Controller of Personal Data
The data controller for the fitbar.ee online store is fitbar.ee, registration code 12765311. For inquiries, you can reach us at +37258198674 or via email at info@fitbar.ee (hereinafter referred to as “Seller”).
Types of Personal Data Collected
We collect and process the following types of personal information:
- Name and Surname
- Contact Information: Phone number and email address
- Billing and Delivery Address
- Bank Account Number
- Order and Payment Details: Order history and payment information
- Customer Support Details
- Other Information: Data from customer surveys and offers
Purpose of Data Processing
We process personal data for the following purposes:
- Fulfilling Contracts: Personal data is used to fulfill contracts with our customers.
- Legal Compliance: We process data to meet legal obligations (e.g., accounting, consumer dispute resolution).
- Order Management: Personal data helps us manage orders and deliveries.
- Purchase History Analysis: Purchase history (date, item, quantity, customer data) is analyzed to provide personalized services.
- Bank Account: Used for refund processing when applicable.
- Customer Support: Contact details (email, phone, name) assist in addressing product and service inquiries.
- Technical Data: IP addresses and other identifiers may be processed for website use and service improvement.
Data Sharing with Authorized Processors
We treat customer data confidentially and only disclose it to third parties with the customer’s consent or as legally required. The customer consents to fitbar.ee use of data to improve services, which may involve sharing data with service providers. Our authorized processors include:
Courier Services:
- DPD
- Itella
- Omniva
- Venipak
Payment Intermediaries:
- Everypay, Swedbank, SEB, Luminor, LHV, Coop, Maksekeskus, PayPal, Pocopay
Usage Analytics:
- Google Analytics, Facebook, Mailchimp
Data Security and Access
Personal data is stored on Zone servers within the EU or EEA territories. Data may also be transferred to countries with adequate protection levels as assessed by the European Commission, including U.S. entities that adhere to data protection agreements.
We employ necessary physical, organizational, and IT measures to protect personal data against accidental destruction, loss, alteration, unauthorized access, or disclosure. Data processing by authorized processors occurs based on contracts requiring them to ensure data security.
Reviewing and Correcting Personal Data
Customers can view and update their stored personal data in the My Data section of their fitbar.ee account. For purchases made as a guest (without an account), you may request access to your personal data by emailing info@fitbar.ee.
Data Retention
- Account Deactivation: Upon account deactivation, personal data will be deleted unless required for accounting or dispute resolution.
- Guest Purchases: Purchase history for guest accounts is retained for one year.
- Payment and Dispute Records: Retained until the dispute is resolved or until the statute of limitations expires (three years).
- Accounting Records: Retained for seven years to comply with legal accounting requirements.
Data Deletion
Stored personal data can be deleted along with the account in the My Data section of fitbar.ee. For other data removal requests, please contact customer support.
Direct Marketing Communications
With the customer’s consent, email addresses and phone numbers may be used for direct marketing. If you wish to unsubscribe from marketing communications, you may do so via the link in the message or by contacting customer support.
If personal data is used for direct marketing profiling, customers have the right to object to their data being processed in this manner by notifying customer support via email.
Resolving Disputes
For concerns or disputes regarding data processing, please reach out to our customer support at info@fitbar.ee. The Estonian Data Protection Inspectorate (info@aki.ee) oversees data protection and can be contacted for further assistance.