This Privacy Policy describes how we collect, use, and protect your personal data when you use our web platform, which enables micro-entrepreneurs and private individuals to sell their handicrafts and other products.

1. Data Controller
The platform is managed by a private individual in the Republic of Estonia, operating through a business account in accordance with Estonian tax laws. All platform service fees generated are received into this business account, and state taxes are declared and paid automatically in accordance with the procedure established by the Estonian Tax and Customs Board. If the scale of operations exceeds the usage limits of the business account, a corporate entity form (e.g., Private Limited Company – OÜ) will be established.

2. Data We Collect
We collect the following personal data:

• User’s first and last name
• Email address
• Phone number (if required for delivery)
• Postal address or parcel locker information (for product shipments)
• User account information (username, password – stored encrypted)
• Sales-related information (e.g., orders placed, payment details)
• Communication history (customer support, inquiries)

3. Purpose of Data Collection
We collect and process personal data for the following purposes:

• Creating and managing user accounts
• Processing and forwarding orders to sellers
• Calculating service fees and providing platform services
• Offering customer support
• Improving platform functionality and user experience
• Fulfilling accounting obligations

4. Data Use and Retention
Personal data is used solely for the purposes for which it was collected. For example, contact details are used for customer communication and order fulfillment.

Platform development involves analyzing anonymized usage data (e.g., page interaction patterns, popular products, technical errors) to enhance user experience, add new features, and improve reliability. Personal data is not used for automated decision-making or profiling without user consent.

Data is retained only as long as necessary to fulfill the stated purposes or comply with legal obligations.

5. Data Sharing with Third Parties
We may share data with trusted third parties in specific cases:

• Sellers (e.g., customer contact/shipping details when orders are placed)
• Estonian Tax and Customs Board (automatically via the business account)
• Delivery partners (e.g., parcel operators – only necessary data)
• IT service providers (e.g., hosting, analytics, email services)
  All data sharing complies with data protection regulations.

6. Cookies
We use cookies to ensure technical functionality, store user preferences, and analyze website usage. Users may disable cookies via their web browser settings.

7. Data Security
We implement rigorous technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. Our systems include:

• Encrypted data transmission (HTTPS/SSL)
• Regular software updates to patch known vulnerabilities
• Automated firewalls and malware protection
• Defenses against cyber threats (e.g., DDoS, XSS, SQL injection)
• Periodic automated backups for data integrity
• Restricted data access with authentication protocols (including optional two-factor authentication)
  We continuously monitor industry best practices to enhance security.

8. User Rights
Users have the right to:

• Access collected personal data
• Request correction of inaccurate data
• Restrict processing or request erasure
• Withdraw consent
• Lodge complaints with the Data Protection Inspectorate (Andmekaitse Inspektsioon)
  Contact us via the details below for data requests or inquiries.

9. Contact Information
For questions, comments, or to exercise your data rights, please contact:

• Email: info@pakkumised.eu
• Website: www.pakkumised.eu

---

---