Privacy Policy

This Privacy Policy explains how herahair.ee (hereinafter referred to as “Website”, “We”, “Us”, “Our”) processes your personal data. We respect your privacy and ensure that your data is processed securely and in accordance with applicable laws.

1. Legal basis

We process personal data based on:

  • your consent (e.g., when submitting a request or subscribing to newsletters);
  • the necessity to perform a contract (e.g., when placing an order);
  • our legitimate interests (e.g., to improve services and protect the Website);
  • legal obligations (e.g., accounting requirements).

In Estonia, GDPR is applied together with the Personal Data Protection Act (PDPA).

2. What data we collect

We only collect the data you provide to us via forms or when placing an order:

  • Name – to identify and address you;
  • Phone number – to contact you about your order or request;
  • Email address – to confirm orders, send information and respond to inquiries;
  • Message text – the content you provide in contact forms or inquiries.

3. How we use the data

We use your personal data to:

  • process and fulfill orders;
  • contact you by phone or email;
  • respond to your inquiries;
  • send newsletters and offers (only with your consent, which you may withdraw at any time);
  • comply with legal obligations.

4. Cookies

Our Website uses cookies – small text files stored in your browser – for:

  • proper functioning of the Website;
  • traffic analysis and improvement of services;
  • marketing and personalized advertising (only with your consent).

You can manage cookies in your browser settings.

5. Sharing of data

We may share your data with:

  • delivery and payment service providers;
  • hosting, mailing and analytics providers;
  • public authorities, if required by law.

We do not sell your personal data to third parties.

6. Data retention

We retain your data only as long as necessary:

  • order data – as required by law;
  • contact details and inquiries – until no longer needed or until you request deletion;
  • newsletter data – until you withdraw your consent;
  • cookies – until removed or expired.

7. Data security

We use SSL encryption, restricted access, backups, and regular updates to protect your data.

8. Your rights

Under GDPR and PDPA, you have the right to:

  • request access to your data;
  • correct or delete it;
  • restrict or object to processing;
  • withdraw consent;
  • lodge a complaint with the Data Protection Inspectorate (Andmekaitse Inspektsioon, Estonia) via aki.ee.

9. Contacts

If you have questions regarding your personal data, contact us:

Email: info@herahair.ee
Address: Jõe tn 7, 10151 Tallinn