such limitation, we will not, as a rule, process your information except by retaining the information.
RIGHT TO DATA PORTABILITY
You have the right to receive your data in machine-readable form and transfer data from one system to another when processing is based on consent or agreement.
RIGHT TO OBJECT
We process some of your personal information on the basis of legitimate interest as part of our business. When we do so, we have concluded that such processing does not violate the protection of your personal information. You have the right to object to such processing of your personal data and we will stop processing your data if our legitimate interests are overridden by your interests or rights and freedoms.
RIGHT TO LODGE A COMPLAINT OR INQUIRY
If you consider that we do not process your personal data in accordance with the EU's general data protection regulation or applicable national law, you can file a complaint with the supervisory authority (the list of entities can be found here – https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm).