-
Your shopping cart is empty!
The controller of personal data at Diamande is Diamande: Sansaaro OÜ, Tuulemaa tn 20, Tallinn 10315
Personal data protection
Personal data are data collected by Diamande for providing a service, identifying a person, contacting a person for providing a service or for resolving any issues.
Diamande undertakes to protect the personal data and privacy of its customers and users. Diamande’s activities online are in conformity with all applicable requirements and legislation of the Republic of Estonia and the European Union, including Regulation (EU) 2016/679 of the European Parliament and of the Council. Diamande applies all precautionary measures (including administrative, technical and physical) to protect the personal data collected. Access to the personal data to change and process the data is only granted to authorised persons.
Security
The personal data which has become known in the course of visiting the website and making purchases on the account are treated as confidential information. An encrypted data communication channel with banks ensures the security of the customer’s personal data and bank information.
Diamande applies all security measures (including physical, information technology and organisational) to protect the personal data processed. Access to personal data is only granted to authorised persons, and the personal data of all customers of Diamande are treated as confidential information.
1. What kind of data are collected?
If a person visits the Diamande Online Shop, the following non-personal data are collected about him/her:
Information is collected on website visits and the time spent on the website in order to improve the website and make it more convenient for visitors to use.
To process the data of legal persons, we collect data such as company name, registry code, VAT number, address, e-mail addresses to contact and send invoices, and the names, e-mails and phone numbers of persons representing the company.
If services are paid for by credit card or a bank link service, only Maksekeskus AS will have access to bank card information and bank information and will only issue information on successful completion of a payment to Diamande.
2. Personal data usage
Diamande may use your personal data for the following purposes:
3. How long will the collected data be stored?
The personal data of people registered as loyal customers of Diamande are stored without a term. The non-personal technical data collected on the website of Diamande’s Online Shop are stored without a term.
The personal data related to non-anonymous inquiries and/or transactions are stored for up to 7 years after the last interaction with the service provider, pursuant to the obligation prescribed by the Accounting Act to prove transactions.
An interaction means, in particular, reacting to direct marketing by viewing or clicking on a link.
4. Who are the recipients of personal data?
Diamande is the controller of the personal data. The personal data processed by Diamande can be transmitted without the consent of the respective person only to a lawfully entitled (e.g. by a court or a body conducting pre-trial proceedings) institution or person who has a legitimate need.
5. What are the data subject’s rights?
The right to access the personal data, rectify the data and object to processing.
A customer registered in the Online Shop has the right to access and rectify his/her personal data on his/her account in the Online Shop. If the personal data cannot be rectified or accessed on the account, an application should be filed to us in a format which allows identifying the person, to access or rectify the data. If possible, the personal data are made available to access or rectify in 7 business days.
A loyal customer registered in Diamande’s Online Shop has the right to access and rectify his/her personal data in Diamande shops or by sending an application to info@diamande.ee. If the customer wishes to opt out of direct marketing, the link is available for immediate use at the bottom of each direct marketing letter. The change will become effective immediately.
If there is no legal ground (anymore) for processing or granting access to the personal data, Diamande can be requested to stop the processing or erase the data. A relevant application should be filed which should allow for identification of the person.
The customer has the right to demand that his/her personal data no longer be processed or that the personal data be rectified or erased, at any time. Diamande satisfies the customer’s application in three business days at the latest after receipt of the application.
If the customer deems his/her rights to be violated in processing his/her personal data, the customer has the right to turn to Diamande, the Estonian Data Protection Inspectorate or the court to demand that the violation be stopped.
6. Privacy Policy, and changes
By using Diamande’s website, you confirm you have read and agree to these principles and terms and conditions. We retain the right to change the general terms and conditions by notifying all related persons thereof.
If you have any questions about or issues with the Privacy Policy or data processing, please contact us at info@diamande.ee.