Privacy Terms
Kirna Mõis OÜ (hereinafter Kirna) aims to be a reliable partner in the processing of personal data and to respect your rights. Based on this, we have created the privacy policy principles that cover the collection, use, disclosure, transfer, and storage of customer data.
1. TERMS
1.1. Data Subject is a natural person about whom Kirna has information, or information that can identify a natural person. Data subjects include, for example, individual clients, partners, and employees whose personal data Kirna holds.
1.2. Privacy Terms refer to this text, which sets out Kirna’s Personal Data Processing principles.
1.3. Personal Data means any information relating to an identified or identifiable natural person.
1.4. Processing of Personal Data refers to any operation performed on personal data, such as collection, recording, organizing, storing, modifying, disclosing, granting access, querying, extracting, using, transmitting, combining, closing, deleting, or destroying personal data, or any combination of these operations, irrespective of the means used.
1.5. Client is any natural or legal person who uses or has expressed an interest in using the services offered in the Kirna online store.
1.6. Contract is an agreement between Kirna and the Client for providing services or any other agreement.
1.7. Website www.kirnapark.ee is Kirna’s online store.
1.8. Visitor is a person who uses Kirna’s online store.
1.9. Child in the context of Personal Data Processing is a person under the age of 13 in the Republic of Estonia.
1.10. Services refer to all products and services offered by Kirna.
1.11. Cookies are data files sometimes stored on the Visitor’s device.
1.12. Kirna Data Protection Specialist is a person who oversees Kirna’s Personal Data Processing principles and is the contact for complaints.
1.13. Sales Channels are the means used by Kirna to communicate with Data Subjects, sell goods, and provide services. These include email, phone, social media, chatlines, personalized ads, and other similar tools on Websites and elsewhere.
1.14. Product Portfolio is the list of Kirna’s various products and services available on the website www.kirnapark.ee.
The terms used in the Privacy Terms, Agreement, and other communications between parties are as defined above.
2. GENERAL PROVISIONS
2.1. Kirna is a legal entity Kirna Mõis OÜ, with registry code 10938478, located at Mõisa tee 5, Kirna village, Türi municipality, Järva County 72231.
2.2. Personal data may be processed by Kirna:
2.2.1. as the data controller, determining the purposes and means of processing;
2.2.2. as the data processor under the instructions of the data controller;
2.2.3. as the recipient to whom personal data is transferred.
2.3. The Privacy Terms apply to Data Subjects and all Kirna employees and partners who handle personal data in connection with Kirna’s services.
2.3.1. The Privacy Terms may be supplemented by privacy notices published on the Website or devices, and may be modified and updated accordingly.
3. PRINCIPLES
3.1. Kirna always processes Personal Data with respect for the interests, rights, and freedoms of Data Subjects.
3.2. Kirna’s goal is to process Personal Data responsibly, adhering to best practices, and is always ready to demonstrate compliance with the processing objectives.
3.3. Kirna’s processes, guidelines, and actions related to the processing of Personal Data are based on the following principles:
3.3.1. Legality: Personal Data processing is based on legal grounds, such as consent.
3.3.2. Fairness: Personal Data processing is fair, ensuring that Data Subjects have sufficient information about how their data is processed.
3.3.3. Transparency: Personal Data processing is transparent to the Data Subject.
3.3.4. Purpose Limitation: Personal data is collected for clear, legitimate purposes and is not processed in ways that are incompatible with those purposes.
3.3.5. Accuracy: Personal Data is accurate and, where necessary, updated, with all reasonable measures taken to delete or correct any inaccuracies.
3.3.6. Storage Limitation: Personal data is stored only as long as necessary to fulfill the purposes for which it is processed.
3.3.7. Confidentiality and Security: Personal data is processed securely to protect against unauthorized access, loss, destruction, or damage using appropriate technical and organizational measures.
4. TYPES OF PERSONAL DATA
4.1. Kirna collects the following types of personal data:
4.1.1. Personal Data disclosed by the Data Subject to Kirna (e.g., name, email address, postal address, phone number);
4.1.2. Personal Data resulting from the regular communication between the Data Subject and Kirna;
4.1.3. Personal Data explicitly disclosed by the Data Subject (e.g., on social media);
4.1.4. Personal Data generated during the consumption of services (e.g., when purchasing from Kirna’s online store);
4.1.5. Personal Data collected through the use of the Website (e.g., time spent on the Website);
4.1.6. Personal Data received from third parties;
4.1.7. Personal Data created and combined by Kirna (e.g., correspondence or order history).
5. PURPOSES AND LEGAL BASES FOR PROCESSING PERSONAL DATA
5.1. Kirna processes personal data solely on the basis of consent or legal requirements.
5.2. Kirna processes personal data based on the explicit consent of the Data Subject, for specific purposes, within the scope determined by the Data Subject.
5.3. Legitimate Interests: Kirna processes personal data based on its legitimate interest in managing and operating its business to offer the best possible services.
5.4. Legal Obligations: Kirna processes personal data to comply with legal obligations, such as processing payments or adhering to anti-money laundering regulations.
5.5. Kirna ensures that processing for new purposes, outside of the original reason for collection, is carefully evaluated and determined to be permissible.
6. DISCLOSURE AND TRANSFER OF PERSONAL DATA
6.1. Kirna may collaborate with third parties to whom personal data may be transferred in connection with its services.
6.2. Such third parties may include service providers like postal services, IT partners, debt collection agencies, and others.
7. SECURITY OF PERSONAL DATA
7.1. Kirna retains personal data only for the minimum time necessary. Expired data is securely destroyed.
7.2. Kirna has implemented guidelines and procedures to ensure the security of personal data through both organizational and technical measures.
8. CHILDREN’S PERSONAL DATA
8.1. Kirna does not knowingly collect personal data from children under the age of 13 and follows the wishes of parents or guardians if such data is collected.
9. RIGHTS OF THE DATA SUBJECT
9.1. Consent-Related Rights: Data Subjects have the right to withdraw consent at any time.
9.2. Data Subjects have the following rights regarding personal data processing:
9.2.1. The right to access personal data.
9.2.2. The right to correct inaccurate data.
9.2.3. The right to delete personal data under certain conditions.
9.2.4. The right to restrict processing.
9.2.5. The right to obtain an assessment on whether the processing is lawful.
10. EXERCISING RIGHTS AND MAKING COMPLAINTS
10.1. Data Subjects may contact Kirna for questions, requests, or complaints via email at pood@kirna.ee.
10.2. Data Subjects also have the right to file complaints with the Data Protection Inspectorate or a court if their rights have been violated.
11. COOKIES AND OTHER WEB TECHNOLOGIES
11.1. Kirna collects data from Website Visitors using cookies or similar technologies.
11.2. Kirna uses the collected data to improve service quality, provide a better customer experience, and enhance marketing efforts.
11.3. Visitors consent to the use of cookies when browsing the Website. They can manage cookie preferences through their browser settings.
12. IMPORTANT DOCUMENTS AND GUIDELINES
12.1. Kirna follows these documents and policies in processing personal data:
12.1.1. Data Processing Register, detailing processing purposes, methods, and legal bases.
12.1.2. E-commerce Account for Data Subjects to access and manage their personal data.
12.1.3. Internal procedures for ensuring data security.
13. CONTACT AND INFORMATION
13.1. Kirna’s contact information for data-related inquiries:
13.1.1. Email: pood@kirna.ee
14. OTHER TERMS
14.1. Kirna reserves the right to amend these Privacy Terms and will notify Data Subjects of any changes on the Website.