Rahva Raamat logo
Categories
triangle icon
Rahva Raamat logo
Categories
Books
triangle icon
Audiobooks
triangle icon
E-books
triangle icon
Games
triangle icon
Stationery
triangle icon
Gifts
triangle icon
Music & Movies
triangle icon
Electronics
triangle icon
Special offers!
triangle icon

Privacy Policy

Principles for processing customer data

This document defines the processing of customer data held by Rahva Raamat AS, and the purposes, composition and confidentiality of the processing of data.

Who processes the customer data?

Rahva Raamat AS (registration number 10421903), address Telliskivi 60/2, 10412 Tallinn, Estonia, is the controller of customer data.

The processors of customer data are:

Customer data is processed by https://web.rahvaraamat.ee which is only accessible to Rahva Raamat employees.

Postal service providers, in order to deliver ordered goods to the customer;

Advertising service providers, including social media service providers, to whom we transfer only the data necessary to inform customers about new products and promotion campaigns and to analyse customer behaviour in our online shop;

Companies providing IT support to ensure the functioning and development of the e-shop and other IT solutions of Rahva Raamat AS.

Who is a customer?

A person who has entered into contractual relations with Rahva Raamat AS.

What constitutes customer data?

Customer Data includes any information that Rahva Raamat AS has about its customer (e.g. customer’s name, personal identity code, contact details, information on transactions).

What is processing of customer data?

Processing of customer data is any operation performed on customer data (including collection, saving, organisation, storage, alteration, disclosure, enabling access to, retrieval, consultation, use, transmission, cross-use, interconnection, blocking, erasure and destruction of customer data).

Composition of processed customer data:

Rahva Raamat AS may collect the following data:

- given name and surname/company name;
- identity code/registration number;
- place of residence/location;
- bank account number;
- contact details;
- information on transactions (information on purchases performed by the customer);
- information on habits, preferences and satisfaction (e.g., frequency of using services, information relating to services used and customer satisfaction as well as complaints);
- IP-address;
- all other customer data that has not been mentioned above and which the customer has transmitted to Rahva Raamat AS via means of communication (e.g. telephone and computer network) on their own initiative, including the right of Rahva Raamat AS to record all orders given by the customer via means of communication.

In order to enable a better user experience in mobile application, Rahva Raamat AS processes the following data:
- access to files is necessary to enable reading of e-books;
- verification of Wi-Fi connection;

On the bases provided for in law, Rahva Raamat AS has the right to process customer data not specified in this document.

What is the purpose and legal basis of processing customer data?

Rahva Raamat AS processes customer data in order to:

fulfil the contract concluded with the customer, which is based on:
- performing the contract or implementing the activities agreed upon before entering into contract upon the request of the customer;
- performance of legal obligations;
- legitimate interests of Rahva Raamat AS.

provide additional services, conduct customer satisfaction studies, market analyses and produce statistics that are based on:
- the consent of the customer;
- the legitimate interests of Rahva Raamat AS to improve the services and products of Rahva Raamat AS;
- to improve the customer’s user experience as well as to develop new products and services.

to protect their breached or contested rights (e.g., forwarding information to the court), which is based on:
- the consent of the customer;
- performing the contract or implementing the activities agreed upon before entering into contract upon the request of the customer;
- performance of legal obligations;
- the legitimate interest of Rahva Raamat AS to prevent, restrict and investigate the misuse or illegal use of the services and products of Rahva Raamat AS.

to perform obligations arising from legal norms (e.g., forwarding information to investigating bodies), which is based on:
- performing the contract or implementing the activities agreed upon before entering into the contract upon the request of the customer;
- performance of legal obligations;
- legitimate interests of Rahva Raamat AS in prudent risk management and general corporate management.

In which cases does Rahva Raamat AS discloses customer data?

Customer data are confidential, they are not disclosed and not accessible for Third Parties without the prior agreement of the customer, except in cases provided by law.

Rahva Raamat AS has concluded agreements with mailing companies and companies providing telephone interviewing services on the confidential use of the information provided.

Who is a Third Party?

A Third Party is a physical or legal entity that is not a customer or a processor of customer data.

Where is the customer data processed?

Customer data is uploaded to https://web.rahvaraamat.ee which is only accessible to Rahva Raamat employees.

Generally, customer data are processed within the European Union and the European Economic Area (EU/EEA), but in some cases it is transferred to and processed in countries outside the EU/EEA.

The transfer and processing of customer data outside the EU/EEA may take place provided that there is a legal basis, such as the fulfilment of a legal obligation or the customer's consent, and appropriate safeguards are in place.

Appropriate safeguards include:
- a valid contract that contains standard contractual clauses that have been laid down by the EU;
- there is an adequate level of data protection in the country outside the EU/EEA where the recipient is located, in accordance with the decision of the European Commission;
- the recipient is certified under the data protection network Privacy Shield (applied to the recipients located in the United States of America).

Upon request, the customer will receive more specific information on the transfer of customer data to countries outside the EU/EEA.

How does Rahva Raamat AS use customer data in providing services?

Rahva Raamat AS sends its customers the offers of Rahva Raamat AS. The customers are also sent offers that have been made by the cooperation partners carefully selected by Rahva Raamat AS. The cooperation partner will not have access to customer data unless the customer has expressed a specific interest in the goods or services of the cooperation partner.

How does Rahva Raamat AS use profile analysis for making personalised offers?

Profile analysis is the automatic processing of customer data for the purpose of assessing certain personal characteristics of a customer. For example, in order to analyse or predict a person’s economic situation, personal preferences, interests, place of residence. Profile analysis is used for marketing purposes, which is based on the legitimate interests of Rahva Raamat AS, fulfilling of a contract or the consent of the customer.

Rahva Raamat AS may process customer data in order to improve the user experience of digital services, such as adapting the service views to the device used and creating personalised offers for the customer (unless the customer has refused direct marketing). Such marketing may be based on the type of services the customer uses, how they use them, and how the customer navigates in the Rahva Raamat AS mobile application.

Proceeding from the legitimate interests of Rahva Raamat AS, Rahva Raamat AS ensures its private customers convenient use of the e-shop environment by making of personalised offers and marketing based on profile analysis.

What are the rights of the customer?

The customer has the following rights relating to the processing of customer data:
- to request rectification of their customer data if the data are inadequate, incomplete or incorrect;
- to object to the processing of their customer data where the use of the customer data is based on a legitimate interest, including profile analysis for direct marketing purposes (e.g. receiving marketing offers or participating in interviews);
- to request erasure of their customer data, for example, in the cases when the data are processed with the consent of the customer and the customer has withdrawn their consent. Such a right will not apply if the customer data requested to be erased are processed also on other legal bases, like fulfilling a contract;
- to restrict the use of their customer data on the basis of applicable legislation, for example, during the time when Rahva Raamat AS is assessing whether the customer has the right to erasure of their data;
- to get information on whether Rahva Raamat AS is processing their customer data, and if they are processing, get access to such data;
- to receive for themselves the submitted customer data that are processed on the basis of consent or for fulfilling a contract, in written or generally used electronic format, and if technologically possible, transfer these data to another service provides (data portability);
- withdraw their consent to processing of customer data;
- file complaints on the use of customer data to the Estonian Data Protection Inspectorate (web page:Error! Hyperlink reference not valid., if the customer finds that processing of their customer data is in breach of their rights and interests under applicable legislation.

How to change your customer data and request the termination of their processing?

The customer has the right of access to their customer data through the e-mail address epood@rahvararaamat.ee or phone (+372) 612-0172 . If the customer data have changed or are incorrect for some other reason, the customer must report this by e-mail to epood@rahvaraamat.ee or phone (+372) 612-0172.

The customer has the right to request completion of processing of their data and/or erasure of collected data if such a right proceeds from the Personal Data Protection Act or other legislation.

How long are the customer data stored?

Customer data are not processed longer than necessary. The storage period may be based on the contract with the customer, the legitimate interests of Rahva Raamat AS or applicable law (e.g., legislation on accountancy or legislation on term of expiry, or other private law).

Where can I get more information on processing of customer data?

If you wish to get a more specific explanation of processing of your customer data, please phone our customer support phone (+372) 612-0172 or send an e-mail to the address epood@rahvaraamat.ee. We will reply to your e-mails and calls on working days from 09.00-17.00.