Medifum.ee e-shop is managed by Medifum Group OÜ. The purpose of this website is to promote and sell a range of products and related accessories.
What personal data do we collect?
No personal data is collected when you visit the website. You have the option to voluntarily provide personal information when subscribing to the mailing list or when placing an order. You will be asked:
- e-mail address
- telephone number
Why do we collect and process personal data?
We collect and process personal data for the following purposes:
- to send answers to your questions.
- to send newsletters
- to fulfil orders you have placed with us
Cookies and pixels
A cookie is a small text file that is stored on the user’s device when they visit a website and allows you to remember their preferences, such as font size, language, device information, visit statistics, etc.
This website sends small files (“cookies”) to your computers and mobile devices that are necessary for this website to function and to collect anonymous web analytics.
Pixel tags are small snippets of website code that allow websites to read and place cookies. These are triggered when the user opens an email or logs on to a website, which then downloads third-party cookies or registers that the user has opened an email.
- We collect and analyse anonymous online statistics about how users move around the website. We do this using Google Analytics software, which treats the data anonymously and does not collect or process personal data.
- We collect and analyse anonymous online statistics about how users use the website. We do this using Hotjar software, which treats the data anonymously. This improves the usability of the website.
- medifum.ee has added a Facebook pixel code, and if you no longer wish to see ads from these websites on Facebook, you can disable them here: https://www.facebook.com/ads/preferences by deleting “Advertisers you have interacted with” from the medifum menu.
To whom is the data transferred?
Medifum Group OÜ does not transfer customer data outside the European (EU) Economic Area. We will treat your personal information as confidential and will not pass it on to any other person. The Company will transmit the information concerning the payments to the person authorised (jur) to process the data, Montonio UAB.
Transfer of personal data outside the EU
We do not transfer your personal data outside the European Union or the European Economic Area (EEA).
We work to protect your information from unauthorised access or unauthorised alteration, disclosure or breach.
To keep your data secure, we do the following:
- We treat all personal data as confidential.
- We only use encrypted services using SSL.
- We restrict access to personal data by granting access only to those employees and contractors who need the information to process it, who are subject to strict contractual confidentiality obligations and who may be sanctioned or have their contract terminated if they fail to comply with those obligations.
- We keep personal data mainly in digital format rather than on paper to ensure more secure access control.
- The repository is protected by the necessary IT technical and organisational safeguards.
While we apply strict security rules to the personal information that we receive, it should be noted that the internet is never completely secure and we cannot guarantee the security of any information you send to us. The security of the data you send is always at your own risk.
What rights do you have and how can you exercise your rights?
If you have consented to the collection, processing and use of your personal data in certain ways, you may withdraw your consent at any time in the future.
In accordance with applicable data protection laws, you are entitled to:
- Request access to your personal data.
- Request correction of your personal data.
- Request the deletion of your personal data.
- Request restriction of the processing of your personal data.
- Request the transfer of your personal data.
- Request the withdrawal of your consent to the processing of your personal data.
- Oppose automated decision-making (including profiling).
The application must allow your identity to be uniquely identified. To exercise your rights and submit your request, please contact us as set out in the section (“Contact us”).
Please note that you can only request the deletion of your personal data, the restriction of their processing or other measures if there is a lawful basis for you to do so and in accordance with data protection legislation.
In the event of a complaint, you have the right to lodge a complaint with the competent data protection authority. We work with the relevant regulatory authorities, including local data protection authorities, to resolve complaints about transfers of personal data.
How long do we keep your personal data?
Your personal data will be kept for as long as necessary to provide you with the services you have requested. If the personal data has not been used for 3 consecutive years, we will delete your personal data or make your personal data anonymous, unless mandatory retention requirements apply.
Data collected in an anonymised form is kept indefinitely.
By using this website, you have read and agreed to these terms and conditions.