AS SANGAR GENERAL PRINCIPLES FOR PROCESSING OF PERSONAL DATA
The terms and conditions shall apply as of 25 May 2018.
AS Sangar (hereinafter Sangar) is a legal person with a registry code 10063674 and address Sõpruse pst.2. 50050 Tartu.
These general principles lay down the principles for collecting, processing and using the personal data of the client in the provision of services by Sangar.
These general principles constitute general information about which data Sangar collects and processes for achieving the described goals.
Collection and use of personal data
Personal data is any data that is voluntarily provided by individuals and collected by Sangar in the provision of services, including the execution of transactions with the client and the delivery of goods. Personal data may be used also for direct marketing purposes, provided the client has given their consent.
This data may include the first name and surname of the person, the date of birth and e-mail address, and the address and telephone, if necessary. In case of bank transfers, the client’s account number and bank name.
Sangar does not use or disclose the client’s personal data without the client’s consent.
The collection of personal data can only take place with the consent of the client and in the following ways:
– The client provides their data on the link to the subscription to the newsletter at Sangar website https://www.sangar.ee
– The client provides Sangar with their data in the store, by completing the new client registration form.
– Sangar will receive a confirmation from the respective service provider in case of the successful identity of the person and/or the payment order.
When authenticating through the ID-card or Mobile-ID and signing statements or confirmations, the client is obliged to comply with the security requirements and recommendations provided by the respective developers. For this we recommend you to read more information at http://mobiil.id.ee and http://www.id.ee
Goal of the collection and processing of personal data
The collected personal data is used to inform clients about Sangar news, campaigns, offers and different events and also to execute transactions, including the delivery of goods.
When requesting for card data, a secure SSL data and the security systems of MasterCard secureCode and Verified by Visa are used.
Sangar cannot see the entered bank data. To execute the transaction the card owner will be transferred to the secure environment of Maksekeskus (Maksekeskus AS, maksekeskus.ee). During the payment the card owner enters their card data to the database located in the Maksekeskus server and the data will be preserved also in the Maksekeskus server.
Sangar collects, centralises and analyses data to receive information about the following:
– statistics on the opening of newsletters,
– statistics on the opening of links in the newsletters.
Personal data necessary for mediating the goods to the client will be sent to the courier company.
Sangar will not distribute, send, change or use any personal data entrusted to them in an unintended way, except when there is a special agreement with the client or if the need for disclosure comes from the legislation of the Republic of Estonia.
The client may at any time request a copy of the data that Sangar has collected and the amendment or deletion of their personal data.
A client who does not wish to be included in Sangar newsletter list or who wishes their personal data to be deleted, can submit the respective application at any time, by sending it to email@example.com , Sõpruse pst 2, Tartu 50050 or unsubscribing directly from the newsletter.
The client has the right to transfer their personal data to another data controller. For this we ask you to send a written and signed request to Sangar at firstname.lastname@example.org.
The client has the right to file a complaint with the Data Protection Supervision Authority regarding Sangar arrangements for data processing.
Personal data protection and security
All personal data of the client that was disclosed to Sangar in the subscription of a newsletter and execution of transactions with the client shall be regarded as confidential information.
Access to the personal data of a client is restricted to authorized parties who provide services to Sangar (e.g. server and cloud service providers, postal and transport companies) and are bound by an obligation of confidentiality. The authorized party is the company which media is used for managing Sangar newsletters.
Preservation of personal data
Sangar preserves the personal data of the client as long as it is necessary for achieving the goal of their collection, protecting the rights of Sangar and until it is required by law.
Collection and use of non-personal data
A cookie is a text file that is sent and stored to the user’s computer by the websites the user visits. The cookie is stored in the file directory of the user’s web browser. If the client has visited the website earlier, the web browser reads the cookie and sends this data to the website or element that initially saved the cookie. More information on cookies can be found at www.aki.ee/et/kupsised
Amendment of the general principles for processing personal data
By sending personal data to Sangar and using the website of Sangar, the client has read and agreed with Sangar general principles for processing personal data. Sangar reserves the right to change these general principles. The notice of this will be posted to Sangar website and valid general principles for processing personal data are always available on Sangar website https://www.sangar.ee.
If you have any questions about the general principles for processing personal data or data processing, we ask you to contact Sangar, by sending an e-mail email@example.com or to the address Sõpruse pst 2, Tartu 50050.