Support: Mon–Fri 8:00–17:00
Ask for an offer
Processing of personal data

Processing of personal data

This policy explains how Arem Kaubandus OÜ (registry code 10644448, address Vilja tn 13a, 71020 Viljandi, Estonia; hereinafter “the Seller” or “we/us/our”) processes the personal data of its customers and visitors to the Online Store.
Our activities comply with the EU General Data Protection Regulation (GDPR) and the laws of the Republic of Estonia.

Data Controller:

Arem Kaubandus OÜ
Registry code: 10644448
Address: Vilja tn 13a, 71020 Viljandi, Estonia
Email: info@sisustuspood.ee

If you have any questions or requests regarding your personal data, please contact us at info@sisustuspood.ee.

DATA COLLECTED

We collect and process the following personal data:

1. When placing an order

• First and last name
• Contact phone number
•  Email address
• Delivery address (street, city, postal code, country)
•  Payment-related information (e.g. bank link or card transaction data; we do not store card details)

2. When creating a user account

• First and last name
• Email address
• Password (stored in encrypted form)
• Optional additional information (e.g. phone number, address, if the customer prefers a quicker purchasing process)

3. When visiting the Online Store

• IP address
• Device and browser technical data
• Website usage logs (e.g. time of visit, pages viewed, user actions)
• Data collected via cookies and similar technologies

4. For marketing and analytics purposes

• Website usage behaviour (including Google Analytics)
• Data collected via advertising platforms (e.g. Facebook Pixel) that facilitate targeted advertising
• Email address upon newsletter subscription

PURPOSES AND LEGAL BASES OF PROCESSING
We process personal data for the following purposes and under the following legal bases:

• Order processing and fulfilment – performance of a contract (GDPR Art. 6(1)(b))
• Billing and accounting – legal obligation (GDPR Art. 6(1)(c))
• User account management – performance of a contract (GDPR Art. 6(1)(b))
• Customer communication (order notifications) – performance of a contract (GDPR Art. 6(1)(b))
• Marketing and direct marketing (newsletters) – customer’s consent (GDPR Art. 6(1)(a))
• Remarketing and web analytics – customer’s consent (GDPR Art. 6(1)(a))
• Legitimate interest (fraud prevention, security, statistical analysis) – legitimate interest (GDPR Art. 6(1)(f))

DISCLOSURE TO THIRD PARTIES

We use trusted partners who act as data processors or independent controllers. Data is shared only to the extent necessary for providing the relevant service.

Recipients may include:

1. Logistics partners 

• Itella SmartPOST OÜ
• DPD Eesti AS (delivery of goods)

2. Payment and financial service providers 

• Montonio Finance OÜ (bank links, card payments)
• Holm Bank AS (hire purchase)
• Estonian banks (bank link payments)

3. Technical service providers 

• Zaproo OÜ – Online Store platform and hosting

All partners process data only to the extent necessary for providing the relevant service and comply with the applicable requirements for the protection of personal data.

DATA RETENTION

1. We retain accounting data (invoices, payment details) for five years pursuant to law.
2. We retain user account data until the customer deletes their account or asks us to delete it.
3. We retain marketing data until the client withdraws their consent.
4. In other cases, we retain personal data as long as is necessary for performing the contract or meeting our legal obligations under the law, or until the expiry of the limitation period for claims.

DATA SUBJECT RIGHTS

The data subject has the following rights regarding their personal data:

• The right of access
• The right to rectification
• The right to erasure
• The right to restriction of processing 
• The right to object
• The right to withdraw consent
• The right to data portability
• The right to contact a supervisory authority (Data Protection Inspectorate, www.aki.ee)
• To exercise your rights, please contact us at info@sisustuspood.ee.

DATA SECURITY

• We use encrypted HTTPS connections to make sure data are communicated safely.
• Only staff and partners who need personal data in order to provide the relevant services have access to such data.
• Staff and partners are bound by confidentiality.
• We apply technical and organisational security measures to prevent unauthorised access to,  and the disclosure or loss of data.

COOKIES AND TRACKING TECHNOLOGIES

Our Online Store uses cookies and similar technologies to:

• secure the basic functions of the Online Store (such as the shopping cart);
• analyse website use (Google Analytics);
• display targeted advertising (remarketing, such as Facebook Pixel, Google Ads).

Types of cookies:

1. Essential cookies – ensure the technical functionality of the page and are always enabled,.
2. Analytical cookies – help us understand how visitors use the site.
3. Marketing cookies – enable relevant advertisements to be displayed to users outside our website.

Users can manage their cookie preferences via their browser settings or the cookie consent window in the Online Store.

AMENDMENTS TO PRIVACY POLICY

Arem Kaubandus OÜ reserves the right to update and supplement this Privacy Policy to ensure compliance with legislation and actual data processing practices.

The latest version is always published on www.sisustuspood.ee and is effective from the moment of its publication. We notify customers of important amendments in an appropriate manner (such as by email or website notices).