Last update: September 29, 2024
Ligne Roset Estonia collects data in the course of doing business. We want to keep that data safe and secure. We want to give the people to whom that data relates visibility and control over the use of their data.
This privacy policy is quite a long document. It’s long because we take our responsibility seriously, and that means providing as much information as we can in a way that (we hope!) is reasonably understandable by someone who isn’t a data privacy expert. If you don’t understand any part of the policy or you have any questions about how we use data, please get in touch (via info@ligneroset-estonia.ee).
For the purpose of the Store Privacy & Cookie Policy, wherever the context so requires “you“, “your“ or “user” shall mean any natural or legal person who has agreed to buy our products by placing an order on our Website. The terms “we”, “us”, “our” or “Ligne Roset Estonia” shall mean Daydream OÜ, a company registered under the laws of Estonia and having its registered office at Tartu mnt 6, Tallinn, Estonia, 10145.
HOW THIS POLICY APPLIES
This Privacy & Cookie Policy applies when you visit our website www.ligneroset-estonia.ee (the “Site”), contact our customer service team, engage with us on social media, or otherwise interact with us.
We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of this policy and, in some cases, we may provide you with additional notice (such as adding a statement to our website or sending you a notification). We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you.
HOW WE COLLECT YOUR INFORMATION
As you interact with us, we may collect and process a wide range of personal information about you. This might include:
- Personal contact details such as full name, address (including billing address and delivery address), email address, and telephone number(s). This could be your information, or the contact details of someone else (like a gift or delivery recipient, or a credit card holder).
- Information about your date of birth, age and gender.
- Details regarding or connected to products or services that you have ordered from us.
- Device data where you use our apps or website. This may include information about the device you use and the unique device identifier (for example your device’s IMEI number, or the MAC address of the device’s wireless network interface), mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting, the IP address, device type, usernames and account details, and location data which may include your current location disclosed by your own software. We do not use separate location tracking software.
- Payment details, payment card details, bank account details, financial transactions and refunds.
- Any terms and conditions relating to your relationship with us.
- Any communications between ourselves and you.
- Your social media handles, social media posts, information about your social media followers, information about any product/services endorsements by you and information about your followers that you tag us in.
- Publicly available personal information, including any which you have shared via a public platform, online or on social media.
- Personal history and information including hobbies, interests and your preferences.
- Responses and results of surveys.
- Fraud prevention related information which may include details of other transactions you have been involved in.
- How you use our website as we collect information about the pages you look at and how you use them, entry and exit data when you look at or leave our website, details of products and materials that may be interest to you, browser related information, cookies that are set on your device by our website.
- Your usage of the IT systems we make available to visitors to our premises.
- IP Address information which allows us to enhance your experience by tracking your usage of our website and tailoring our website to your location.
- Details of any queries, complaints, claims and cases involving both us and yourself including any related communications.
- Any other personal information you provide to us.
Our payment and fraud prevention system may flag inconsistencies in the information you provide. If this happens, your order cannot be completed unless you provide personal identification information which allows us to confirm that your transaction is legitimate.
If you are providing us with details of any other individuals, for example a friend of yours that you ask us to deliver our products to where you have ordered them as a present, they have a right to know and to be aware of what personal information we hold about them, how we collect it and how we use and may share that information. Please share this privacy policy with them. They also have the same rights as set out in this privacy policy in relation to their personal information that we collect.
OUR RIGHTS TO USE THE INFORMATION YOU PROVIDE
The law determines how we can use your information. In simple terms, the law states that we must have one or more reasons (known in the law as “bases”) to use your personal information. The most common reasons are:
- Contract - where we need to perform the contract we have entered into with you which covers your relationship with us or to take steps to enter into that contract.
- Compliance with a legal obligation - where we need to comply with a legal obligation that applies to us, for example complying with laws relating to the sale of products to consumers or complying with data protection laws.
- Legitimate interest - where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests. We have set out in the section below how we use your personal information together with more details on our legitimate interests.
- Consent - generally we do not rely on or need your consent for most uses we make of your personal information, but generally we will need your consent to directly market our products and services to you by electronic communications channels (including, without limitation, SMS and MMS).
Where we are processing any sensitive special category personal information about you (for example personal information revealing racial or ethnic origin, religious or philosophical beliefs, or data concerning health) we also need to have one or more of the following legal bases for using your personal information.
- Consent - where we have your explicit consent to do so.
- Law - where it is necessary for us to comply with our obligations and exercise our rights in the field of employment law, social security law and social protection law, for example processing your health information so we can ensure our app is tailored to you and your exercise regime should be safe for you to follow or making sure it is safe for you to participate in one of our events or promotions or making any adjustments necessary for you to attend our premises.
- Vital interests - where we need to protect your vital interests (or someone else's vital interests).
- Public disclosure - where you have already made public the personal information.
- Claims - in establishing, exercising or defending legal claims, whether those claims are against us or by us.
- Public interest - where it is necessary in the public interest.
In many cases more than one legal basis may apply to our use of your personal information. The key point here is that consent is not the only basis on which we can use personal information.
HOW WE USE INFORMATION
We have set out the main uses below and indicated the main applicable legal bases of processing. There may be other specific uses that are linked to or covered by the uses below.
We will process your personal information to:
- perform our relationship with you. As well as relating to the entry into or performance of a contract with you either directly or indirectly, this will also be in our legitimate interests. We may also in some limited cases rely on your consent.
- handle any order you (or an individual known to you where the delivery is to be made to you) has placed with us, and to pick, pack, despatch, ship, and track that order to make sure it arrives safely. As well as relating to the entry into or performance of a contract with you either directly or indirectly, this will also be in our legitimate interests. We may also in some limited cases rely on your consent.
- send you a message if you abandon your cart. We have a legitimate interest in generating sales by retargeting customers who have already indicated a strong interest in purchasing goods from Ligne Roset Estonia; and a legitimate interest in understanding why a transaction may not have been completed. It is important to note that we do not retain the email address utilized for cart abandonment emails unless we are able to rely on consent.
- send to you any direct marketing materials about our products or services that you have asked to be sent to you. As well as relating to the entry into or performance of a contract with you either directly or indirectly, this will also be in our legitimate interests. We also need you to give consent if we are going to market to you via electronic channels, including (without limitation) SMS and MMS.
- monitor and manage our relationship with you, which may involve communications with you, decisions regarding your relationship with us, and in some cases meeting with you. As well as relating to the entry into or performance of a contract with you either directly or indirectly, this will also be in our legitimate interests.
- hold or conduct events, promotions, or campaigns. This will be in our legitimate interests, and in some cases, we may rely on your consent to do this, for example, if you provide us with a photograph to use.
- manage our social media or online relationship with you. This will be in our legitimate interests, and in some cases, we may rely on your consent to do this, for example, if you provide us with a video, photograph or content to use.
- help train our staff, and make sure they deliver the high standards expected concerning our brand. This will be in our legitimate interests.
- carry out background, identity, fraud prevention, or other checks about you to decide whether to enter into or enforce a relationship we have with you. This will be in our legitimate interests, and in some cases, we may have a legal obligation to do so.
- fulfill legal obligations connected to our relationship with you or connected to visiting our premises - for example, to comply with consumer protection, data protection, or health and safety laws.
- keep and maintain proper records relating to your relationship with us and information about you which is relevant to that relationship. As well as relating to the entry into or performance of a contract with you either directly or indirectly, this will also be in our legitimate interests, and we may also have legal obligations to do this.
- prevent, detect, or prosecute criminal activity. This will also be in our legitimate interests, we may also have legal obligations or be exercising a legal right to do this and it will also be in the public interest.
- gather evidence for and be involved in possible legal cases. As well as relating to the entry into a contract with you either directly or indirectly, this will also be in our legitimate interests, we may also have legal obligations or be exercising a legal right to do this and it may also be needed to establish, bring or defend legal claims.
- manage and keep a record of our relationship with you and any associated information It may relate to the entry into or performance of a contract with you either directly or indirectly, it will also be in our legitimate interests, and we may also have legal obligations or be exercising a legal right to do this.
- ensure effective general business administration and management. As well as relating to the entry into or performance of a contract with you either directly or indirectly, this will also be in our legitimate interests, and we may also have legal obligations or be exercising a legal right to do this.
- monitor any use you make of our website, information and communication systems, and social media accounts to ensure network and information security, including preventing unauthorized access to our computer and electronic communications systems and preventing malicious software distribution, and also to protect your personal information. As well as relating to the entry into or performance of a contract with you either directly or indirectly, this will also be in our legitimate interests, and we may also have legal obligations or be exercising a legal right to do this. Concerning social media you may also have already made your personal information public.
- conduct data analytics and analysis studies to review and better understand trends and improve our business, use of our website and social media which relates to us, and those same things in relation to our competitors. This will also be in our legitimate interests, and we may also have legal obligations or be exercising a legal right to do this. We may sometimes anonymize and aggregate personal information for insight and research purposes, but this information will not identify you.
- debug to identify and repair errors in our Site
- carry out market and/or product research, for example, so that we can improve our offering and range of products or improve our use of our website, apps, or social media. This includes requests for reviews. This is in our legitimate interest.
We process additional information with companies which we do business with or are considering doing business. This information includes:
- Details of services carried out or products provided by you in connection with our relationship with you, details of your interest in and connection with any organization which supplies any services or products to us, details of any financial products or services supplied to us.
- Business-related information, such as where you are a sole trader, a partner, a company director, or a key member of staff of a business we have a relationship with.
- Performance information related to our relationship with you or a business we have a relationship with.
We will only use your personal information for the purposes for which we collected it - unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you by updating this privacy policy.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. We will rarely need to rely on your consent to process any of your personal information.
OPTING OUT
We aim to make it super simple for you to opt out of receiving marketing communications. You can email info@ligneroset-estonia.ee. Your email will get processed more quickly if you use the subject line “Data Subject Deletion Request”.
If you ask us to stop sending marketing communications, we can and will still send service messages (such as order updates and other non-marketing communications). It will also not affect advertising that may appear on our website.
DATA SHARING
We may share your personal information internally, with members of the Ligne Roset Estonia team who need to have access to this information to perform their roles. This includes, in particular, the following teams: customer support, order fulfillment, legal, and finance.
We may send your details to external parties (who may also share your details with us) to help us run our organization and provide our services to you. These parties include:
- Anyone you have said you are happy for us to send your details to.
- Companies in the same group of companies as us, including subsidiaries (any organisation that we own or control) or our ultimate holding company (any organisation that owns or controls us) and any subsidiaries it owns. These companies will only use your personal data in the same way that we can under this Privacy Policy.
- organisations that provide services to us, such as:
- order fulfillment providers - the people who help process and deliver your order (e.g. Shopify and courier/ delivery companies)
- marketing specialists
- cloud CDN platforms (e.g Vercel)
- third-party payment providers (e.g. PayPal and Stripe)
- third-party mailing providers (e.g. Klaviyo)
- governmental bodies, HMRC, regulators, police, law enforcement agencies, security services, and courts/tribunals - where the law tells us to do so or to help them with any investigations. This may include governmental bodies based outside of the UK.
- banks and nominated payment providers: if your bank/payment provider requests proof that the transaction is legitimate. Police, law enforcement and security services: to help them with any investigation, prevention of crime or matter of national security.
Those third parties may be located in third countries outside of the EU (see section below). By submitting your personal data, you agree to this processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this notice.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
CROSS-BORDER TRANSFERS
Ligne Roset Estonia uses third parties to provide services that are important to the operation of our business. Some of these third parties are based, or store information, outside of the UK and the European Union. We may transfer the personal information we collect about you to these providers, if this is necessary, to perform our contract with you, or if we consider that we have a legitimate interest to do so. Our third-party providers include (but are not limited to) Amazon/ AWS, Google, Vercel, Stripe, and Shopify. These organisations have provided us with the assurance that they use and protect data under GDPR.
If you are based outside of the UK and EEA, then your personal data may be held and used outside of the UK and EEA anyway, but in most cases - as mentioned above - the controller of your personal information will be Fnatic in the UK.
DATA RETENTION
We collect personal data from you for different reasons so we might keep it for different lengths of time. For:
- People who share their personal data with us but do not become customers: generally, for a period of 2 years after we were last in contact with you.
- Customers: generally, for a period of 6 years after the last purchase (save for email addresses used to create “lookalike” profiles, or contacted via a cart abandonment email, which are not retained).
- Casual workers and freelancers: generally, for a period of 6 years after the end of our relationship with you.
- Individual contacts at customers and suppliers/sponsors: for as long as we continue to have a relationship with that customer or supplier/sponsor and then for 6 years afterwards.
Whichever time period normally applies, in some cases we may need to keep your personal information for longer - for example, if it is still relevant to a dispute, legal case or claim.
MAKING A COMPLAINT
You’re entitled to know what personal information we hold about you and how that information is processed, which means you can ask us to do any of the following things:
- to provide access to your data;
- to rectify any mistakes relating to your data;
- to erase your data;
- to stop processing your data;
- to receive an electronic copy of your data;
- to object to our processing of your data;
- to object to any automated decision making that we may do using your personal data; and
- (automatic) to receive a notification of any breach of your personal data.
Just let us know if you’d like to exercise any of your rights by emailing us at info@ligneroset-estonia.ee and we'll jump on it.
TRANSFER OF INFORMATION TO THE UNITED STATES AND OTHER COUNTRIES
Ligne Roset Estonia is headquartered in Estonia, and we have operations and service providers in the European Economic Area (“EEA”), United States, and other countries. Therefore, we and our service providers may transfer your personal information to, or store or access it in, jurisdictions that may not provide levels of data protection that are equivalent to those of your home jurisdiction. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it.
If you are in the EEA, we provide adequate protection for the transfer of personal data to countries outside of the EEA through a series of intercompany agreements based on the Standard Contractual Clauses authorized under EU law. You are entitled to obtain a copy of these agreements by contacting us using the contact information below.
COOKIES
Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser that enables the sites or service providers systems to recognize your browser and capture and remember certain information. We use cookies to help us remember and process the items in your shopping cart and wish list as well as understand and save your preferences for future visits. If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings. Like most websites, if you turn your cookies off, some aspects of our Site may not function properly.
When you visit Ligne Roset Estonia's website or any other website linked from our website, we may store certain information on your computer in the form of “cookies”.
HOW AND WHY WE USE THEM
Improve our website and set default options for you.
Cookies are used to save items in your shopping cart and wish list whether this Cookies Policy has been accepted or not. The cookie contains no personal information, it only identifies the device you use with your web browser.
Protect our website.
To prevent and detect fraud against either you or Ligne Roset Estonia - unfortunate, but absolutely necessary. And to meet our legal obligations about looking after your data.
Analyze your activity
We also allow others to provide analytics services and serve advertisements on our behalf across the website. These entities may use cookies, web beacons, device identifiers, and other technologies to collect information about your use of our Site and other websites and applications, including your IP address, web browser, mobile network information, pages viewed, time spent on pages or in web apps, links clicked, and conversion information.
CONTACT US
If you have any questions about this Privacy & Cookie Policy, please contact us at info@ligneroset-estonia.ee