top of page

Privacy Policy

Nordic Beauty Bank's privacy policy.

Freckles

This is the privacy statement of Tmi Olivia Bigovic “Nordic Beauty Bank” in accordance with the European Union's General Data Protection Regulation (GDPR). When you use our website, you share information with us. As a customer, you must accept the terms of this privacy statement to use Tmi Olivia Bigovic (later “Nordic Beauty Bank) services. We want to ensure that your personal data is processed properly and with respect for your privacy.

​

Data Controller

Tmi Olivia Bigovic

Business ID: 2996459-1 / FI29964591

Contact person for the controller

Olivia Bigovic - olivia.bigovic@hotmail.com

 

Processing of Personal Data and Legal Basis

Personal data is collected and used for the following purposes:

  • To maintain customer relationships

  • For processing, delivery, accounting, and archiving of orders

  • For processing product warranty information

  • For the development of internal functions of the online store

  • For statistical purposes

  • For producing targeted content and marketing

  • For business planning and development

  • For fulfilling legal obligations

  • For preventing misuse

  • To provide better customer service

​

Personal data is protected and is processed only for the purpose for which it was collected. All personal data is treated confidentially. The legal basis for processing personal data is the performance of contracts, compliance with the legal obligations of the controller (for example, information related to accounting, tax processing, warranty, and return processing), and the consent provided by the customer.

​

Personal Data Processed

We collect and process the following personal data:

  • Information provided by the user or personally identifying information

  • Identification data, such as name

  • Contact details, such as address, phone number, and email address

  • Payment information, such as billing details and payment method data

  • Product reviews

  • Consents to marketing communications

  • Observed data about service usage

  • Delivery information, such as chosen payment method

  • General identification information of the customer's terminal device

  • Online store browsing and usage data

  • Derived information from analytics

  • Product recommendations based on purchase and browsing data

  • Interests derived from purchase data

​

In addition, we use cookies on our website to improve the user experience. The data collected can include visited pages and the duration of the visit. Cookie-collected user data is anonymous, and the data cannot be used to identify individuals.

​

All data processing complies with applicable legislation.

​

Retention Period of Personal Data

We retain your personal data for as long as necessary for the purpose for which the personal data was collected, and we delete the data in accordance with official requirements. Personal data processed based on your consent will be deleted when you withdraw your consent. Personal data processed for the fulfillment of a contract with you will be deleted after the contract has been fulfilled and all contractual obligations have been met (such as legal obligations related to accounting, complaints, and claim follow-ups). Personal data processed due to a legal obligation will be deleted as soon as we no longer have a duty to retain the information. Cookie data can be deleted by the user at any time through their browser settings.

​

Transfer and Disclosure of Personal Data

Data stored in the register is not regularly disclosed to third parties. Third parties have access to the information only if it is necessary to perform certain services for us so that we can provide our services to you. Essential information required for conducting business is shared with payment service providers and goods suppliers.

Personal data is not generally transferred outside the European Union or the European Economic Area. Our website's service providers may be located outside the EU or EEA, and our external service providers are committed to the data protection practices currently in force within the EU.

​

Rights of the Data Subject

Every individual in the register has the right to:

  • Check the information stored in the register

  • Require the correction of possible incorrect information or the completion of incomplete information

  • Request the deletion of personal data concerning him or her from the register

  • Make a complaint to the data protection authority if the data subject believes that his or her personal data has been processed contrary to the current legislation

  • All rights of the data subject can be found in the GDPR.

  • Requests should be sent to the data controller's email address. The data controller will provide the information within 30 days of the request for inspection.

​

Changes to the Privacy Statement

Due to the development of services and changes in legislation, we reserve the right to change the privacy statement. Significant changes to this privacy statement will be announced to the registered via email, otherwise, the update date is visible.

bottom of page