Femtech.boutique privacy policy
1.02.2023
Femtech.boutiuqe webshop (operating under Live Travel & Productions OÜ company), hereinafter FB, has committed to treating the company’s customers’ personal data, respecting all their rights. Based on this, the company has developed the main principles of privacy policy regarding the collection, use, disclosure, transfer and storage of customer data.
- NOTIONS
1.1. A data subject is a natural person about whom FB has information, or the information that can be used to identify a natural person. Data subjects are, for example, customers, collaborators, and employees as natural persons whose personal data FB has received.
1.2. Privacy policy is this text, which sets out the principles for the processing of personal data at FB.
1.3. Personal data is any information related to an identified or identifiable natural person.
1.4. The processing of personal data covers any act performed with a data subject’s personal data, including collection, recording, organisation, storage, alteration, disclosure, providing access to them, conducting queries and retrievals, usage, transferring, cross-usage, merging, closure, deleting, or destroying personal data, or several of the above mentioned operations, regardless of the manner in which the operations are performed and the means used.
1.5. A customer is any natural or legal person who uses or has expressed an interest in using FB’s services.
1.6. A contract is an agreement concluded between FB and a customer to provide services, or some other agreement.
1.7. Website – www.femtech.boutique is FB´s website.
1.8. A visitor is a person who uses FB’s website.
1.9. A child is, in the context of personal data processing, a person under the age of 13 in the Republic of Estonia.
1.10. Services – all kinds of services and products provided by FB.
1.11. Cookies are data files that are sometimes saved on the device of a website visitor.
1.12. FB’s data protection specialist is a person who follows the implementation of the principles for the processing of personal data, and with whom any data subject can contact in case of complaint.
1.13. Sales channels are FB’s ways to communicate with data subjects, tools created for selling goods and services, incl e-mail, telephone, public and social media, various chat lines, individualized and interactive adverts, and other similar tools on websites and in other places.
1.14. Product portfolio includes FB’s various products and services, the list of which is available on the company’s website www.femtech.boutique.
In the privacy policy, the contract, the general terms and in communication between the parties, these notions are used in the sense indicated above.
- GENERAL TERMS
2.1. FB is a legal person Live Travel & Productions OÜ, with the registry code 12549205, located at Lauliku 77, Tallinn, Estonia.
2.2. At FB, personal data can be processed:
2.2.1. by a responsible processor, when the purposes and means of processing have been specified;
2.2.2. by an authorized processor according to the instructions of the person responsible;
2.2.3. by a receiver to whom personal data are transferred.
2.3. The privacy policy applies to the data subjects; the rights and obligations specified in the privacy policy are in force for all FB’s employees and partners to whom the personal data collected by FB are available.
2.3.1. The privacy policy may be supplemented by privacy notices published on the website or on the devices, and they may amend or supplement the privacy policy.
- PRINCIPLES
3.1. FB always favors the interests, rights and freedoms of data subjects when processing their personal data.
3.2. FB’s goal is to provide responsible processing of personal data, which is based on best practice, bearing in mind that the company is always ready to demonstrate the compliance of the processing of personal data with the purposes set.
3.3. FB’s all processes, instructions, operations and activities related to processing personal data are based on the following principles:
3.3.1. Legality. In case of processing personal data, there is a legal basis for this, for example a consent.
3.3.2. Fairness. The processing of personal data is fair, requiring, first of all, that the data subject has sufficient information on how their personal data are processed.
3.3.3. Transparency. The processing of personal data is transparent to the data subject.
3.3.4. Purposefulness. Personal data is collected for precisely and clearly defined and legitimate purposes and will not be processed later in a way that does not conform to these purposes.
3.3.5. Correctness. The personal data are correct and, if necessary, updated, and all reasonable steps will be taken to delete or correct the personal data which are incorrect from the point of view of the purpose for processing personal data.
3.3.6. Principle of restricted storage – personal data shall be stored in a form that allows data subjects to be identified only for as long as it is necessary to fulfil the purpose for which the personal data is processed. This means that, if FB wishes to keep personal data longer than it is necessary for the purpose, the company will anonymize the data so that the data subject is no longer identifiable. As for the data received by FB through customer relationship or similar relations, the company will keep them in accordance with best practices and will retain the data processed on the basis of consent until the consent is withdrawn.
3.3.7. Reliability and confidentiality. Processing of personal data is carried out in a manner that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by using reasonable technical or organizational measures. FB has both internal instructions and rules for employees and separate contracts with each authorized data processor, providing best practices, ongoing risk assessment and relevant technical and organizational measures for processing personal data.
- COMPOSITION OF PERSONAL DATA
4.1. FB shall collect, inter alia, the following types of personal data:
4.1.1. personal data given to FB by the data subject (name, e-mail address, postal address, phone number);
4.1.2. personal data resulting from normal communication between the data subject and FB;
4.1.3. personal data made clearly public by the data subject (e.g. in social media);
4.1.4. personal data generated when using services (e.g. when buying in FB’s online shop);
4.1.5. personal data resulting from the visit and use of the website (e.g. the time spent on the website);
4.1.6. personal data received from third persons;
4.1.7. personal data created and combined by FB (correspondence or the list of the order history in the context of customer relationships).
- COMPOSITION OF PERSONAL DATA. PURPOSES AND GROUNDS FOR THEIR PROCESSING
5.1. FB processes personal data only by consent of the data subject or by law.
5.2. By consent, FB processes personal data exactly within the limits, scope and purposes specified by the data subject. As regards consents, FB’s acts are based on the principle that each consent must be clearly distinguishable from other questions, in an understandable and easily accessible form, in a plain and simple language. The consent may be given in writing, electronically or orally. The data subject gives consent voluntarily, specifically, deliberately and unequivocally, for example by ticking the box on the website.
5.3. A legitimate interest is FB’s interest in managing and running its own business, to offer the best possible services on the market. Under law, FB will process personal data only after careful evaluation, to determine that the company has a legitimate interest, the processing of personal data is necessary and in accordance with the interests and rights of the data subject. In particular, the processing of personal data on the basis of legitimate interest may take place for the following purposes:
5.3.1. to ensure trustworthy customer relationships, for example the processing of personal data, which is strictly necessary to identify actual beneficiaries or prevent fraud;
5.3.2. to manage and analyze the customer base to improve the availability, range and quality of the services and products, and to provide the best and most personalized offerings with the customer’s consent;
5.3.3. to collect identifiers and personal data when using webpages, mobile applications and other services. FB uses the data collected to conduct web analysis, analysis of mobile phone services and information society services, to ensure and improve activities, do statistics, analyze visitor behavior and user experience, and to provide better and more personalized services;
5.3.4. to do customer and visitor satisfaction surveys and measure the effectiveness of marketing activities;
5.3.5. to analyze customer and visitor behavior on different sales channels and webpages;
5.3.6. to monitor services – FB can save notices and orders made both in its premises or by means of telecommunication (e-mail, telephone, etc.), as well as information and other activities performed by FB, and, if necessary, use them to prove orders or other operations;
5.3.7. when considering network, information and cyber-security, for example to fight against piracy, to secure the websites, to make and maintain backup copies;
5.3.8. to compile, submit or defend legal claims.
5.4. To fulfil obligations arising from law, FB shall process personal data for the purpose of fulfilling obligations provided by law or applying the ways of usage permitted by law. For example, the law imposes obligations to process payments or follow the money laundering rules.
5.5. If the processing of personal data is for a purpose other than that for which the personal data was originally collected or is not based on the consent of the data subject, FB will carefully evaluate the admissibility of such new processing.
- DISCLOSURE OF AND / OR TRANSFER OF PERSONAL DATA TO THIRD PERSONS
6.1. FB cooperates with persons to whom the company may transfer data relating to data subjects, including personal data, in the framework and for the purpose of cooperation.
6.2. These third persons may be, for example:
persons mediating or providing postal services, IT partners, service providers for debt collection, payment failure registries, institutions and organizations, provided that:
6.2.1. their purpose and the processing are legal;
6.2.2. personal data processing is carried out in accordance with FB’s instructions and under a valid contract.
- SECURITY MEASURES FOR PROCESSING PERSONAL DATA
7.1. FB shall store personal data only for the strict minimum necessary time. Personal data, the expiry date of which has passed, will be destroyed, using best practices and in accordance with the procedures established by FB.
7.2. FB has established instructions and procedures on how to ensure the security of personal data through using both organizational and technical measures.
7.3. In the event of any incident involving personal data, FB will take all necessary measures to mitigate the consequences and avoid all relevant risks in the future. Among other things, FB shall register all incidents and inform the Data Protection Inspectorate and the data subject directly.
- PROCESSING CHILDREN’S PERSONAL DATA
8.1. FB shall not knowingly collect information about persons under the age of 13, or children, and if we do so knowingly, we will consider the wishes of the parent or guardian.
8.2. If FB becomes aware that the company has collected some personal data from a child or about a child, the company will do its best to terminate the processing their personal data.
- RIGHTS OF THE DATA SUBJECT
9.1. Rights related to the consent:
9.1.1. The consent to allow the processing of personal data may be withdrawn by the data subject at any time.
9.1.2. The consent to receive FB´s newsletter can be withdrawn through the link below the newsletter.
9.2. As regards the processing of personal data, the data subject also has the following rights:
9.2.1. The right to receive information, or the right of the data subject to obtain information about personal data collected on them.
9.2.2. The right to access data that inter alia includes the data subject’s right to a copy of their personal data processed.
9.2.3. The right to demand the correction of inaccurate data.
9.2.4. The right to delete data, that is, in a certain case, the data subject has the right to require that personal data be deleted, for example, if processing is done only on the basis of their consent.
9.2.4.1. In this case, the opportunity to participate in FB’s loyalty program will also end, as the client is no longer identifiable.
9.2.5. The right to demand limitation of processing personal data. This right arises, inter alia, if the processing is not authorized by law or if the data subject disputes the accuracy of their personal data. The data subject has the right to demand that the processing of personal data be restricted for a period that allows the responsible person to check the accuracy of personal data, or when the processing of personal data is unlawful, but the data subject does not request the deletion of their personal data.
9.2.6. The right to a supervisory authority’s assessment of whether the processing of personal data of the data subject is lawful.
- EXERCISING RIGHTS AND SUBMITTING COMPLAINTS
10.1. Exercising rights:
10.1.1. The data subject has the right to contact FB by e-mail info@femtech.boutique in the event of a question, application or complaint concerning the processing of personal data.
10.2. Submitting complaints:
10.2.1. The data subject has the right to appeal to FB, the Data Protection Inspectorate or a court when the data subject thinks that their rights have been violated during the processing of their personal data.
10.2.2. The contacts of the Data Protection Inspectorate are available on its website http://www.aki.ee/et/inspektsioon/kontaktid-nouandetelefon.
- COOKIES AND OTHER WEB TECHNOLOGIES
11.1. FB may collect data about the visitors of the webpages and other information society services by using cookies (i.e. small pieces of information that are stored by the visitor’s browser on the hard disk of their computer or other device) or other similar technologies (such as IP address, device information, location information), and process these data.
11.2. FB uses the data collected to: enable the provision of the service in accordance with the visitor or customer’s habits; ensure the best service quality; make website experience more convenient for the customers; inform the visitor and the customer about the content and make recommendations; make ads more relevant and improve marketing efforts, analyze customer behavior and thereby improve online experience, facilitate logging in and data protection. The collected data is also used to count visitors and identify their user habits.
11.3. We use the cookies of our online store environment to identify users as unique but anonymous persons.
11.4. FB uses session, permanent and advertising cookies. Session cookies will be deleted automatically after each visit; permanent cookies are extant when the website is visited frequently; advertising cookies are used to present materials suitable for the visitor or limit the number of times the same ad is seen on the website. Cookies of third parties are used by websites of FB’s partners. FB does not control the appearance of these cookies, so you can get information about these cookies from third parties.
11.5. As regards cookies, the visitors agree to use them on the website, in the settings of information society services, or the web browser. If the visitor does not want to allow the use of cookies on the website, they may block them in their web browser settings, use the option of private browsing, or delete them completely using the instructions given by the service provider of the web browser.
For more information on managing cookies, see the following pages:
Chrome
Safari
iOS
Firefox
Internet Explorer
11.6. Most web browsers allow default cookies. Without the full permission of cookies, the features of the website are not fully available to the visitor, and unforeseen problems with functionality and user experience may occur. Allowing, blocking, or deleting cookies and other similar technologies is controlled by the visitor through the browser settings, information society service settings, and privacy enhancement platforms.
- RELEVANT DOCUMENTS, INSTRUCTIONS, PROCEDURES
12.1. The following documents, procedures and instructions are used to implement FB’s privacy policy:
12.1.1. The Processing Operations Register, which lists all purposes, ways, processes, types and categories of personal data and the corresponding basics for the processing;
12.1.2. A person’s account in the online shop through which all personal information of the data subject is available to them at FB; it is possible to correct and alter them and exercise other rights given under law and this privacy policy;
12.1.3. FB’s Principles of Using Organisational and Technical Measures, which contain different measures that FB applies to have personal data confidential and secure;
12.1.4. All About Cookies: descriptions of cookies and other web technologies that FB uses.
- CONTACTS AND INFORMATION
13.1. Important contacts for FB’s data subject:
13.1.1. If you have any questions about personal data, you can contact FB via e-mail: info@femtech.boutique.
- OTHER
14.1. FB has the right to unilaterally change this privacy policy. FB will inform the data subjects on the changes on the website www.femtech.boutique. We assume that if you start using FB’s website www.femtech.boutique, you have seen the privacy policy and agreed to its terms and conditions.
Femtech.boutique (Live Travel & Productions OÜ)