Privacy policy
As a trustworthy partner Miriada Oร has committed to treating the companyโs customersโ personal data, respecting all their rights. Based on this, the company has developed the main principles of privacy policy regarding the collection, use, disclosure, transfer and storage of customer data.
1. NOTIONS
1.1. A data subject is a natural person about whom Miriada Oร has information, or the information that can be used to identify a natural person. Data subjects are, for example, customers, collaborators, and employees as natural persons whose personal data Miriada Oร has received.
1.2. Privacy policy is this text, which sets out the principles for the processing of personal data at Miriada Oร.
1.3. Personal data is any information related to an identified or identifiable natural person.
1.4. The processing of personal data covers any act performed with a data subject’s personal data, including collection, recording, organisation, storage, alteration, disclosure, providing access to them, conducting queries and retrievals, usage, transferring, cross-usage, merging, closure, deleting, or destroying personal data, or several of the above mentioned operations, regardless of the manner in which the operations are performed and the means used.
1.5. A customer is any natural or legal person who uses or has expressed an interest in using Miriada Oร services.
1.6. A contract is an agreement concluded between Miriada Oร and a customer to provide services, or some other agreement.
1.7. Website – www.estonkids.com is Miriada Oร website.
1.8. A visitor is a person who uses Miriada Oร website.
1.9. A child is, in the context of personal data processing, a person under the age of 13 in the Republic of Estonia.
1.10. Services โ all kinds of services and products provided by Miriada Oร.
1.11. Cookies are data files that are sometimes saved on the device of a website visitor.
1.12. Miriada Oร data protection specialist is a person who follows the implementation of the principles for the processing of personal data, and with whom any data subject can contact in case of complaint.
1.13. Sales channels are Miriada Oร ways to communicate with data subjects, tools created for selling goods and services, including e-mail, telephone, public and social media, various chat lines, individualised and interactive adverts, and other similar tools on websites and in other places.
1.14. Product portfolio includes Miriada Oร various products and services, the list of which is available on the companyโs website www.estonkids.com.
In the privacy policy, the contract, the general terms and in communication between the parties, these notions are used in the sense indicated above.
2. GENERAL TERMS
2.1. ESTONKIDS is a legal person Miriada Oร, with the registry code 14190412, located at Jรคrvevana tee 9,ย 11314 Tallinn, Estonia.
2.2. At Miriada Oร, personal data can be processed:
2.2.1. by a responsible processor, when the purposes and means of processing have been specified;
2.2.2. by an authorised processor according to the instructions of the person responsible;
2.2.3. by a receiver to whom personal data are transferred.
2.3. The privacy policy applies to the data subjects; the rights and obligations specified in the privacy policy are in force for all Miriada Oร employees and partners to whom the personal data collected by Miriada Oร are available.
2.3.1. The privacy policy may be supplemented by privacy notices published on the website or on the devices, and they may amend or supplement the privacy policy.
3. PRINCIPLES
3.1. Miriada Oร always favours the interests, rights and freedoms of data subjects when processing their personal data.
3.2. Miriada Oร goal is to provide responsible processing of personal data, which is based on best practice, bearing in mind that the company is always ready to demonstrate the compliance of the processing of personal data with the purposes set.
3.3. Miriada Oร all processes, instructions, operations and activities related to processing personal data are based on the following principles:
3.3.1. Legality. In case of processing personal data, there is a legal basis for this, for example a consent.
3.3.2. Fairness. The processing of personal data is fair, requiring, first of all, that the data subject has sufficient information on how their personal data are processed.
3.3.3. Transparency. The processing of personal data is transparent to the data subject.
3.3.4. Purposefulness. Personal data is collected for precisely and clearly defined and legitimate purposes and will not be processed later in a way that does not conform to these purposes.
3.3.5. Correctness. The personal data are correct and, if necessary, updated, and all reasonable steps will be taken to delete or correct the personal data which are incorrect from the point of view of the purpose for processing personal data.
3.3.6. Principle of restricted storage โ personal data shall be stored in a form that allows data subjects to be identified only for as long as it is necessary to fulfil the purpose for which the personal data is processed. This means that, if Miriada Oร wishes to keep personal data longer than it is necessary for the purpose, the company will anonymize the data so that the data subject is no longer identifiable. As for the data received by Miriada Oร through customer relationship or similar relations, the company will keep them in accordance with best practices and will retain the data processed on the basis of consent until the consent is withdrawn.
3.3.7. Reliability and confidentiality. Processing of personal data is carried out in a manner that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by using reasonable technical or organizational measures. Miriada Oร has both internal instructions and rules for employees and separate contracts with each authorized data processor, providing best practices, ongoing risk assessment and relevant technical and organizational measures for processing personal data.
4. COMPOSITION OF PERSONAL DATA
4.1. Miriada Oร shall collect, inter alia, the following types of personal data:
4.1.1. personal data given to Miriada Oร by the data subject (name, e-mail address, postal address, phone number);
4.1.2. personal data resulting from normal communication between the data subject and Miriada Oร;
4.1.3. personal data made clearly public by the data subject (e.g. in social media);
4.1.4. personal data generated when using services (e.g. when buying in Miriada Oร online shop);
4.1.5. personal data resulting from the visit and use of the website (e.g. the time spent on the website);
4.1.6. personal data received from third persons;
4.1.7. personal data created and combined by Miriada Oร (correspondence or the list of the order history in the context of customer relationships).
5. COMPOSITION OF PERSONAL DATA. PURPOSES AND GROUNDS FOR THEIR PROCESSING
5.1. Miriada Oร processes personal data only by consent of the data subject or by law.
5.2. By consent, Miriada Oร processes personal data exactly within the limits, scope and purposes specified by the data subject. As regards consents, Miriada Oร acts are based on the principle that each consent must be clearly distinguishable from other questions, in an understandable and easily accessible form, in a plain and simple language. The consent may be given in writing, electronically or orally. The data subject gives consent voluntarily, specifically, deliberately and unequivocally, for example by ticking the box on the website.
5.3. A legitimate interest is Miriada Oร interest in managing and running its own business, to offer the best possible services on the market. Under law, Miriada Oร will process personal data only after careful evaluation, to determine that the company has a legitimate interest, the processing of personal data is necessary and in accordance with the interests and rights of the data subject. In particular, the processing of personal data on the basis of legitimate interest may take place for the following purposes:
5.3.1. to ensure trustworthy customer relationships, for example the processing of personal data, which is strictly necessary to identify actual beneficiaries or prevent fraud;
5.3.2. to manage and analyse the customer base to improve the availability, range and quality of the services and products, and to provide the best and most personalized offerings with the customerโs consent;
5.3.3. to collect identifiers and personal data when using webpages, mobile applications and other services. Miriada Oร uses the data collected to conduct web analysis, analysis of mobile phone services and information society services, to ensure and improve activities, do statistics, analyse visitor behaviour and user experience, and to provide better and more personalised services;
5.3.4. to do customer and visitor satisfaction surveys and measure the effectiveness of marketing activities;
5.3.5. to analyse customer and visitor behaviour on different sales channels and webpages;
5.3.6. to monitor services โ Miriada Oร can save notices and orders made both in its premises or by means of telecommunication (e-mail, telephone, etc.), as well as information and other activities performed by Miriada Oร and, if necessary, use them to prove orders or other operations;
5.3.7. when considering network, information and cyber-security, for example to fight against piracy, to secure the websites, to make and maintain backup copies;
5.3.8. to compile, submit or defend legal claims.
5.4. To fulfil obligations arising from law, Miriada Oร shall process personal data for the purpose of fulfilling obligations provided by law or applying the ways of usage permitted by law. For example, the law imposes obligations to process payments or follow the money laundering rules.
5.5. If the processing of personal data is for a purpose other than that for which the personal data was originally collected or is not based on the consent of the data subject, Miriada Oร will carefully evaluate the admissibility of such new processing.
6. DISCLOSURE OF AND / OR TRANSFER OF PERSONAL DATA TO THIRD PERSONS
6.1. Miriada Oร cooperates with persons to whom the company may transfer data relating to data subjects, including personal data, in the framework and for the purpose of cooperation.
6.2. These third persons may be, for example:
persons mediating or providing postal services, IT partners, service providers for debt collection, payment failure registries, institutions and organizations, provided that:
6.2.1. their purpose and the processing are legal;
6.2.2. personal data processing is carried out in accordance with Miriada Oร instructions and under a valid contract.
7. SECURITY MEASURES FOR PROCESSING PERSONAL DATA
7.1. Miriada Oร shall store personal data only for the strict minimum necessary time. Personal data, the expiry date of which has passed, will be destroyed, using best practices and in accordance with the procedures established by Miriada Oร.
7.2. Miriada Oร has established instructions and procedures on how to ensure the security of personal data through using both organisational and technical measures.
7.3. In the event of any incident involving personal data, Miriada Oร will take all necessary measures to mitigate the consequences and avoid all relevant risks in the future. Among other things, Miriada Oร shall register all incidents and inform the Data Protection Inspectorate and the data subject directly.
8. PROCESSING CHILDRENโS PERSONAL DATA
8.1. Miriada Oร shall not knowingly collect information about persons under the age of 13, or children, and if we do so knowingly, we will consider the wishes of the parent or guardian.
8.2. If Miriada Oร becomes aware that the company has collected some personal data from a child or about a child, the company will do its best to terminate the processing their personal data.
9. RIGHTS OF THE DATA SUBJECT
9.1. Rights related to the consent:
9.1.1. The consent to allow the processing of personal data may be withdrawn by the data subject at any time.
9.1.2. The consent to receive Miriada Oร newsletter can be withdrawn through the link below the newsletter.
9.2. As regards the processing of personal data, the data subject also has the following rights:
9.2.1. The right to receive information, or the right of the data subject to obtain information about personal data collected on them.
9.2.2. The right to access data that inter alia includes the data subject’s right to a copy of their personal data processed.
9.2.3. The right to demand the correction of inaccurate data.
9.2.4. The right to delete data, that is, in a certain case, the data subject has the right to require that personal data be deleted, for example, if processing is done only on the basis of their consent.
9.2.4.1. In this case, the opportunity to participate in Miriada Oร loyalty program will also end, as the client is no longer identifiable.
9.2.5. The right to demand limitation of processing personal data. This right arises, inter alia, if the processing is not authorized by law or if the data subject disputes the accuracy of their personal data. The data subject has the right to demand that the processing of personal data be restricted for a period that allows the responsible person to check the accuracy of personal data, or when the processing of personal data is unlawful, but the data subject does not request the deletion of their personal data.
9.2.6. The right to a supervisory authority’s assessment of whether the processing of personal data of the data subject is lawful.
10. EXERCISING RIGHTS AND SUBMITTING COMPLAINTS
10.1. Exercising rights:
10.1.1. The data subject has the right to contact Miriada Oร by e-mail hello@estonkids.com in the event of a question, application or complaint concerning the processing of personal data.
10.2. Submitting complaints:
10.2.1. The data subject has the right to appeal to Miriada Oร, the Data Protection Inspectorate or a court when the data subject thinks that their rights have been violated during the processing of their personal data.
10.2.2. The contacts of the Data Protection Inspectorate are available on its website http://www.aki.ee/et/inspektsioon/kontaktid-nouandetelefon.
11. COOKIES AND OTHER WEB TECHNOLOGIES
11.1. Miriada Oร may collect data about the visitors of the webpages and other information society services by using cookies (i.e. small pieces of information that are stored by the visitor’s browser on the hard disk of their computer or other device) or other similar technologies (such as IP address, device information, location information), and process these data.
11.2. Miriada Oร uses the data collected to: enable the provision of the service in accordance with the visitor or customer’s habits; ensure the best service quality; make website experience more convenient for the customers; inform the visitor and the customer about the content and make recommendations; make ads more relevant and improve marketing efforts, analyse customer behaviour and thereby improve online experience, facilitate logging in and data protection. The collected data is also used to count visitors and identify their user habits.
11.3. We use the cookies of our online store environment to identify users as unique but anonymous persons.
11.4. Miriada Oร uses session, permanent and advertising cookies. Session cookies will be deleted automatically after each visit; permanent cookies are extant when the website is visited frequently; advertising cookies are used to present materials suitable for the visitor or limit the number of times the same ad is seen on the website. Cookies of third parties are used by websites of Miriada Oร partners. Miriada Oร does not control the appearance of these cookies, so you can get information about these cookies from third parties.
11.5. As regards cookies, the visitors agree to use them on the website, in the settings of information society services, or the web browser. If the visitor does not want to allow the use of cookies on the website, they may block them in their web browser settings, use the option of private browsing, or delete them completely using the instructions given by the service provider of the web browser.
For more information on managing cookies, see the following pages:
Chrome
Safari
iOS
Firefox
Internet Explorer
11.6. Most web browsers allow default cookies. Without the full permission of cookies, the features of the website are not fully available to the visitor, and unforeseen problems with functionality and user experience may occur. Allowing, blocking, or deleting cookies and other similar technologies is controlled by the visitor through the browser settings, information society service settings, and privacy enhancement platforms.
12. RELEVANT DOCUMENTS, INSTRUCTIONS, PROCEDURES
12.1. The following documents, procedures and instructions are used to implement Miriada Oร privacy policy:
12.1.1. The Processing Operations Register, which lists all purposes, ways, processes, types and categories of personal data and the corresponding basics for the processing;
12.1.2. A personโs account in the online shop through which all personal information of the data subject is available to them at Miriada Oร; it is possible to correct and alter them and exercise other rights given under law and this privacy policy;
12.1.3. Miriada Oร Principles of Using Organisational and Technical Measures, which contain different measures that Miriada Oร applies to have personal data confidential and secure;
12.1.4. All About Cookies: descriptions of cookies and other web technologies that Miriada Oร uses.
13. CONTACTS AND INFORMATION
13.1. Important contacts for Miriada Oร data subject:
13.1.1. If you have any questions about personal data, you can contact Miriada Oร via e-mail: hello@estonkids.com
14. OTHER
14.1. Miriada Oร has the right to unilaterally change this privacy policy. Miriada Oร will inform the data subjects on the changes on the website www.estonkids.com. We assume that if you start using Miriada Oร website www.estonikids.com, you have seen the privacy policy and agreed to its terms and conditions.