The Rolling Tomes

PRIVACY POLICY

Processing of Personal Data

The Rolling Tomes is committed to protecting the privacy of its customers and users. To this end, we have established the following principles of our privacy policy, which outline the collection, use, disclosure, transfer, and storage of customer data. Our activities comply with all relevant European Union regulations and the laws of the Republic of Estonia. Please take the time to review our privacy principles.

The controller of personal data for the online store TheRollingTomes.com is The Rolling Tomes OÜ (registry code 17243273), located at Sõle 75-2, Tallinn 10312, Estonia.
Email: hello@therollingtomes.com

What Personal Data Is Processed?

We process the following personal data:

  • Name, phone number, and email address;
  • Delivery address;
  • Bank account number;
  • Purchase details (cost of goods/services and payment information);
  • Customer support details.

Purpose of Processing Personal Data

  • Personal data is used to manage customer orders and deliver goods.
  • Purchase history (e.g., purchase date, product, quantity, customer information) is used to compile an overview of purchased goods/services and analyze customer preferences.
  • Bank account details are used to process refunds.
  • Personal data such as email, phone number, and customer name is used to resolve issues related to the provision of goods/services (customer support).
  • The IP address or other network identifiers of online store users are processed to provide the online store as an information society service and to compile website usage statistics.

Legal Basis

The processing of personal data is carried out:

  • To fulfill a contract concluded with the customer;
  • To comply with legal obligations (e.g., accounting and consumer dispute resolution).

Recipients of Personal Data

  • Personal data is forwarded to the online store’s customer support for managing purchases, purchase history, and resolving customer issues.
  • Name, phone number, and email address are shared with the selected delivery service provider. If goods are delivered by courier, the customer’s address is also shared.
  • If the store’s accounting is outsourced, personal data is shared with the service provider for accounting purposes.
  • Personal data may be shared with IT service providers if necessary to ensure the functionality of the online store or data hosting.
  • If the customer has agreed to receive targeted offers through various online platforms (e.g., social media, Google Ads), SMS, or email, personal data (name, email address, phone number) may be shared with the relevant service provider.

Data Security and Access

  • Personal data is stored on servers provided by our service provider (Hostinger.com) located in EU member states or countries within the European Economic Area (EEA). Data may also be transferred to countries deemed to have adequate data protection levels by the European Commission or to third countries under appropriate safeguards, such as Standard Contractual Clauses (SCCs).
  • Access to personal data is restricted to employees of the online store who need the data to resolve technical issues or provide customer support.
  • The online store implements appropriate physical, organizational, and IT security measures to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorized access, or disclosure.
  • The processing of personal data by authorized processors (e.g., delivery service providers and data hosting providers) is based on agreements ensuring adequate data protection measures.

Accessing and Correcting Personal Data

You can access and correct your personal data via customer support.

Withdrawal of Consent

If the processing of personal data is based on consent, the customer can withdraw their consent by notifying customer support via email.

Retention

  • Personal data is deleted upon the closure of a customer account unless required for accounting or consumer dispute resolution purposes.
  • If a purchase was made without creating an account, purchase history is retained for three years.
  • In case of disputes related to payments or consumer issues, personal data is retained until the claim is resolved or the limitation period ends (three years).
  • Personal data required for accounting purposes is retained for seven years.

DELETION

To delete personal data, contact customer support via email. Requests will be addressed within one month, with details on the deletion process provided.

Data Transfer

Requests for data transfer will be responded to within one month. Customer support will verify the requester’s identity and provide information about the personal data applicable for transfer.

Direct Marketing Notifications

Email addresses and phone numbers are used for direct marketing if the customer has provided consent. If a customer no longer wishes to receive marketing messages, they can unsubscribe via the link in the email header or by contacting customer support.

• If personal data is used for direct marketing (including profiling), the customer has the right to object at any time by notifying customer support via email.

Dispute Resolution

Disputes related to the processing of personal data are resolved via customer support:

• Email: hello@therollingtomes.com
The supervisory authority is the Estonian Data Protection Inspectorate (info@aki.ee).

Cookies

We use commercial cookies to provide you with the best service and personalized product recommendations.