Privacy Policy

Privacy Policy (processing of personal data and privacy principles)

  1. By agreeing to the Terms and Conditions of Sale, the buyer confirms to have examined the privacy and data protection requirements of the webstore of the seller (Nordfix OÜ) and to accept these in full and to make no concessions in this regard.
  2. Personal data is processed for the purpose of performing the contract concluded with the customer. Personal data is processed for the fulfilment of legal obligations. The seller is the controller of personal data and processes the buyer’s personal data in conformity with the requirements laid down in the Personal Data Protection Act. The seller forwards the personal data, required for making the payments, to the processor of personal data, Maksekeskus AS. The seller processes the following personal data of the buyer for the purpose of performing the contract concluded with the buyer: given name and surname, telephone number, date of birth, personal identification code, address, e-mail address, delivery address of goods, cost of goods and the payment method used, bank account data.
  3. Personal data is forwarded to the customer support of the webstore for the management of purchases and the purchase history and for resolving the problems of customers. The data is used for processing the orders (incl. purchase history), for the payment for goods, and dispatching the goods to the buyer; upon separate consent of the buyer, also for forwarding goods offers to the buyer. Data is forwarded to the transportation companies for delivering the goods. For making the payments, the buyer’s bank data is forwarded to the banks and the payment centre. The bank account number is used for returning the payments to the customer. During the administration of the webstore, the data may be processed by the IT Support and Web administrator to ensure the proper functioning of the webstore. Upon the storage of the data, we also proceed from the requirements of the Accounting Act.
  4. Personal data is kept in Zone servers, located in the territory of the countries of the European Union or of European Economic Area. Data may be forwarded to countries the data protection level of which has been considered adequate by the European Commission, and to US companies that are Privacy Shield certified. Access to personal data is granted to the employees of the webstore, who may review the personal data to resolve technical matters relating to the use of the webstore and provide customer service. The webstore applies relevant physical, organisational, and information technological measures for protecting the personal data against accidental or illegal destruction, accidental loss, alteration or unauthorised access, and disclosure. Personal data is forwarded to the data processors of the webstore (e.g. transportation service provider and data hosting) on the basis of agreements entered into with the webstore and data processors. The processor shall ensure relevant safeguards when processing the personal data.
  5. The buyer may at any time withdraw from the offers and newsletters sent to the e-mail by informing us thereof by e-mail or following the instructions given in the e-mail containing the offers.
  6. The seller may also collect non-personal data, which may include data on the activity on the website of nordfx.ee, which is collected for the purpose of statistics and for providing better service to the customer. In our Privacy Policy, we treat such data as non-personal data.
  7. If the webstore is closed, your personal data will be deleted, unless such data must be retained for accounting purposes or for resolving consumer disputes. If the purchase at the webstore was made without a customer account, the purchase history will be saved for three years. In case of disputes related to payments and for consumer disputes, the personal data will be retained until the claim is satisfied or until the end of the limitation period. Personal data required for accounting purposes is retained for seven years.
  8. In order to delete the personal data, contact the seller by e-mail. A response to the deletion request is sent no later than within one month and the deletion period of data shall be ascertained. A response to the request to transfer personal data, submitted by e-mail, is sent no later than within one month. The seller shall identify the person and shall inform of the personal data that are subject to transfer.
  9. The seller shall implement all measures to protect the personal data of the customer. The buyer has a right to access their personal data at any time and demand their rectification, closure, or deletion, unless otherwise stipulated by law. If the buyer feels that the processing of their personal data has infringed their rights, the buyer may send a notice thereof at the e-mail address info@nordfix.ee. Upon need, the person has the right to contact the Data Protection Inspectorate.

Resolution of disputes

  1. If the buyer has complaints regarding the webstore, these shall be communicated by e-mail at info@nordfix.ee or by phone on +372 675 0066
  2. If the buyer and seller are unable to resolve the dispute by agreement, the buyer may contact the Consumer Disputes Committee. The procedural conditions can be examined and a petition filed on the webpage at komisjon.ee. The Consumer Disputes Committee is competent to resolve the disputes arising from the contract concluded between the buyer and the seller. The review of the buyer’s dispute in the committee is free of charge. The buyer may turn to the online consumer dispute platform of the European Union.


Your tool is broken? Bring to us, we will fix it!