en

ee

ru
Register Login

Back
All pages
Close

Privacy Policy

Privacy Policy

Last amended on: 01 April 2022

 1. General

1.1. This document is the privacy policy (hereinafter referred to as Privacy Policy) of the company Coins.ee OÜ (hereinafter referred to as Coins), describing how Coins processes the personal data that they hold in respect of their customers and other data subjects (hereinafter referred to as Data Subjects).

1.2. For the purposes of this Privacy Policy, personal data means any information which is related to the Data Subjects and can be used either directly or indirectly for the identification of a person, such as name, e-mail address or residential address.

1.3. The Data Subject must carefully examine this Privacy Policy. Coins asks the Data Subject to confirm that they have examined the Privacy Policy.

1.4. Customer satisfaction is the highest priority for Coins. To ensure better customer service and compliance with all contractual relationships and legal obligations, Coins processes the personal data of their customers in accordance with the principles provided in this Privacy Policy and applicable data protection legislation. Coins processes personal data adhering, in particular, to the obligations provided in Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter referred to as GDPR).

2. Controller

2.1. The controller of personal data is Coins.ee OÜ, address Aida 5, 80011, Pärnu, registry code 11970227. The Data Subject can contact the controller by sending an e-mail to [email protected].


3. Purposes of and legal basis for processing

3.1. Coins may process the following personal data concerning the Data Subject:

3.1.1. name;

3.1.2. contact details (telephone number, address, e-mail address);

3.1.3. information about the reliability of the Data Subject as a customer that Coins obtains when contacting the auction house that the Data Subject has indicated as their referee;

3.1.4. data about the origin of the coin;

3.1.5. delivery address of goods;

3.1.6. bank account details;

3.1.7. purchase history.

3.2. Coins processes the personal data of the Data Subject for the following purposes:

3.2.1. for the registration of a user account. The legal basis for the processing of personal data is Article 6(1)(b) of the GDPR;

3.2.2. for the entry into, amendment and performance of a sale/purchase contract or another contract. The legal basis for the processing of personal data is Article 6(1)(b) of the GDPR;

3.2.3. for further development and personalisation of the provision of the services of Coins.ee. The legal basis for the processing of personal data is Article 6(1)(f) of the GDPR (the legitimate interest of Coins in promoting their economic activities through marketing);

3.2.4. for the evaluation of reliability of the customer. The legal basis for the processing of personal data is Article 6(1)(c) or (f) of the GDPR (the legitimate interest of Coins in managing risks upon establishment of customer relationships);

3.2.5. for the minimisation and prevention of risks. The legal basis for the processing of personal data is Article 6(1)(f) of the GDPR (the legitimate interest of Coins in managing business-related legal risks);

3.2.6. for the compliance with the obligations arising from law (e.g. transfer of data to investigative authorities). The legal basis for the processing of personal data is Article 6(1)(c) of the GDPR;

3.2.7. for the protection of their violated or contested right (e.g. transfer of data to a lawyer representing Coins.ee or to a court). The legal basis for the processing of personal data is Article 6(1)(f) of the GDPR (the legitimate interest of Coins in protecting themselves and filing claims in legal disputes).

3.3. Coins may process the personal data of the Data Subject in order to send them direct marketing messages. Coins sends the Data Subject direct marketing messages as a rule only if the Data Subject has granted their consent thereto. Within the framework of preparing direct marketing, Coins processes personal data on the basis of Article 6(1)(f) of the GDPR (the legitimate interest of Coins in promoting their economic activities through marketing).

3.4. The Data Subject can always decline future offers and newsletters sent by e-mail, following the instructions in an e-mail containing an offer or notifying us thereof by e-mail.

3.5. Coins may also collect anonymous data which include data about the activity or inactivity on the Coins.ee website, which are collected for statistical purposes and for the purposes of providing the Data Subject with a better service.


4. Recipients of personal data

4.1. In certain cases, in particular if this is required in accordance with the applicable legislation, including arising from tax and social insurance legislation, Coins must transfer the personal data of the Data Subject to authorities.

4.2. Coins also discloses personal data of the Data Subject to third parties if this is necessary in order for Coins to comply with their contractual obligations to the Data Subject. To make payments, the salary information of the Data Subject is transferred to banks and Maksekeskus AS. Coins may also disclose personal data to such persons as for example an IT service provider.

4.3. Upon disclosing personal data, Coins adheres to all the obligations arising from the GDPR and other personal data protection legislation. If the relationship between Coins and their partner is that of a controller and a processor within the meaning of the GDPR, before transfer of personal data Coins enters into a data processing agreement, which is in compliance with the requirements of Article 28(3) of the GDPR, with the partner.


5. Storage of personal data

5.1. Coins stores the personal data of the Data Subject until this is necessary for the fulfilment of the purposes specified in clause 3.

5.2. Personal data are erased upon the closure of a customer account of the online auction unless the storage of the data is necessary for accounting purposes or for the resolution of consumer disputes. For online purchases made without a customer account, the purchase history is stored for three years. In the event of disputes concerning payments and consumer disputes, the personal data are retained until the claim is satisfied or until the expiry of the limitation period. Personal data needed for accounting purposes are stored in accordance with the requirements of law.


6. Rights of Data Subject

6.1. The Data Subject has the following rights, considering the restrictions arising from applicable data protection legislation:

6.1.1. the right of access to personal data concerning them;

6.1.2. the right to rectification of personal data:

6.1.3. the right to erasure of personal data;

6.1.4. the right to personal data portability;

6.1.5. the right not to be subject to a decision based solely on automated processing;

6.1.6. the right to withdraw their consent granted to Coins for the processing of personal data (if the legal basis for the processing of personal data is the consent granted by the Data Subject).

6.2. To exercise the rights specified in clause 6.1, the Data Subject can contact the controller by e-mail. A response to an inquiry made by the Data Subject is given no later than within one month and the time limit for the fulfilment of the request made in the application is specified.


7. Security

7.1. Coins maintains strict confidentiality of all the personal data disclosed to them and protects personal data against unlawful access from any third parties.

7.2. Coins implements appropriate technical and organisational measures that take into account the nature, scope, context and purposes of the processing of personal data as well as the risk for the rights and freedoms of a natural person.


8. Other

8.1. Coins reviews this Privacy Policy regularly and, if necessary, makes amendments thereto. The most recent version of the Privacy Policy is always accessible on the Coins website. Coins notifies the Data Subjects of updating the Privacy Policy and asks whether the Data Subject agrees with the amendments.

8.2. If the Data Subject has any questions about how Coins processes their personal data, the Data Subject can contact Coins by using the contact details set out in clause 2.