Privacy Policy

Last updated: March 19, 2020

1. Introduction
Welcome to Laavaskin. The website located at www.laavaskin.com (hereinafter referred to as the “Website” or “Site”) is owned and operated by LAAVA OÜ, a company operating in accordance with the national laws of Estonia (hereinafter “the Company,” “We,” “Us,” or “Our”). Any reference in this Privacy Policy to “Customer,” “User”, “You” or “Your,” refers to our website visitors or customers who place an order for a product through our website.

We respect your privacy and are committed to providing full transparency regarding how we process your personal data, with whom we share this personal data and what rights you have as a data subject.

2. Definitions
Unless expressly specified otherwise, any reference to the following words shall have the meaning as defined in Article 4 of the General Data Protection Regulation 2016/679 (English Version):

“Controller” – “the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.”

“Personal Data” – “Any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

“Processing” – “Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction”.

“Processor” a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

3. Laava OÜ as the Data Controller
For the purposes of this Privacy Policy, we are the data controller for personal data processed by us for our website visitors, users and customers. We can be contacted at info@laavaskin.com. Alternatively, you can also write to us at the following address:

LAAVA OÜ
Valukoja 10,
11415 Tallinn,
Estonia

4. Personal data we collect
We collect the following personal data from you:

● User Account data. Your user account data includes your email address, username and password as well as all transaction data, shipping data, payment data associated with your User Account;

● Contact data. Your contact data includes your full name, email address, company name (optional) and address;

● Customer Support data. When you send us customer support requests we collect your name, email address and the content of your support request;

● Transaction data. When you place an order, we process your transaction data which includes information about the products you purchased, date and time of purchase, and the total invoice amount of your order;

● Shipping data. When you place an order you also provide us with the shipping address where you would like the order to be delivered;

● Payment data. When you place an order, we may be required to collect some billing-related information such as your billing address. Please note, we do not process any sensitive credit/debit card data;

● Product Review. When you leave any product reviews on our website, we will store your name and the content of your review on our database.

● User Comment. When you leave any public comments on our website, we receive the content of your comment and your IP address.

● Data collected through the use of cookies. We also collect some data about you through the use of cookies, pixels and tags when you visit our website and when you interact with our ads. To learn more about how we use cookies, please visit our Cookie Policy.

5. How do we use the personal data we collect?

● User Account Data
We use this data to create a user account for you and to enable you to securely log into your user account, view your past transactions and store your billing and shipping information for future purchases. The legal basis for processing this data is the performance of our contract with you.

Data Retention:
We will retain your personal data on our record for as long as your account is active. We will remove your personal data from our records three years after the termination of your user account unless we are required to retain this data for our compliance with any legal obligations.

● Contact Data
We use your contact data to contact you regarding your order/support requests as and when needed. The legal basis for processing this data is the performance of our contract with you.

Data Retention:
We will not retain your contact data longer than required for our business purposes. For any orders placed through our website, we will retain your contact data for a period of three years from the date of your purchase.

● Customer Support Data
We use your support request data to respond to your support requests. Our legal basis for processing this personal data is our legitimate interest.

Data Retention:
We will only keep support messages and enquiries on our record for a maximum period of two years from the date of last communication with you.

● Transaction Data
We will keep a record of your purchase to deliver our product to you, to address any disputes or issues arising with the purchase and for our own accounting purposes. Our legal basis for processing this personal data is the performance of our contract with you.

Data Retention:
We will not keep your transaction data on our record for longer than three years from the date of purchase.

● Shipping Data
We provide your shipping data to our shipping service provider to enable them to deliver your order to the specified shipping address. Our legal basis for the processing of this data is the performance of our contract.

Data Retention:
We will not keep the shipping address on our record for longer than three years from the date of delivery of the product ordered.

● Payment Data
We use the payment data to bill you for your ordered product. Our legal basis for the processing of this data is the performance of our contract.

Data Retention:
We will not keep the billing address on our record for longer than three years from the date of purchase.

● Product Review Data
We may use the content of your product review on our website and other social media pages. Please note that your name will be displayed with your review. Please do not share any personal data in public reviews that you do not wish to be publicly visible to others. Our legal basis for processing this data is our legitimate interest.

Data Retention:
We will keep your product reviews on our website or other social media pages for as long as we deem fit unless you specifically request us to remove your review from our website in which case we may continue to use the content of the review by anonymising your personal data.

● Data Collected through the use of Cookies
We use this data to understand how our users use our website, to improve our user experience, for web performance analytics and to serve relevant advertising to you. Our legal basis for this processing is your consent which you grant us when you continue to use our service by accepting our cookies.

Data Retention:
Each cookie is retained for a specified period of time. To learn more, please visit our cookie policy.

In addition to the abovementioned legal basis, we may also retain any personal data that we collect for our compliance with our legal obligations, a court order, or to assert our legal rights or defend any claims. Where we request your consent to the processing of your personal data for marketing purposes, you may withdraw your consent at any time. Please visit ‘Your Rights’ section to learn more about your data rights.

6. Cookies
To the extent required by law, we use cookies, pixel tags and web beacons on our website with your consent. Cookies are small files that contain data that is used to identify you as a unique user. You can tell your browser to decline all cookies or to indicate when a cookie is being sent. If you decide to decline cookies, you may not be able to use some parts of our website.

● Google Analytics
We may use Google analytics services to improve our understanding of how users interact with our website. Google Analytics is owned and operated by Google LLC. Google Analytics uses cookies that are stored on your computer for the purpose of evaluating your use of our website. All information collected from you is stored on Google’s servers in the United States of America. You can learn more about how Google processes your personal data at this link.

You can stop these cookies from being stored on your computer by installing the browser plug-in available here.

● Facebook Pixel
We may use Facebook Pixel to track user behaviour when they visit our website after clicking on our Facebook ad and for retargeting ads to such users after they leave our website.

We may also use Facebook Pixel to analyze how our Facebook ads are performing. All data collected through Facebook Pixel is anonymous, and we will not receive any personal data about our users from Facebook Inc. Although Facebook Inc does not disclose your personal data to us, this information is still stored and processed by Facebook Inc and may be used by them, in accordance with their own Privacy Policy.

If you do not wish for Facebook to use your data for the Facebook ads display, please contact Facebook at the link provided here.

You can decline cookies from our website by clicking the decline button in the cookie banner on our website or by changing your browser settings to decline all third-party cookies.

7. Sharing your personal data
We do not sell or rent your personal data to any third party. We may disclose your personal data as described hereunder:

● We may share your personal data with service providers that we engage to perform services on our behalf. Please note the service providers we engage are not authorised to disclose your personal data to any third party unless required by law or during the course of performance of services on our behalf.

● When you order a product your payment information is collected and processed by our Payment Service Provider: Paypal, Inc and Stripe, Inc;

● We reserve the right to disclose your personal data when required to do so for our compliance with any applicable laws and upon reasonable requests of any government bodies or regulatory authorities.

● We may share your personal data to enforce our contractual or other legal rights arising out of our Agreement with you.

● In future, if we undergo a merger or acquisition, your personal data that we hold may be disclosed to the new entity as a result of such transaction. Please note any such transfer of your personal data to the new entity will not negatively impact your rights as outlined in this Privacy Policy.

8. Your Rights
The General Data Protection Regulation grants users who are in the European Economic Area certain data rights. If you are in the EEA, you may exercise the following rights:

● Your right to access and/or edit your personal data
If you wish to access and/or edit your personal data that we process, please contact us at info@laavaskin.com, and we will respond to your request within 30 days.

● Your right to be forgotten
If we do not have any valid legal basis for processing your personal data, you may request deletion of your personal data by contacting us at info@laavaskin.com.

● Your right to withdraw consent
Where we use consent as the legal basis for processing your personal data for direct marketing purposes, you have the right to withdraw your consent anytime by giving written notice of your withdrawal at info@laavaskin.com.

● Your right to file a complaint with a supervisory authority
If you believe that our processing of your personal data is infringing your rights as a data subject, you have the right to file a complaint with the Data Protection Inspectorate at:

Data Protection Inspectorate
Väike-Ameerika 19
10129 Tallinn
Estonia
www.aki.ee

9. Transfer of data
We process most of our users’ data in the European Economic Area. However, there are some services that we use that may transfer your data to the United States of America, where the data protection laws are less stringent than those applicable within the EEA. By accessing or in any way interacting with our website, you give us your express consent to the transfer and processing of your data in and outside the country of your current residence for the purposes outlined in this Privacy Policy and those that are compatible with the specified purposes. Whenever we transfer your personal data to another jurisdiction, we take all necessary steps to ensure that your data is adequately protected in such a recipient location.

10. Security of data
We protect and store your personal data using all industry best practices, including encryption to reduce the risk of any data breach by complying with the principles of data minimisation. Please note that despite our best efforts, there may be security vulnerabilities that we are not yet aware of, which is why we are unable to offer any guarantees of security.

11. Third-party website links
Our website may contain links to third-party websites that are not owned or operated by us. When you click on any third party links, you will be directed to the third party’s website. These third-party websites have their own Terms and Privacy Policy, and we encourage you to review their Terms and Privacy Policy prior to using their site or any services offered by them.

12. Protection of children’s privacy
We do not target our website or Services to anyone under the age of thirteen (13) years (“Children”). If you are the parent or legal guardian of a child who you believe has provided us with his/her personally identifiable information, please contact us at info@laavaskin.com.

13. Changes to this Privacy Policy
We may modify and update this Privacy Policy at any time at our sole discretion. In the event we modify this Privacy Policy, we will inform you by changing the last updated date on the top.

14. Contact Us
If You have any questions about this Privacy Policy, please contact us at info@laavaskin.com or by writing to us at our Company address below:

LAAVA OÜ
Valukoja 10,
11415 Tallinn,
Estonia