REGISTRY CODE 14378920
TALLINN, REPUBLIC OF ESTONIA
1. The everyday principal activity of Mocom OÜ (hereinafter Mocom) is retail sale of spare parts and accessories of cars. Our range of products includes a wide selection of spare parts and accessories of different makes of cars. In its activities, Mocom follows the General Data Protection Regulation (GDPR), Data Protection Act (DPA), our own Data Protection Strategy (here is the link) and other data protection standards. This privacy notice (hereinafter the Privacy Notice) is addressed mainly to data subjects as defined in the GDPR and DPA, i.e. the natural persons whose data are processed.
1.2. Mocom understands that data subjects are aware of and care about the processing of their personal data, and assures that the rules established for data processing are taken into full consideration. The Privacy Notice describes the principles and practices used by Mocom with regard to the entire chain of personal data processing from the collection and use up to the deletion of data, focusing on the protection of personal data. Personal data protection means on-going liability, and therefore we’ll revise the rules set out in this Privacy Notice from time to time, check its conformity to the established requirements and update its contents as necessary.
II. Data Protection Officer (DPO)
2.1. The following person has been appointed as the data protection officer for ensuring the compliance with data protection requirements by Mocom OÜ, registry code: 14378920, registered address Kopli 6-1, Tallinn, Harju County, 10412, Republic of Estonia, e-mail address firstname.lastname@example.org, tel. +372 6017 913:
Indrek Teppo, Mocom OÜ, place of work and contact details: Kopli 6-1, Tallinn, Harju County, 10412, Republic of Estonia, e-mail address email@example.com, tel. +372 56 51908.
III. Main uses of clients’ personal data by Mocom
3.1. The personal data of clients are mainly used for the sale of goods by agreement with the clients.
3.2. Personal data are also used for updating the internet environment and range of goods in accordance with the preferences, interests and needs of clients, and to get a better understanding about the wishes and preferences of the clients.
3.3. If a client has granted consent for receiving newsletters, special advertising, direct mail, etc from us, we’ll send the requested information. It is possible to unsubscribe to such e-mails in the future.
3.4. The personal data of clients are shared with the service providers, whose services are indispensable for performing existing contracts and providing services.
3.5. We may also share the personal data of a client if such necessity derives from crime investigation, adhering to a court order, meeting the vital needs of the client, or is related to sale, purchase, merger, reorganisation, financing, liquidation, dissolution or other similar procedure concerning the company. In such cases we assure that we’ll take all necessary measures to ensure sufficient protection for the personal data of clients.
3.6. If personal data are collected for participation in a lottery or for other similar purposes, there data are used for contacting the client in case the client wins.
IV. Collection, use and transfer of clients’ personal data by Mocom in further detail
4.1. Mocom collects personal data from its employees and clients who are natural persons. As a rule, these data are necessary for performing a purchase order and selling the goods chosen by the client, and for performing the contract between us. We do not sell or share personal data with any third persons, except the persons with whom the data shall be shared pursuant to law or for performance of a contract between us.
4.2. In general, Mocom collects the personal data of clients directly from the clients who voluntarily submit their data for placing of orders. We collect the data sent to us by users actively through our websites, applications and services: given name and family name, mail address, also telephone number and post address for shipping the goods.
In some cases we may collect data about a client also from other sources. These sources may vary, but usually they are the marketing partners of Mocom, public sources or public information from social networks of third persons. Mocom may combine the data received from a source with the data received from another source. This is done for ensuring the accuracy of the data and understanding the preferences of clients to enable us to offer more appropriate products to the clients and to communicate with the client in the manner preferred by the client.
4.4. Mocom may use third persons as service providers to carry out certain activities on behalf of Mocom, e.g. performance of sale transactions, processing of card payments, sending of e-mails, parcels and courier packages, offering of advertisements, monitoring the results of our marketing campaigns, analysing the use of our websites and applications, storage of data, and administration of client relationships.
For the reasons set out above, Mocom needs to share the personal data of clients with the respective partners, but only to the extent necessary for the provision of a service on behalf of Mocom, and having made sure beforehand that the partners follow the data protection rules, and that the data are shared only if there is a legitimate business interest therein or if valid laws and regulations permit Mocom to do it or if you have agreed to such transfer of data. State authorities, such as the Tax Board, police or other state authorities, as well as insurers, may ask us to transfer to them the data that we have about a client. Mocom fulfils such requests only if there are sufficient legal grounds therefor.
If you engage in commenting or expressing of opinions on the social media user websites of Mocom or its business partners where such information is public and access is beyond Mocom’s control, Mocom shall not be liable for the contents of any such information.
4.5. Sending of newsletters. If we decide to provide the best offers and reminder letters to our clients (e.g. sale, congratulations, invites to events, special offers, etc.), they shall be sent only to a previously approved e-mail address on the client’s consent. The clients may withdraw their consent any time by clicking „unsubscribe“ under a letter or by sending a respective notice to the e-mail address: firstname.lastname@example.org. We also send e-mails with informative contents to clients if the clients have purchased goods or services from us, in the course of which they have submitted their e-mail address to Mocom, and such e-mails can also be unsubscribed in the manner described above.
4.6. In relation to the sale of goods we have the right to send feedback e-mails to our clients. The feedback e-mails are sent only for the purpose of finding out about service weaknesses and offering the best service.
4.7. If you send a request to the data controller Mocom’s e-mail address email@example.com, we’ll send you a list of personal data processors with their contact details. One of our processors is Maksekeskus AS who is receiving from us personal data necessary for processing of card payments as well as bank transfers.
V. When and how Mocom retains personal data of clients
5.1. The data collected on a client (the data that are only read but not collected, e.g. verification of identity upon receipt of goods, are not retained or stored), received through the client’s purchases, are retained by Mocom for the duration of the limitation period for filing of claims as provided by law, and after such period the personal data are deleted. The data are retained in one or several databases administered by a third person located in the European Union, the Republic of Estonia or the Federal Republic of Germany. We ensure by contracts entered into with the third persons that the data shall be kept safe and shall not be used for any other purpose than for storing and backup.
VI. Transfer of personal data to outside the EU or to countries equated with EU Members
6.1. Mocom is located in the Republic of Estonia which is one of the member states of the European Union. The personal data collected by Mocom shall be primarily processed in the Republic of Estonia and the Federal Republic of Germany. The personal data of clients shall not be transferred to outside the European Union.
VII. Rights of data subjects
7.1. The Privacy Notice is meant for providing clients with information on the types of data collected regarding the clients by Mocom and on how such data will be used. If you have any questions regarding the personal data, please do not hesitate to contact us by the following e-mail address: firstname.lastname@example.org.
7.2. If you wish to learn more about whether Mocom processes your personal data, if you wish to have an access to your personal data, examine your personal data, correct or delete the personal data or restrict the processing of the personal data, withdraw your consent or submit an objection to the processing of your personal data, please do not hesitate to contact Mocom by the following e-mail address: email@example.com or by the post address set out above.
7.3. Clients have the right to the transfer of their data. We enable our clients to get their personal data in machine-readable format to their possession or have them directly transferred to another service provider. However, Mocom will not be able to ensure that another service provider will be able to receive the client’s personal data. The right to the transfer of data is limited to the structured data submitted to Mocom by the client in a machine-readable format that is in common use, and the right applies only to the data used by Mocom for performing a contract entered into with the client or based on consent and only in automated form, and in the performance of said right Mocom shall take also the third persons’ privacy rights into consideration. To exercise this right, please do not hesitate to contact Mocom by the following e-mail address: firstname.lastname@example.org or by the post address set out above.
VIII. Security of clients’ data
8.1. Mocom applies physical, technical and organisational measures to protect personal data and personally identifiable information. Furthermore, Mocom updates and tests the applied protection technologies on regular basis. The internet networks of Mocom are protected by firewalls and virus detection software. Access to the personal data of clients is limited only to those employees who need such information for performance of the contracts entered in to with the clients or on another legal basis.
8.2. Mocom applies reasonable measures to protect the personal data of clients, and the activities of Mocom are in compliance with the applicable legislation governing information security. However, it should be noted that no website or database is totally secure or „hacker safe“. The internet environment of Mocom does not use spyware.
8.3. In addition, Mocom trains its employees to achieve higher awareness of the importance of and need for personal data protection among its employees. Mocom’s commitment is further expressed in the internal regulations that are directly applicable to employees and that contain data protection provisions.
IX. Amendment and supplementing of Privacy Notice
9.1. Like every organisation and all regulations, also Mocom and data protection regulations and interpretations will surely change in time and space, which can only lead to the conclusion that it may become necessary to amend and supplement the Privacy Notice in the future. For the reasons stated above, please be advised that Mocom will be entitled to amend and supplement the contents of the Privacy Notice any time without prior notification to the clients. Amendments will be published on our Privacy Notice website. Mocom may inform the clients about more significant changes in the terms of the Privacy Notice, but you’d better visit the Privacy Notice website often enough to examine the updated and most recent terms of the Privacy Notice.
X. Privacy notice to employees
10.1. The privacy notice to our employees has been prepared as a separate document and is available only to employees.
XI. Questions, complaints
11.1. If your personal data have changed, please contact Mocom. If you have additional questions regarding personal data, please do not hesitate to contact us. We shall promptly respond within the term provided by law. However, please be prepared that we may request specified information for identification purposes in order to protect personal data before we respond to any questions. We have to make sure that the information goes only to the right person. In most cases we correct or delete any inaccuracy detected by you. In some cases we’ll also be able to fully or partly refuse to fulfil a client’s request if it is permitted by law or if we are required to do so under law.
11.2. If a client finds that his or her personal data have been treated in violation of the Privacy Notice or carelessly, the client will always have the right to contact and inform Mocom about it by contacting the data protection officer by the e-mail address email@example.com or by the post address set out above.
11.3. You will always have the right to address the Data Protection Inspectorate or a court in order to protect your privacy rights and data. The Data Protection Inspectorate is a state authority that can be contacted also for consultation or assistance regarding personal data protection matters.