Search Profile Cart
Home / Privacy Policy

Privacy Policy

The entity responsible for processing personal data of the online store kondoomid24.ee is PAVIUS Baltic OÜ (registration number 12408019).

  1. What personal data we process
    1. Name and email address;
    2. Bank account number;
    3. Cost of goods and services, as well as payment-related data (purchase history);
    4. IP address;
    5. Cookies;
  2. Purpose of personal data processing
    1. Personal data is used to manage customer orders.
    2. Purchase history data (purchase date, product, quantity, customer data) is used to create an overview of purchased goods and services, analyze customer preferences, and for resolving consumer disputes.
    3. The bank account number is used for refunding payments to the customer.
    4. Personal data such as email address and customer name is processed to address issues related to goods and services (customer support). Email is also used for sending invoices.
    5. IP addresses or other network identifiers of the online store user are processed to provide online store services as information society services, as well as for site usage statistics.
  3. Legal basis
    1. Personal data processing is carried out for the purpose of fulfilling the contract with the customer (managing customer orders, refunding payments).
    2. Personal data processing is carried out to fulfill a legal obligation (accounting).
    3. Personal data processing is necessary due to the legitimate interest of the data controller, which consists of collecting purchase history data for potential consumer dispute resolution.
  4. Recipients of personal data
    1. Personal data is provided to the online store's customer support to manage purchases and purchase history, as well as to resolve customer issues.
    2. If the online store’s accounting is handled by a service provider, personal data is provided to them to carry out accounting operations.
    3. Personal data may be shared with IT service providers if necessary to ensure the functionality of the online store or data storage.
  5. Data security and access
    1. Personal data is stored on Zone Media OÜ servers located within the European Union or countries of the European Economic Area.
    2. Access to personal data is granted to online store employees who may access it to resolve technical issues related to the use of the online store and provide customer support.
    3. The online store implements appropriate physical, organizational, and IT security measures to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorized access, and disclosure.
    4. Transfer of personal data from authorized processors of the online store to the receiving party (e.g., shipping providers and web hosting) is carried out based on agreements between the online store and the authorized processors. Authorized processors are required to guarantee appropriate protection measures in accordance with Article 28 of the General Data Protection Regulation (GDPR).
  6. Access to and correction of personal data
    1. You can access and correct your personal data in the online store user profile or through customer support.
  7. Withdrawal of consent
    1. If personal data is processed based on customer consent, the customer has the right to withdraw it in their account settings or by notifying customer support via email.
  8. Data retention
    1. When a customer account is closed, personal data is deleted, except for personal data (purchase history) that must be retained for accounting or dispute resolution purposes.
    2. In case of disputes related to payments and consumer issues, personal data is retained until the requirement is fulfilled or until the end of the statute of limitations.
    3. Personal data contained in primary accounting documents is retained for seven years.
  9. Restriction
    1. The customer may request the restriction of processing of their personal data if the data is inaccurate or incomplete, or if their personal data is processed unlawfully.
  10. Objections
    1. The customer may object to the processing of their personal data if they have reason to believe that there is no legal basis for such processing.
  11. Deletion
    1. To delete personal data, contact customer support by email. A response will be provided within one month specifying the period of deletion. The response will also indicate which personal data will not be deleted and provide the legal basis and reason.
  12. Data portability
    1. The response to a data portability request submitted by email will be provided within one month. Customer support will verify the requester’s identity and provide information on which personal data will be transferred.
  13. Direct marketing
    1. Email addresses are used for sending direct marketing messages if the customer has given consent. If the customer does not wish to receive such messages, they should follow the link at the bottom of the email or contact customer support.
  14. Dispute resolution
    1. Disputes related to personal data processing are resolved through customer support. The supervisory authority is the Estonian Data Protection Inspectorate (info@aki.ee).

Pavius Baltic OÜ
Reg. number: 12408019
Email:

Last updated: 17.08.2025