Our aim is to offer in-depth information regarding the handling of your personal details in spite of the form of correspondence you choose – whether by personal contact or via an online facility. Please refer to our Personal Data Protection Policy (“Policy”) for any specific information, which is applicable to the online platform mylino.eu (“Website”), itself organized by STEFANI TÖÖSTUS Ltd., address: Liivamäe tn 4-60, 10132 (“we” or “MyLino”).
A key part of our business philosophy is to cherish the security of our customer’s data, so all of our team appreciates the importance of data protection. To adhere to the highest standards, therefore, we follow the stipulations set out by the General Data Protection Regulation (EU) 2016/679 (“Regulation”). This, in turn, is bolstered by adherence to several other legal initiatives, including the Law on the Protection of Personal Data (“Law”).
Overall, therefore, our policy is structured so that customers can always find out how their details are obtained, applied, or shared in any way, meaning you can always have enough information to decide whether you are comfortable with the relationship. Moving forward, a commitment to clarity and fairness will remain central to our operations.
The services we offer online are applicable to the collection, transfer, storage, erasing, or the general use of any data we happen to handle that could impact you negatively if misused. We consider personal data as any details that you offer directly, but also anything that can be drawn from alternative sources and relates to your identification. These details can include your name, email, address, or date of birth, as well as any details relating to the transactions or communications undertaken with us.
By familiarizing yourself with our Policy you can remain well-informed regarding any personal information we are likely to obtain and its potential use when interacting with our website, or otherwise. Furthermore, key information regarding Data Protection has been incorporated, with a focus on any rights given to you by law that may become applicable. While we remain committed to our Policy as a core focus, it is possible there might be amendments in the future as laws change, so we ask you to bear this in mind. For any queries, feel free to get in touch according to your preferred form of correspondence.
In corresponding with us, you may become aware that some of our Website services are maintained by third parties. Please be assured, we have set up these partnerships based on adherence to the same data protection commitments.
The personal data we obtain and process
If you login to your account online, certain identification data will be obtained and applied, this may include your device’s IP address, the browser details of your device, additional browsing details, such as the time and location upon which your account was accessed, together with any particular website pages viewed.
Of the personal information obtained in this manner, most importantly your IP address, we guarantee to not use any data without your express permission except for where services can’t be provided by avoiding it, e.g. for the correct performance of our services, or for our commitment to security and confidentiality, and the avoidance of cyber-attacks or other outside inference that could be detrimental and come from non-authorized sources.
When you place items in your shopping cart but have yet to pay for them, certain key personal information will be obtained and used, which will include name, surname, phone number, email, and shipping address (together with similar details on the individual receiving the delivery if different from the buyer).
In the event of making a purchase, certain essential information will be stored and processed, which will include name, phone number, email, shipping address (including similar information regarding the recipient if different from the buyer), and also including product details, cost, the time the purchase occurred, plus the method of payment.
Important: In cases where you are ordering a product for someone else (particularly if delivering directly to them), it may be beneficial to request that they agree to the Policy terms and feel comfortable with you sharing certain data.
Reasons for obtaining and processing personal data
We require your data for a number of reasons:
Certain personal information is necessary for buying and receiving goods or receiving services, all of which require firm identification and a range of contact details to ensure your requests are accurately fulfilled. Obvious examples include names, email addresses, and phone numbers, plus other personal details relevant to carrying out the service or contacting you. Additionally, a range of transaction data must be obtained in order to allow our operations to run smoothly.
To guarantee successful remote operations, we log IP addresses and additional information that allows us to firmly identify clients, together with correspondence records, and technical details.
To ensure smooth interactions, such as for responding to queries and service requests, as well as to respond to feedback, to deliver crucial notices (concerning the General Terms and Conditions of Service Provision, adjustments to Policy, or additional documentation) as well as to communicate technical updates, security complications, ongoing support, and organizational memos, we keep records of contact details and also any correspondence content.
As part of an ongoing commitment to enhancing our services, products, and also marketing we regularly examine our customers’ details, the data regarding the products they have received, and purchase records. The storing and assessment of information for company use, such as to follow and examine customer habits relating to our product and service range, allows us to assess both the strengths and weaknesses of our offerings for future reference and upgrades. This is crucial for better comprehending what customers expect and require, serving to improve our contributions moving forward in a manner that is positive and organized, with enhanced products and services, as well as transparency.
To strengthen our future marketing initiatives, we store and utilize your contact details (though only for our key markets).
To safeguard the well-being of MyLino and our ongoing business initiatives, as well as that of any third parties, we utilize data so as to safeguard our activities from hostile behavior, particularly fraudulent, which further allows us to avoid the negative effects of cyber-attack and other attempts to affect the robustness of our online activities. Plus, we remain focused on being prepared to handle potential complications or disputes, which may occur if we happen to deal with any parties who do not respect the rules and rights or business.
Why is storing and handling your personal details a key business right
We store and utilize your personal data according to a number of stipulations:
- a commitment to fulfill the terms of an agreement for purchasing specific goods;
- client consent and approval has been confirmed;
- all data handling activities adhere to recognized legal frameworks;
- the focus remains on meeting objectives that are legitimate, for example, to support service provision and interactions that are robust and sustainable, to continue to at least meet client expectations throughout our performance levels, and to aspire to total service and product satisfaction;
- in the event of any legal actions and lawsuits that need to be handled as competently as possible.
Crucial: we will be unable to provide customers with the service quality they would want and expect with the absence of key personal data that informs our service activities.
Why cookies are vital
Many internet users will be familiar with the role cookies play, coming in the shape of small text files that computers and other devices will host as integral to safe internet access and robust performance. We consider the cookies working on our own site as essential for its operations and functionality. It allows us to be accurate regarding the information added to shopping carts, for example. Plus, the majority of cookies in use (session cookies) are deleted once a particular session has finished.
Additional cookies and confirming consent
In the event of customers logging onto our site, you will be requested to confirm that certain cookies can be hosted by your device. Once you have acquiesced to cookie hosting, you confirm that we can utilize these cookies for those objectives set out (“Consent to Cookie Use”). Cookies enable us to:
- record the number of Website users and their actions. Doing so enables us to recognize where our Platform could function more efficiently, so helping visitors with the search process (analytical/operational cookies);
- be alert to when and how frequently revisits occur. This helps us to deliver bespoke content, individualized to each user (functional cookies);
- assess the pages you prefer to visit and the products you appear to be most interested in. Such information allows us to adjust the Platform to suit your preferences, which may include ads and direct marketing of potential interest (targeted cookies).
Application of third-party cookies
As our clients browse our Website, it is likely that cookies and network data collectors of additional companies will also be able to follow your actions. This interconnectedness has been facilitated to allow for analyzing group activity that, in turn, can be used to inform targeted marketing campaigns and contextual advertising. Once you approve of cookies being active, however, any assessments will take place with a user profile pseudonym, so that individual customers cannot be identified. It is important to point out that we do not control the third-party cookies active on our site, but you do have the ability as a consumer to prevent them from tracking your activities by adjusting the settings in your browser.
How do we obtain your personal data
We utilize the personal details given by you when using our services, combined with the data offered by our Website.
Who has access to your personal data
To carry out focused services, MyLino has the option of incorporating external operators who undertake data processing actions we are unable to, though based on our specific direction. Our clients can be assured that we vet any external operators thoroughly for our needs and also to meet any legal obligations. Any business relationships we form are done so according to a consensus that key legal aspects, regulations, laws, and established policies will be adhered to. Firm written agreements or terms are in place, therefore, between our company and any active data controllers, based on agreed boundaries.
Any personal data is shared according to recognized legal parameters. Parties your personal data may be shared with include any service or payment providers required for facilitating your purchase (necessary if you ever need to claim a refund, for example), as well as any official bodies involved in dispute resolutions, and additional third parties connected to particular sales, purchases, and mergers, together with parties who may be involved in purchasing the business should such a scenario occur, or their advisors.
A wide selection of service providers may be included in your personal data processing, with typical examples including cloud services, data centers, organizations specializing in website administration or related activities, marketing bodies, and advertisers. Furthermore, businesses involved in the creative side of website operation may be involved, such as web and software designers, technology infrastructure partners, key communications partners vital for sending messages or marketing initiatives, professional advisers and auditors or additional sources of consultation, or parties specializing in online browsing or online business assessments.
It is likely that certain third parties may be situated outside of the EU/EEA, meaning they may have data protection procedures not quite in sync with our recognized standards. However, in such cases, we only enter into partnership with a provider (or else further existing warranties are in place as safeguards) once we have verified that every crucial aspect has been satisfied so that your personal information receives the level of ethical protection our own standards would demand. Should you have any queries regarding these business agreements, our team will be happy to answer any questions via email: [email protected]. A key part of our policy is always to answer any data security warranty issue with as much information as possible.
Important: third parties and additional services that may be utilized during your purchase might be located in a country that does not currently adhere to the same ethical levels of data protection. Being conscious of this, none of our partnerships have been entered lightly and significant steps have been taken to assure security and sound personal data use, although there may be scenarios where making a 100% guarantee that EU objectives are being respected is not possible.
Time periods for storing personal data?
Our commitment is to store any personal information for no longer than required to perform the functions requested, or else for a time stipulated by legal obligations, such as:
- customer data received at the time of an order being placed is kept for a period of 10 years, although no longer than required for accounting issues as per statutory deadlines.
- regarding any data gathered via cookies, this will either be stored until the end of the session or else for a two-year period.
- the data of newsletter recipients will be kept throughout the course of the subscription, then for one month post-cancellation.
The extent of your personal data security?
As part of our ongoing commitment to sound data use, we always look to make the most of robust security technologies and measures to avoid any likelihood of malicious intent as a result of unauthorized access. All third-party contributors, therefore, are strategically vetted and requested to adhere to the same standards that we offer customers for security and confidentiality. Data access is allowed according to specific Policy reasons only.
Nevertheless, we need to be clear about the fact that data usage across the internet always has some element of risk, especially if third parties or outside interference is intent on manipulating data for nefarious reasons. While we take every precaution to avoid this, we also stress caution to our customers, particularly if confirming details via a public computer.
Understanding your rights
Your rights as a customer include:
- the right to receive copies of the personal data we hold on you (right to be informed);
- the right to ask for any false information to be updated (right of correction);
- the right to prevent the use of your details if you remain unconvinced that its application is ethical and has a sound legal basis (right to restrict processing);
- the right to ask for any data related to you to be deleted (right to deletion);
- the right to differ with your service provider regarding how your personal details are handled with respect to marketing, including when such usage has been deemed as legal and legitimate by us;
- the right to ask for your personal data to be accessed by another party or for the data to be made available in a form of your preference (this includes any data you have purposely supplied that has been utilized in order to execute a specific instruction or to conclude an order) (right to data transfer)
- the right to end agreed consent, which should occur without any consequence concerning how your personal data has previously been used (right to withdraw consent);
- the right to take up any issue with the State Data Protection Inspectorate (right to a complaint) (also see – Data Protection Inspectorate (aki.ee)).
Plus, any ongoing newsletter subscription can be terminated immediately by unchecking the option to receive them via your email correspondence.
Exercising your rights?
Our company maintains a strong focus on adhering to your rights in an ethical manner, which includes responding to any queries you raise concerning key Policy details. By using the contact details below, any question you have regarding these rights, other requests, complaints, or notices (“Inquiry”) can be sent to MyLino for our timely response.
The commitment is to reply to your question before 30 days have expired. In the event of us needing extra time to look into your query, we will keep you informed of our need to extend the timescales, although the majority of queries will be dealt with speedily. Should our inquiry into your data need more than a 30-day turnaround, we nevertheless commit to an answer within 60 days.
In the event that we decline to offer an answer to an inquiry, you will also receive notice in writing of why we are unable to provide a satisfactory response, which will be made in accordance with legal acts and regulations.
For any queries concerning the usage of your personal data or inquiries concerning any rights, our dedicated professionals are available at [email protected] or STEFANI TÖÖSTUS Ltd., address: Liivamäe tn 4-60, 10132.
Understanding the personal data protection obligations we adhere to
By obtaining and using the information you have trusted us to keep, together with any additional data driven by alternative sources, the following guidelines are applied:
- All personal details and data are handled and treated legally, fairly, and with transparency (lawfulness, integrity, and transparency principles).
- Any data we store and use is for specific, firmly set out, and legal reasons, without any detour into criteria that do not match with such objectives (purpose limitation principles).
- All personal information is suitable, applicable, and only used for the purposes it was initially obtained (data minimization principles).
- An ongoing focus on the accuracy of personal data is maintained, including any updates that can be achieved (accuracy principles).
- All personal data is maintained in a manner that suits the length of time required to carry out specific actions, without being extended into alternative contexts (limiting the length of storage principles).
- All personal data is maintained according to strict security principles in place to safeguard customers from any nefarious acts resulting from unauthorized access or illegal data processing, as well as accounting for accidental loss, theft, damage, or destruction in as many ways as can be technically and organizationally achieved (integrity and confidentiality principles).
When obtaining and applying any personal data, our commitment is:
- That all utilization of personal data is carried out for reasons and purposes openly set out.
- That no personal data will be applied for reasons that contradict the Policy objectives defined, with the exception of having to comply with lawful procedures.
- That the precision, integrity, and security of all personal data will be treated in a manner that meets legal requirements, offers transparency, and recognizes fairness.
- That there will be no unnecessary or unwarranted processing of personal data.
- That any data received and stored will only be kept for required and designated timescales to carry out certain functions.
- That the safeguards set out in this Policy will be consistently followed and proven if necessary.
- That any lawful requirements are also met.
Policy Validity and any amendments
Enforced on November 2, 2021, this Policy can be amended if any amendments to laws, regulations, and also our key activities, are judged significant enough to require adjustments. Customers can keep up to date with any amendments via our website: mylino.eu.