1. Principles for processing customer data

This document defines the processing of customer data held by Mi ART OÜ (hereinafter Mi ART) and the purposes, composition and confidentiality of the processing of data.

Mi ART (registration number 10421903) is the controller of customer data.

The processors of customer data are:

– postal service providers in order to deliver the ordered goods to the customer;

– companies providing IT support to ensure the functioning and development of the e-shop and other IT solutions of Mi ART.

The customer is a person who has entered into a contractual relationship with Mi ART.

Customer data includes any information that Mi ART has about its customer (see Section 2).

Processing of customer data is any operation performed on customer data (including collection, saving, organisation, storage, alteration, enabling access to, retrieval, consultation, use, transmission, blocking, erasure and destruction of customer data).

2. Composition of processed customer data:

Mi ART may collect the following data:

– given name and surname/company name
– identity code/registration number
– place of residence/location
– bank account number
– contact details
– information on transactions (information on purchases carried out by the customer)
– IP address
– information on feedback (including complaints), which the customer has transmitted on their own initiative

On the bases provided for by law, Mi ART has the right to process customer data not specified in this document.

3. Purpose of and legal basis for processing customer data

Mi ART processes customer data in order to:

a) fulfil the contract concluded with the customer;

b) perform obligations arising from legal standards (e.g. forwarding information to investigating bodies).

Customer data are processed within the European Union and the European Economic Area (EU/EEA) according to standard contractual clauses that have been laid down by the EU.

4. Cases in which Mi ART discloses customer data

Customer data are confidential; they are not disclosed to and not accessible by Third Parties without the prior agreement of the customer, except in cases provided for by law.

A Third Party is a physical or legal entity that is not a customer or a processor of customer data.

Mi ART has concluded agreements with delivery companies on the confidential use of the information provided.

5. Rights of the customer

The customer has the following rights relating to the processing of customer data:
– To request rectification of their customer data if the data are inadequate, incomplete or incorrect.
– To withdraw their consent to the processing of customer data.
– To request erasure of their customer data. Such a right does not apply if the customer data requested to be erased are processed on other legal bases.

All requests regarding the composition and processing of customer data must be transmitted via e-mail: info@miart.ee

The customer has the right to request the cessation of the processing of their data and/or erasure of the data collected if such a right proceeds from the Personal Data Protection Act or other legislation.

6. Storage of customer data

Customer data are not processed longer than necessary. The storage period may be based on the contract with the customer or applicable law (e.g. legislation on accountancy, legislation on term of expiry, other private law).