Last Updated: December 2023
This Privacy Policy aims at providing You, also referred to as the “Visitor” or “Data Subject,” meaning You as the user of Our Services, whether You are a customer, website visitor, or another individual, whose information we have collected pursuant to this Privacy Policy, with the detailed information on processing of Your personal data by Us, also referred to as “Nordermiqa” or “Data Processor”, when use Our services, visit Our or make a purchase from or website https://www.Nordermiqa.com (the “Website”) or Our partners’ websites or otherwise communicate with us (collectively, the “Services”).
We will describe:
- what type of Your personal data We process and
- what We do to process Your personal data.
We will define:
- what purposes We process Your personal data for and
- what legal grounds We rely upon to process Your personal data.
We will explain:
- what rights as a Data Subject You have and
- what You have to do to enforce Your rights.
Nordermiqa encourages You to read this Privacy Policy carefully to familiarize Yourself with the way We process Your personal data when You use or access any of Our Services. By using and accessing any of the Services, You agree to the collection, use, and disclosure of Your information as described in this Privacy Policy. If You do not agree to this Privacy Policy, please do not use or access any of the Services.
This Privacy Policy is a reader-friendly explanation of Our data processing activities divided into various sections depending on the topic to make it easy for You to navigate through:
- Introduction
Nordermiqa values Your privacy and confidentiality of Your personal data. This is why We as Your Data Processor process Your personal data in strict compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), also referred to as the “GDPR”. Our Privacy Policy is supplemented by the Cookies Policy , which specifically addresses the processing of Your personal data by using automated means, such as cookies, web beacons, and social plugins. This Privacy Policy also refers to Our Website Terms and Conditions, which describe the terms of services We provide through Our Website.
We regularly review and update Our Privacy Policy to make sure that it follows most recent trends and highest standards in personal data protection, as well as reflects any and all changes in the applicable laws and regulations on data protection, consumer rights and e-commerce. We have indicated the date of the current version of the Privacy Policy at the top of this page for Your information. Whenever the Privacy Policy is updated, We will bring it to Your attention by displaying a corresponding notice on the Website and emailing it to You, if You allow Us to use Your e-mail address for this purpose.
- What Personal Information We Collect, and the purpose of processing Your Personal information
The types of personal information we collect depend on how You interact with Our Website and use Our Services. The following sections describe the categories and specific types of personal information we process, the purpose of collecting such data, legal bases for processing the data, and provide You with other relevant information.
- Processing your access data
If You visit Our Website, the web server will automatically save a server log file, which contains Your internet protocol (IP) address, unique device identifier (UDI), hypertext transfer protocol (HTTP) response status code, operating system (OS) of Your device, date and time of Your request, name, location, and size of the requested files, also referred to as the “Access Data”.
We process Your Access Data exclusively for the purpose of securing the trouble-free operation of Our Website and ensuring flawless user experience of its main features.
We process Access Data to safeguard Our legitimate interest aiming at a high-quality online presentation of Our brand, content and merchandise.
If You give Your consent for Us to process Your Access Data for other purposes, please, read the Cookies Policy, which specifically addresses the processing of Your personal data by using automated means, such as cookies, web beacons and social plugins. We use Cookies to power and improve Our Website and Our Services (including to remember Your actions and preferences), to run analytics and better understand user interaction with the Services (in Our legitimate interests to administer, improve and optimize the Services). We may also permit third parties and service providers to use Cookies on Our Website to tailor Our Services, products and advertising on Our Website and other websites.
- Processing Your personal data to register an account
If You register an online account with Us through Our Website, We will process Your name, surname, e-mail address, phone number (optional) and address details (optional), password. The registration of the online account is completely voluntary. You are not required to have an online account with Us to make a purchase in Our online store.
We will process Your personal data provided as part of the registration to maintain Your online account, to ensure secure access to Your online account, and to offer You additional useful features available to the online account holders, such as writing reviews, viewing purchase history, maintaining Your wish list, receiving a discount for inviting friends over to join Our community, etc.
We will process Your personal data provided as part of the registration based on Your explicit consent. You can revoke Your consent and delete Your online account at any time – to request the deletion of Your account, please contact us by writing an e-mail to privacy@nordermiqa.com.
- Processing Your email address to deliver a newsletter
If You subscribe to Our newsletter, We will process Your e-mail address. The subscription to the newsletter is completely voluntary.
We will use Your e-mail address to send You Our newsletter containing useful information on Our merchandise, new product releases, sales, campaigns, events and other relevant information.
We will process Your e-mail address based on Your explicit consent granted to Us, when You opt to receive Our newsletter by entering Your e-mail address into the subscription form available on the Website and confirming Your consent by clicking on the subscribe button. You can also express Your consent to receive Our newsletter by ticking a box, when registering an online account with Us or by clicking on a designated link in Your online account menu and following subscription instruction. You can revoke Your consent and unsubscribe from Our newsletters at any time by clicking “unsubscribe” link available at the bottom of each newsletter. Your e-mail address will be erased from the newsletter recipient list as soon as You unsubscribe.
Our newsletter recipient list is managed on Our behalf by the e-mail marketing automation platform service provider The Rocket Science Group LLC (675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA), which is doing business as “Mailchimp”. Mailchimp sends and manages Our advertisement campaigns across different communication channels. Mailchimp may process Your e-mail address by using servers located in countries outside EU or EEA. It is fairly possibly that the personal data protection standards in these countries do not meet GDPR requirements. In order to guarantee GDPR compliant processing of Your e-mail address, We rely in Our cooperation with Mailchimp on the standard contractual clauses, which were developed by the European Commission to ensure GDPR compliant processing of the personal data outside EU and EEA.
- Processing Your cellular phone number to deliver sms alerts
If You subscribe to Our SMS alerts, We will process Your cellular phone number. The subscription to Our SMS alerts is completely voluntary.
We will use Your cellular phone number to send You Our SMS alerts containing useful information on Our merchandise, new product releases, sales, campaigns, events and other relevant information.
We will process Your cellular phone number based on Your explicit consent granted to Us, when You opt to receive Our SMS alerts by clicking on a designated link in Your online account menu and following subscription procedure. You can revoke Your consent and unsubscribe from Our SMS alerts at any time by following steps described at the end of each SMS alert. Your cellular phone number will be erased from the SMS alerts recipient list as soon as You unsubscribe.
- Processing Your personal data to initiate contractual relations
If You place an order in Our online store, We will collect Your personal data, such as Your name, surname, e-mail address, phone number (if relevant), billing address, delivery address (if relevant), when You place Your order by filling in mandatory and optional fields of Our online order form.
We will use mandatory information to initiate and establish contractual relations with You as Our customer and to fulfil Your order.
We will process mandatory information based on the necessity to carry out Our obligations arising out of the purchase transaction.
You can also provide additional information by filling in optional fields of Our online order form to make Your purchase experience even more convenient. We will process optional information based on Your explicit consent confirmed by You voluntarily providing optional information to Us. You can revoke Your consent and request erasure of the optional information at any time by following steps described in Your order confirmation form.
- Processing Your personal data to process payment
If You make a payment for Your order in Our online store, We will collect additional personal data, such as Your bank / payment service provider account number or Your bank / payment service provider card number, its expiry date and verification value/code (CVV/CVC) (if relevant) depending on the selected method of payment.
We will process aforementioned personal data based on the necessity to carry out Our obligations arising out of the purchase transaction initiated by You while using Our Website or purchasing Our Products from the Merchants Service Platform operated by for example, Shopify. We will use and share Your personal data with the selected bank or payment service provider for the purpose of processing Your payment. If selected bank or payment service provider collects Your personal data itself through their integration on Our Website or their own website, Your personal data will be processed in accordance with the privacy policy of the corresponding bank or payment service provider.
- Processing Your delivery address to dispatch Your order
If You opt for the delivery of the purchased merchandise to Your delivery address, We will additionally process Your delivery address, when You place Your order in Our online store.
We will process it based on the necessity to carry out Our obligations arising out of the purchase transaction. We will use and share Your name, surname, delivery address, e-mail address and/or phone number with Our selected regional partner providing Us domestic and international parcel delivery services for the purpose of fulfilling Your order. Our shipping partner may get in touch with You by e-mail or phone to notify You about the upcoming delivery and coordinate with You suitable delivery day/time.
- Processing Your personal data to communicate
If You communicate with Us by writing an e-mail to privacy@nordermiqa.com or getting in touch with Us through social media networks and platforms, We may collect Your personal data provided by You as part of the communication, namely, Your name, surname, e-mail address, phone number, social media profile details etc.
We will process the aforementioned personal data for the purpose of registering and handling Your comment, inquiry, request or complaint.
If You contact Us to comment or inquire, We will process Your personal data based on Your explicit consent confirmed by You voluntarily contacting Us using designated channel of communication. If You contact Us to request or complain, We will process Your personal data to safeguard Our legitimate interest aiming at guaranteeing high standards of service, ensuring high level of customer satisfaction, carrying out Our obligations arising out of the purchase transaction or safeguarding Ourselves against fraud and extortion.
- Processing Your personal data on social media platforms
We are present on various social networks and platforms, such as Facebook, YouTube, Twitter, Instagram, Pinterest, LinkedIn, Tik Tok and Spotify, to interact with Our customers and inform them about Our merchandise, new product releases, sales, campaigns, events and provide other relevant information. If You visit Our social media channels, Your personal data may be automatically collected by the social network or platform depending on the privacy related settings of Your individual profile.
We encourage You to read privacy policy of each social media provider linked below for Your convenience to familiarise Yourself with the way it processes Your personal data:
Facebook: https://www.facebook.com/about/privacy/
YouTube: https://policies.google.com/privacy?hl=en
Twitter: https://twitter.com/en/privacy
Instagram: https://help.instagram.com/519522125107875
Pinterest: https://about.pinterest.com/en/privacy-policy
LinkedIn: https://www.linkedin.com/legal/privacy-policy
Spotify: https://www.spotify.com/us/legal/privacy-policy/
Tik Tok : https://www.tiktok.com/legal/page/eea/privacy-policy/en
We also encourage to read Our Cookies Policy, which specifically addresses processing of Your personal data by using automated means, such as cookies, web beacons and social plugins. Most browsers automatically accept Cookies by default, but You can choose to set Your browser to remove or reject Cookies through Your browser controls. Please keep in mind that removing or blocking Cookies can negatively impact Your user experience and may cause some of the Services, including certain features and general functionality, to work incorrectly or no longer be available.
Any information we obtain from third parties will be treated in accordance with this Privacy Policy. We are not responsible or liable for the accuracy of the information provided to us by third parties and are not responsible for any third party’s policies or practices. If You follow links to sites not affiliated or controlled by Us, You should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites.
- Keeping Your personal data secure and retention period
Nordermiqa undertakes various organizational, technical and technological measures to ensure the security, integrity and confidentiality of Your Personal Data, while being processed by Us or designated third parties. Despite all reasonable efforts, We have to emphasize that neither internet transmission of any data, browsing of any website or using any online account is completely secure.
How long we retain Your personal information depends on different factors, such as whether we need the information to maintain Your account, to provide the Services, comply with legal obligations, resolve disputes or enforce other applicable contracts and policies. When we have no ongoing legitimate business need to process Your personal information, we will delete or anonymize Your personal information.
- Transferring Your personal data to third parties
Nordermiqa cooperates with various service providers, for instance, Cosmetics Nord SIA, Registration number: 40103277805; Registered office address: Kauguru street 6, Rīga, LV-1046, Latvia, Hostinger International Ltd, Lord Byron 61, 6023, Larnaca, Republic of Cyprus, which use servers in countries outside EU or EEA. Typically, Our service providers process Your personal data by using servers in the vicinity of the access location. It is reasonable to expect that in most cases when Our Website is accessed from the territory of the European Union (EU) or European Economic Area (EEA), Our service providers will process Your personal data in the EU or EEA. Occasionally, it may also process Your personal data by using servers located in countries outside the EU or EEA. It is fairly possibly that the personal data protection standards in these countries do not meet GDPR requirements. In order to guarantee GDPR-compliant processing of Your personal data, We rely in Our cooperation with service providers on the standard contractual clauses, which were developed by the European Commission to ensure GDPR-compliant processing of personal data outside EU and EEA.
- Disclosure of Your personal data
In certain circumstances, we may disclose Your personal information to third parties for legitimate purposes subject to this Privacy Policy. Such circumstances may include:
– With vendors or other third parties who perform services on our behalf (e.g., IT management, payment processing, data analytics, customer support, cloud storage, fulfillment and shipping, bookkeeping and professional service providers).
– With business and marketing partners, including Shopify, to provide services and advertise to You. Our business and marketing partners will use Your information in accordance with their own privacy notices.
– When You direct, request us or otherwise consent to our disclosure of certain information to third parties, such as to ship You products.
– With our affiliates or otherwise within our corporate group, in our legitimate interests to allow us to provide our Services to You, for the purposes described in this policy, or as notified to You when we collect Your personal information.
– In connection with a business transaction such as a merger or bankruptcy, to comply with any applicable legal obligations (including to respond to subpoenas, search warrants and similar requests), to enforce any applicable terms of service, and to protect or defend the Services, our rights, and the rights of our users or others.
– to comply with laws – the Company may disclose Your personal information to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend Our legal rights, or (iii) to protect Your vital interests or those of any other person.
- Your rights as a data subject
If We process Your personal data, You have following rights as a Data Subject in regards to the processing activities concerning Your personal data:
You have a right to be informed in a clear, transparent and understandable manner about Your personal data being collected, used, consulted or otherwise processed by Us.
You have a right to request a copy of Your personal data, which has been processed by Us , and receive a confirmation on whether Your personal data has been processed. If positive, You have a right to receive a copy of Your personal data, as well as other relevant information, in particular (i) the purpose(s) for processing Your personal data; (ii) categories of Your personal data being processed; (iii) any recipient(s) of Your personal data, including recipients in third countries and information on the appropriate safeguards in case of transfer of Your personal data to third countries; (iv) duration of Your personal data processing (retention period); (v) source of Your personal data, if it has not been provided by You; (vi) existence of the automated decision-making based on the results of Your personal data processing, including profiling and meaningful information on how decisions are made, the significance and consequences of the processing activities; as well as (vii) information on other rights of the Data Subject described below.
You have a right to request Us to rectify or complete Your personal data without undue delay, if Your personal data is inaccurate or incomplete. You can also rectify, modify or complete Your personal data Yourself by updating Your personal data information through Your online account, if applicable.
You have a right to request erasure of Your personal data without undue delay, if Your personal data is (i) no longer necessary in relation to the purposes for which it has been collected, (ii) has been unlawfully processed; (iii) has to be erased in order to comply with a legal obligation; (iv) has been collected in relation to the offer of information society services (e.g. social media) to a child, as well as if You withdraw Your consent to the processing of Your personal data and there is no other lawful basis for its processing or You object (i) to the processing of Your personal data and there is no overriding legitimate grounds for continuing its processing; or (ii) to the processing and your personal data are being processed for direct marketing purposes.
You have a right to restrict Our use of Your personal data, if You (i) contest accuracy of Your personal data; (ii) the use of Your personal data is unlawful, but You do not want Us to erase it; (iii) We no longer need Your personal data for the purposes We collected in for, but You require it for the establishment, exercise or defence of Your legal interests; or (iv) You have objected against Us processing Your personal data based on Our legitimate interest, while verification of whether Our compelling interests prevail is pending.
You have a right to object to processing of Your personal data when this processing is carried out in connection with Our legitimate interest. After exercising Your right of objection, We will stop processing Your personal data further, unless We can prove compelling reasons worthy of protection for the processing, which outweigh Your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
You have a right to obtain Your personal data from Us in a structured, commonly used and machine-readable format that makes it easier to reuse Your personal data in another context, and to transmit Your personal data to another data controller of Your choose without hindrance or undue delay.
You have a right to lodge a complaint with State Data Inspectorate (Phone +372 627 4135, Homepage http://www.aki.ee/eng, E-mail info@aki.ee , Address Tatari 39, 10134 Tallinn, Registration code 70004235) against Us processing Your personal data, if You consider that We are processing Your personal data in violation of the applicable laws and regulations.
- Contact information
In case You are willing to enquire and receive additional information or explanation regarding processing of Your personal data or you wish to exercise any of rights as described above, please, do not hesitate to contact Us:
E-mail: privacy@nordermiqa.com
Nordermiqa will process Your enquiry, request or complaint as soon as possible, but in any case, not later than it is reasonably expected or prescribed by the applicable laws and regulations. We may need to verify Your identity, before providing a substantive response to the request.