We process all personal data in accordance with the GDPR.
We collect your personal data to process and confirm orders. To deliver your orders and to process any returns. Personal data is also collected for the purpose of customer service. For example when communicating with customers about orders, answering customer's questions, or when sending a customer survey after a sales transaction for development purposes.
The legal basis for the processing of personal data is the agreement between you and our company when you purchase products in our online store and the legal contractual obligations arising therefrom. The provision of personal information is a prerequisite for the conclusion of the contract. This means that a customer cannot order products from our online store unless they provide their personal information.
We do not send our clients newsletters or advertisements by e-mail, mail or text messages. Neither do we do profiling or automated decisions for you.
We collect personal data from our online store customers, such as:
- First name and last name.
- Contact details (address, phone number, email address)
- Communication history with the customer (such as email inquiries, custom made orders, feedback)
- Billing information, payment method, returns and refunds.
- Order and delivery details.
- Other information you have disclosed.
Customer information is obtained from the customer through contracts (orders), e-mail, telephone, customer meetings, and other situations where the customer discloses information.
We may also process technical data from all of our online store visitors, such as:
IP address, operating system, device type, products searched in our store and browsing history in our website.
Our partners, like our e-commerce platform Shopify, can also collect technical information from our store users, such as IP address, operating system, and device. See the following section for more information about our partners' privacy policies.
The following parties will receive your personal information to process, confirm and deliver orders:
- REGAL VEILS and its employees.
- Money transfer service Checkout Finland Oy that receives the payment from you.
- Logistics company Pakettikauppa/E-Log Services Oy through which your order is shipped to you.
- Shopify Inc. platform that runs our website.
Also for legal reasons:
- The accounting firm that records the orders in our bookkeeping.
- An auditor who audits our records.
Information may be sent to countries outside the EU and the EEA, depending on where the international partners are located. For example Shopify and foreign logistics companies that ship packages abroad.
Learn more about our partners' privacy policies here.
We store personal data only for the period of time that we are required to store by the law.
Due to accounting legislation we are required to store transaction material for the period of seven years. E-mail archives for seven years and online store data for five years.
- the right to know and to check personal data concerning you.
- the right to request the correction of incorrect or incomplete personal data.
- the right to restrict processing (for example, you could ban marketing).
- the right to object the processing.
- the right to withdraw your consent (for example, you could revoke your consent to marketing)
- the right to know how and for what purpose your personal data is processed.
- the right to lodge a complaint to the supervisory authority.
Please note that you have a "right to be forgotten" only if we have no legal obligation to continue processing your personal data.
We exercise diligence in the processing of personal data, and we make sure that the data is properly protected. The data controller shall ensure that the stored information, as well as server access and other information critical to the security of personal data, is handled confidentially and only by the employees whose job description it covers.
Controller’s contact details:
Business ID: 2997140-9
Etuniementie 1 E 74
Last updated 13.2.2020.