Data Controller

The data controller of the online store www.langemaa.ee is Langemaa OÜ (registry code: 14327495, VAT ID: EE102110908), located at Metsa tee 8, Tihemetsa, Saarde municipality, Pärnumaa 86201, Estonia.
Phone: +372 5292 345
Email: kaija@langemaa.ee

For payment processing, Langemaa OÜ forwards necessary personal data to the authorized processor Maksekeskus AS.

Types of Personal Data Processed

  • Name, phone number, and email address

  • Shipping address

  • Bank account number

  • Purchase history and payment-related data (order dates, items, prices)

  • Customer support information

Purpose of Data Processing

Personal data is processed to:

  • Manage customer orders and deliver goods

  • Compile purchase history and analyze customer preferences

  • Refund payments (bank account number used)

  • Handle customer support cases using name, phone number, and email

  • Provide the online store service and generate web usage statistics (IP address and network identifiers)

Legal Basis for Processing

  • Contractual necessity: To fulfill the agreement between the customer and Langemaa OÜ

  • Legal obligation: For example, accounting and resolving legal disputes

Data Recipients

  • Customer support team: for managing orders and addressing issues

  • Logistics providers: receive name, phone number, email, and delivery address (for courier deliveries)

  • Accounting service providers: receive data needed for bookkeeping

  • IT service providers: receive data necessary for hosting and functionality of the e-store

All data transfers are based on contractual agreements ensuring proper data protection measures are in place.

Data Security and Access

  • Personal data is stored on servers of Zone Media OÜ, located within the EU or EEA.

  • Data may also be transferred to countries deemed adequate by the European Commission or to U.S. companies certified under the Privacy Shield framework.

  • Only authorized employees of the online store have access to the data for technical support and customer service purposes.

Security Measures:
Appropriate physical, organizational, and IT security measures are applied to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized access, or disclosure.

Accessing and Correcting Personal Data

Customers can access and correct their personal data via customer support or, if they have an account, through their user profile in the online store.

Withdrawal of Consent

If processing is based on consent, the customer can withdraw it by notifying customer support via email.

Data Retention

  • Upon account closure, personal data is deleted unless needed for accounting or legal purposes.

  • If a purchase was made without an account, purchase history is retained for three years.

  • In case of payment or legal disputes, data is retained until the claim is fulfilled or the limitation period expires.

  • Accounting-related data is stored for seven years.

Data Deletion

To request deletion of personal data, contact customer support via email.
A response will be given within one month, including confirmation of the deletion timeline.

Data Portability

Requests for data portability submitted by email will be processed within one month.
Customer support will verify the identity of the requester and inform which personal data can be transferred.

Direct Marketing

Email addresses and phone numbers may be used for direct marketing if the customer has provided consent.

If the customer no longer wishes to receive such messages, they can unsubscribe via the link in the email footer or contact customer support.

Customers have the right to object to the processing of their personal data for direct marketing purposes, including profiling. Objections should be submitted to kaija@langemaa.ee.

Dispute Resolution

Disputes related to personal data processing should be addressed through customer support at kaija@langemaa.ee.

The supervisory authority is the Estonian Data Protection Inspectorate
Email: info@aki.ee