Processing of personal data

The personal data controller of the online store https://cbweedlatvia.lv is “SIA IGONUS”.

What personal data is processed?

– name, telephone number and e-mail address;

– delivery address of the goods;

– Bank Account Number;

– costs of goods and services and data related to payments (purchase history);

– customer support data.

For what purposes is personal data processed?

Personal data is used to manage customer orders and deliver goods.

Purchase history (purchase date, product, quantity, customer data) is used to report purchased goods and services and analyze customer choices.

The bank account number is used to refund payments to the customer.

Personal data such as email address, phone no. and the customer’s name is processed to resolve issues related to the provision of goods and services (customer support).

The online store user IP address or other network identifiers are processed by the online store (as an information society)
for the purpose of providing the service and for compiling statistics on the use of the site.

Legal basis

The processing of personal data takes place for the purpose of fulfilling the contract concluded with the customer.

The processing of personal data is for the purpose of fulfilling legal obligations (eg for accounting purposes and for resolving consumer disputes).

Recipients to whom personal data are sent

Personal data is sent to the online store’s customer support service to administer purchase and purchase history and resolve customer issues.

The name, telephone number and e-mail address are sent to the transport service provider of the customer’s choice. If the product is delivered by courier, then the customer’s address is sent along with the contact information.

If the accounting of the online store is performed by the respective service provider, then the personal data is sent to the service provider for accounting.

Personal data may be sent to IT service providers if this is necessary to provide the functionality of the online store or the data storage service.

Security and data access

Personal data is stored on Veebimajutus.ee servers located in the territory of the European Union or European Economic Area member states. Data may be transferred to countries where the European Commission has assessed the level of data protection as adequate, as well as to US companies that have joined the Privacy Shield .

Access to personal data is available to online store employees, who can access personal data to resolve technical issues related to the use of the online store, as well as to provide customer support.

The Online Store takes appropriate physical, organizational and IT security measures to protect personal data from accidental or unlawful destruction, loss, alteration or unauthorized access and disclosure.

The transfer of personal data to the processors of the online store’s personal data (for example, transport or data storage service providers) takes place on the basis of agreements concluded between the online store and the processors. Processors have an obligation to ensure appropriate safeguards when processing personal data.

Access to and correction of personal data

It is possible to get acquainted with personal data and make corrections in the user profile of the online store. If the purchase is made without
user account, personal data can be accessed through the customer support service.

Storage

With the closure of the online store’s user account, personal data is deleted, unless such data needs to be retained for accounting or consumer dispute resolution purposes.

If the purchase in the online store is made without a customer’s account, then the purchase history is stored for three years.

In the event of a dispute between payments and consumer disputes, the personal data shall be kept until the claim is satisfied or the limitation period expires.

The personal data required for accounting are stored for seven years.

Deletion

Personal data can be deleted by logging in to your online store account and selecting the “My Account” menu.

To delete personal data, you can also write to e-mail: info@cbweedlatvia.lv

Transfer

Requests for the transfer of personal data submitted by e-mail will be answered within one month at the latest. The customer support service verifies the identity of the person and announces the personal data that is to be transferred.

Direct marketing announcements

Email address and phone number are used to send direct marketing communications if the customer has given their consent. If the customer does not wish to receive direct marketing notifications, they should click on the appropriate link in the footer or contact customer support.

If personal data is processed for direct marketing purposes (profiling), the customer has the right to object to the initial and further processing of his personal data, including profiling in connection with direct marketing, by informing the customer support service via e-mail (the relevant information must be provided clearly and separately from any other information ).

Dispute settlement

Disputes related to the processing of personal data are resolved through the customer support service (CONTACT INFORMATION). The supervisory authority is the Estonian Data Protection Inspectorate.

Privacy Policy Terms and Amendments

By using our website or by completing a Loyal Customer Application, you acknowledge that you have read and agree to these terms and conditions. We reserve the right to change the general terms and conditions of the privacy policy, if necessary, by informing all regular customers and providing access to the latest privacy policy on our website.

In connection with any questions or problems related to the privacy policy or data processing, please contact us by writing to the e-mail address: info@cbweedlatvia.lv