Privacy policy

The full privacy policy will be published here.

Personal Data Processing and Protection at idamoobel.ee
Effective date: 11.05.2025
Data Controller: OÜ IdaMööbel, registration code 16424222
Website: idamoobel.ee
Data Protection Contact: info@idamoobel.ee

  1. General Provisions This Privacy Policy describes how OÜ IdaMööbel (hereinafter the "Company" or "We") collects, uses, stores, and protects the personal data of users of idamoobel.ee (hereinafter "User" or "You"). This Policy is drawn up in accordance with the EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679) and the laws of the Republic of Estonia.
  2. Data Controller The data controller is OÜ IdaMööbel, registration code 16424222, Estonia. For all questions regarding the processing of personal data, please contact us at: info@idamoobel.ee.
  3. What Data We Collect We may collect the following categories of personal data: 3.1 Contact data: first and last name, email address, phone number, postal address. 3.2 Order data: order contents, delivery address, purchase history, preferences. 3.3 Account data: username, password (encrypted), login history. 3.4 Technical data: IP address, browser type, device, cookies, site visit data. 3.5 Communication data: correspondence with us, content of enquiries and requests.
  4. Purposes and Legal Bases for Processing We process personal data on the following legal bases and for the following purposes: 4.1 Performance of a contract (GDPR Art. 6(1)(b)): processing and fulfilling orders, delivering goods, invoicing. 4.2 Legitimate interests (GDPR Art. 6(1)(f)): fraud prevention, improving the website, usage analytics. 4.3 Consent (GDPR Art. 6(1)(a)): sending marketing communications and notifications — only with explicit consent. 4.4 Legal obligation (GDPR Art. 6(1)(c)): compliance with tax and other legal requirements.
  5. How Long We Retain Data Personal data is retained no longer than necessary for the purposes of processing or to fulfil legal obligations: 5.1 Order and transaction data — 7 years (Estonian accounting and tax law requirements). 5.2 Account data — for the duration of the account and 2 years after deletion. 5.3 Marketing data — until consent is withdrawn. 5.4 Technical logs — up to 12 months.
  6. Sharing Data with Third Parties We do not sell or share personal data with third parties for commercial purposes. Data may be shared only in the following cases: 6.1 Service providers (data processors): logistics companies, payment providers, IT providers — solely for contract fulfilment. 6.2 Public authorities: only as required by law or court order. 6.3 Company reorganisation: in the event of a merger or business transfer, with prior notice to users.
  7. International Data Transfers We aim to process data exclusively within the European Union and European Economic Area. Where data transfer to third countries is required, we ensure an adequate level of protection in accordance with GDPR requirements (standard contractual clauses, adequacy decisions, etc.).
  8. Your Rights Under the GDPR you have the following rights regarding your personal data: 8.1 Right of access (Art. 15): to obtain confirmation of processing and a copy of your data. 8.2 Right to rectification (Art. 16): to request correction of inaccurate data. 8.3 Right to erasure (Art. 17): to request deletion of data where grounds exist. 8.4 Right to restriction of processing (Art. 18): to restrict processing in cases provided by law. 8.5 Right to data portability (Art. 20): to receive your data in a machine-readable format. 8.6 Right to object (Art. 21): to object to processing based on legitimate interests or for direct marketing. 8.7 Right to withdraw consent: to withdraw previously given consent at any time, without affecting the lawfulness of prior processing.
  9. Complaints and Supervisory Authority To exercise your rights, send a request to info@idamoobel.ee. We will respond within 30 days. You also have the right to lodge a complaint with the Estonian data protection supervisory authority — the Data Protection Inspectorate (Andmekaitse Inspektsioon, www.aki.ee).
  10. Cookies and Tracking Technologies Our website uses cookies and similar technologies to ensure functionality, analyse traffic, and improve user experience. On your first visit you can manage cookie preferences. Essential cookies (required for the website to function) do not require consent. Analytics and marketing cookies are set only with your consent.
  11. Data Security We apply technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction: connection encryption (HTTPS/TLS), access controls, regular security audits. In the event of a security breach that may pose a risk to your rights, we will notify you and the supervisory authority within the timeframes prescribed by law.
  12. Changes to This Policy We may update this Policy. The current version is always available at idamoobel.ee. For material changes, we will notify you by email or through the website.

Data Controller: OÜ IdaMööbel
Registration code: 16424222
Website: idamoobel.ee
Contact: info@idamoobel.ee
Supervisory Authority: Andmekaitse Inspektsioon — www.aki.ee