• Loyal customer wins!
    10% discount on all products!
  • Free delivery!
    Free shipping on orders above 199 € !
  • Secure and easy payment!
    Pay by credit card, PAYPAL, local bank link or later by bank transfer!
  • Fast shipping!
    Orders are shipped within 24 hours on working days!
0
You have no items in your shopping cart.

0

Search

Processing of personal data

The controller of the personal data of the online shop www.glamlac.com is Glamlac LCC (registry code 12149262), located at 3 Türi Street, Tallinn 11313, Estonia, phone +3726017725 and e-mail info@glamlac.com (hereinafter the merchant).

 

What personal data are processed

  • name;
  • contact information such as a telephone number and an e-mail address;
  • payer’s address and delivery address;
  • bank account number;
  • costs of goods and services and data related to payments (purchase history);
  • customer support details;
  • other information related to customer surveys and/or offers.

You can read more about the use and recording of cookies on this page

 

For what purpose personal data are processed

Personal data are processed for the purposes of the performance of the contract concluded with the customer. Personal data are processed for the performance of legal obligations (for example, accounting and the resolution of consumer disputes).
Personal data are used for managing the customer’s orders and delivering the goods.
Purchase history data (purchase date, goods, quantity, customer data) are used for preparing an overview of goods and services purchased and for analysing customer preferences.
The bank account number is used to refund payments to the customer.
Personal data such as e-mail address, telephone number and customer name are processed in order to resolve any issues related to the provision of goods or services (customer support).
The IP address or other online identifiers of the user of the online shop are processed for the provision of the online shop as an information society service and for the compilation of Internet use statistics.

 

Transmission of personal data to authorised processors

The merchant keeps secret the customer’s personal data that have become known to it in the course of the registration and use of the user account and publishes them to third parties only with the customer’s consent, except where the obligation or entitlement to publish the data results from legislation. The user of the online shop accepts that, in order to provide the customer with suitable services, the merchant is entitled to process their data, including the transmission of the customer’s data to parties related to the provision of a service for the customer by the merchant. List of authorised processors:

Omniva - Personal data (name, telephone number and e-mail address) are transmitted to the transport service provider selected by the customer. In the case of goods delivered by a courier, the customer's address is also transmitted in addition to the contact details. 

Itella - Personal data (name, telephone number and e-mail address) are transmitted to the transport service provider selected by the customer. In the case of goods delivered by a courier, the customer's address is also transmitted in addition to the contact details.

DPD - Personal data (name, telephone number and e-mail address) are transmitted to the transport service provider selected by the customer. In the case of goods delivered by a courier, the customer's address is also transmitted in addition to the contact details.

Venipak - Personal data (name, telephone number and e-mail address) are transmitted to the transport service provider selected by the customer. In the case of goods delivered by a courier, the customer's address is also transmitted in addition to the contact details.

Swedbank - Personal data is transmitted to the payment solution provider chosen by the customer in connection with the recording of the information necessary for the transactions.

SEB - Personal data is transmitted to the payment solution provider chosen by the customer in connection with the recording of the information necessary for the transactions.

Luminor - Personal data is transmitted to the payment solution provider chosen by the customer in connection with the recording of the information necessary for the transactions.

LHV - Personal data is transmitted to the payment solution provider chosen by the customer in connection with the recording of the information necessary for the transactions.

Paypal - Personal data is transmitted to the payment solution provider chosen by the customer in connection with the recording of the information necessary for the transactions.

Standardbooks - Personal data is transmitted to economy and bookkeeping software service providers for accounting.

Paypal - https://www.paypal.com/ee/webapps/mpp/ua/privacy-full - Personal data is transmitted to the payment solution provider chosen by the customer in connection with the recording of the information necessary for the transactions.

Maksekeskus - https://maksekeskus.ee/wp-content/uploads/2016/11/Maksekeskuse-privaatsuspoliitika-alates-25.05.2018.pdf - Personal data is transmitted to the payment solution provider chosen by the customer in connection with the recording of the information necessary for the transactions.

 

Security and access to data

Personal data are stored on the servers of Zone Media OÜ located within the territory of a Member State of the European Union or of a country that has acceded to the European Economic Area. Data may be transmitted to countries where the European Commission has estimated the level of data protection to be sufficient or to companies in the United States that have signed up for the Privacy Shield framework. 
The online shop takes appropriate physical, organisational and information technology security measures in order to protect personal data against accidental or unlawful destruction, loss, modification or unauthorised access or disclosure.
Transmission of personal data to the authorised processors of the online shop – personal data are processed under the contract concluded between the online shop and the authorised processor. The authorised processors are required to ensure appropriate safeguards during the processing of personal data.

 

Inspection and amendment of personal data

Personal data recorded in the online shop may be inspected or amended via the online shop account managementIf a purchase has been made in the capacity of a visitor (without a user account), a query about personal data may be submitted using the request for information form

 

Revocation of consent

If personal data are processed based on the customer’s consent, the customer is entitled to revoke their consent via the online shop account management

 

Retention

When a customer account is closed in the online shop, any personal data are deleted, except where such data need to be retained for accounting or the resolution of consumer disputes.  If a purchase has been made in the online shop in the capacity of a visitor (without a user account), the individual purchase history will be retained for three years.  In the event of disputes related to payments or consumer disputes, personal data are retained until the settlement of the claim or until the expiry of the limitation period (three years).  Personal data needed for accounting are retained for seven years. 

 

Deletion

Personal data recorded in the online shop along with the user account may be deleted via the online shop account management. You can submit a query about the deletion of other personal data using the request for information form. A request for the deletion of data is answered not later than within a month, and the period for the deletion of the data is clarified if necessary

 

Transfer

An electronic statement about the personal data recorded in the online shop may be downloaded from the online shop account management
You can submit a query about the transfer of other personal data using the request for information form.
A request for the transfer of data is answered not later than within a month, where customer support establishes identity and provides notification of personal data applicable to transfer. 

 

Direct marketing messages

An e-mail address or a telephone number is used for the transmission of direct marketing messages if the customer has provided the relevant consent. If the customer does not wish to receive direct marketing messages, the relevant link has to be selected in the e-mail header or customer support has to be contacted.  If personal data are processed for the purposes of direct marketing (profiling), the customer is entitled to submit objections in relation to the initial or subsequent processing of their personal data, including the preparation of a profile analysis related to direct marketing, at any time by notifying customer support thereof via e-mail. 

 

Resolution of disputes

Disputes related to the processing of personal data are resolved through customer support (info@glamlac.com). The supervisory authority is the Estonian Data Protection Inspectorate (info@aki.ee).