By continuing use this site, you agree to the Terms & Conditions and our use of cookies.

Podruzka OÜ

Registration number: 16168581
Peterburi tee 2, 11415 Tallinn
Estonia

1. General Provisions

1.1. This Privacy Policy describes how Podruzka OÜ collects, processes, and stores customers’ personal data in the online store www.podruzka.ee. The data controller responsible for personal data processing is Podruzka OÜ.

1.2. A data subject means a customer or any other natural person whose personal data is processed by Podruzka OÜ.

1.3. A customer is any individual who purchases goods or services from the Podruzka online store.

1.4. Podruzka OÜ follows all principles of data processing established by the European Union and the Republic of Estonia and ensures that personal data is processed lawfully, fairly, and securely.

2. Collection, Processing, and Storage of Personal Data

2.1. Personal data is collected primarily in electronic form through the website and via email.

2.2. By providing personal data, the data subject grants Podruzka OÜ the right to collect, use, and store this data for the purposes described in this Privacy Policy.

2.3. The data subject is responsible for ensuring that the provided data is accurate and up to date and must notify Podruzka OÜ of any changes.

2.4. Podruzka OÜ is not liable for any damage resulting from inaccurate or false information provided by the customer.

3. Processing of Customers’ Personal Data

3.1. Categories of Personal Data Processed

  • first and last name;
  • date of birth (if required for identification);
  • phone number;
  • email address;
  • delivery address;
  • payment details (bank account number, card details if applicable);

3.2. Sources of Data

Podruzka OÜ may also obtain information from public registers or from partners, such as transport and payment service providers.

3.3. Legal Basis for Data Processing

Personal data processing is based on Article 6(1)(a), (b), (c), and (f) of the EU General Data Protection Regulation (GDPR):

  • a) the data subject has given consent for the processing of their personal data for one or more specific purposes;
  • b) processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract;
  • c) processing is necessary for compliance with a legal obligation to which the controller is subject;
  • f) processing is necessary for the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the rights and freedoms of the data subject.

3.4. Purposes of Processing and Retention Periods

  • Security and protection: according to statutory retention periods;
  • Order processing and delivery: up to 3 years after the purchase;
  • Accounting and tax obligations: according to statutory retention periods;
  • Marketing and newsletters: until consent is withdrawn, but no longer than 3 years;
  • Customer relationship management: up to 5 years after the last customer interaction.

3.5. Transfer of Data to Third Parties

Podruzka OÜ may transfer personal data to third parties such as transport companies, accounting firms, and payment service providers (including Maksekeskus AS). All partners are required to comply with GDPR and data confidentiality obligations.

3.6. Data Security

Podruzka OÜ applies organizational and technical measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, or unauthorized access.

3.7. Data Retention

Personal data is retained only as long as necessary to fulfill the purposes of processing or as required by law.

4. Rights of the Data Subject

  1. To access and review their personal data.
  2. To request information about the purposes and legal basis of data processing.
  3. To request correction or deletion of inaccurate or incomplete data.
  4. To withdraw previously given consent for data processing.
  5. To request the transfer of their data to another service provider, where applicable by law.
  6. To lodge a complaint with the Estonian Data Protection Inspectorate (www.aki.ee).

To exercise their rights, the data subject may contact: info@podruzka.ee.

5. Final Provisions

5.1. This Privacy Policy has been prepared in accordance with Regulation (EU) 2016/679 (GDPR), the Estonian Personal Data Protection Act, and other applicable legislation.

5.2. Podruzka OÜ reserves the right to amend this Privacy Policy by publishing an updated version on the website www.podruzka.ee.