Privacy policy

Rules and Principles for Processing Personal Data

Aktsiaselts Wendre is responsible for the collection, processing and use of personal data of users of the website, wendre.ee. Regarding the personal data issues, Aktsiaselts Wendre can be contacted via the e-mail address eshop@wendre.com.

If you have subscribed for our loyalty programm My Wendre and receive newsletter and wish to cancel your subscription, the easiest way to do so is via the ‘Cancel subscription’ link at the bottom of the newsletter.

 

Membership of My Wendre Loyalty Program

Membership of My Wendre loyalty program is offered by Aktsiaselts Wendre to individual customers: members are offered advance information about new products, promotional campaigns, events, etc. My Wendre program is maintained and marketed by Aktsiaselts Wendre, address: Lina tn 31, 80041, Pärnu, phone: +372 4490704, email: eshop@wendre.com.

 

Subscription and Termination of My Wendre Membership

Customers can join My Wendre loyalty programm via the wendre.ee website. Before becoming a member, customers should read the privacy policy of Aktsiaselts Wendre customer register, and the terms and conditions herein. Members are obliged to provide the correct contact details when subscribing. Subscription and membership are free of charge.

Membership can be terminated at any time by sending an email to eshop@wendre.com. You can unsubscribe from a newsletter via the link at the end of the newsletter. Customers, who have registered as a member on My Wendre website and created a password, can edit their information on wendre.ee webpage (subpage „My Account“).

Aktsiaselts Wendre can cancel My Wendre program within a reasonable time from giving notice of termination, and to amend these terms of membership. Notice of amendment of the terms of the agreement will be sent to members in person or by posting the updated terms and conditions on Aktsiaselts Wendre website one (1) month before the changes enter into force.

 

Processing of Personal Data

In the processing of personal data of members of My Wendre program, Aktsiaselts Wendre complies with the data protection regulations in force. Members consent to the processing of their personal data when they join as My Wendre members. Aktsiaselts Wendre privacy policy is an integral part of the membership rules of My Wendre loyalty program. See Aktsiaselts Wendre privacy policy in the next section.

 

Cookies

Cookies are used on the Wendre ee website. A cookie is a short text file that a web server stores, via the online service in question, on a user's device. The data obtained through cookies is anonymous and is not combined, by the cookies, with personal data obtained from the user. Aktsiaselts Wendre uses cookies to improve your user experience.

You can use your browser settings to disable the use of cookies, or delete the cookies from your browser after using the service. For further browser-specific guidance, see the instructions issued by the browser’s producer. On the other hand, deleting or blocking cookies may adversely affect, or even prevent, the use of the website or some of its functions.

We do not notify about the use of cookies separately in a pop-up window that appears over the site. You can manage cookies from your browser settings.

 

 

Privacy Policy

 

1. Data Controller

Aktsiaselts Wendre (registry code: 10120596)
Lina tn 31, 80041, Pärnu
Phone: +372 4490704
Email: eshop@wendre.com

2. Customer Register

Getting to the Customer Register: persons who have joined Aktsiaselts Wendre’s My Wendre programm and subscribers to the newsletter (processing basis: consent of the data subject); wendre.ee online store customers and persons in another relevant connection with the controller (processing basis: legitimate interest of the controller).

In case of questions, please contact:

Phone: +372 4490704
Email: eshop@wendre.com

3. Basis and Purpose of Processing Personal Data

The basis for processing personal data is the legitimate interest of the controller. The data subject has a relevant connection with the controller's activities due to the customer relationship.

The purpose of the personal data entered in the register of clients is management of the customer relationship and the targeting of marketing in order to provide an optimal customer experience. Personal data is processed for the purpose of managing and maintaining the customer relationship or another relationship based on a relevant connection; for the development and management of the loyalty system and online store; for the planning and development of the business of the controller and companies belonging to the same group at any given time; as well as customer communications and marketing, including direct marketing, distance selling, and market and opinion surveys. Personal data may also be processed in order to target marketing of interest to the data subject. The aim of such targeting is to provide the data subject with additional information and benefits related to the topics and products in which the data subject has shown an interest during the customer relationship.

4. Categories of Personal Data, and Data Content of the Client Register

Data in the following categories will be processed for the register of clients:

Basic information necessary for the management of the customer relationship: first and last names, contact details (email addresses, postal addresses, telephone numbers), date of birth, social media account details (username), usernames and passwords for the controller's online services.

Data related to interests, profile and participation, and necessary for managing the customer relationship, such as: interests-related data provided by the data subject, other data provided for the service, and answers by the data subject to questions presented in various promotional campaigns.

Data related to a customer account or another relevant connection, such as: identification data related to the use of Aktsiaselts Wendre services and content, the start time and date of the customer relationship, and direct marketing authorisations and prohibitions, as well as data on the use of electronic services and content, technical data (IP address, browser and browser version) sent by the data subject's browser to the controller’s server, and data related to cookies that have been downloaded onto the data subject's browser.

Data related to special offers, purchases and other contacts such as: benefits, services and promotional campaigns directed at and offered to the data subject; other contacts related to the customer account or another relevant connection (including feedback and complaints); communications and actions taken; as well as purchases made from the online store, dates of purchase and products purchased (quantities and prices of products purchased and total purchase amount); data that is transmitted to make a bank payment.

Information on changes to the data specified above.

5. Data Sources

Data is collected from the data subject at the beginning of and during the customer account or another relevant connection. The data subject provides personal data via the online store, or on forms completed for various events or promotional campaigns arranged by the controller, or by telephone during customer service calls. Updates to the data subject's contact information can also be obtained from public authorities and companies providing ‘data update’ services.

Regarding B2B customers, Aktsiaselts Wendre customer register can also be supplemented by obtaining contact information from companies that provide such information, based on the legitimate interest of the controller.

 

6. Recipients of Data

Data is received and processed by representatives of Aktsiaselts Wendre, and of companies belonging to the same group at any given time, whose duties include the processing of such data. On a case-by-case basis, data may also be processed by other parties processing personal data under an agreement with the controller, where necessary to fulfilling the purpose of personal data processing.

 

7. Disclosure of Data

Personal data is not disclosed to third parties. Personal data is processed by the controller, and companies belonging at any given time to the same group as the controller, in accordance with the data protection regulations in force at any given time. The controller has the right to disclose personal data within the limits permitted and required by the applicable legislation, e.g. when replying to requests for information by public authorities.

8. Transfer of Data Outside the EU or EEA

Data shall not be transferred outside the territory of the Member States of the European Union or the European Economic Area, unless this is necessary to fulfilling the purposes of personal data processing or for the technical implementation of processing, in which case data transfer will comply with the data protection regulations in force at any given time.

 

9. Principles Governing Data Protection of the Client Register

The databases related to the client register are protected against external data breaches by technical means considered generally acceptable in the data security sector, such as firewalls, passwords and other technical means. Databases, their backups and material in manual form which contain personal data are kept on locked premises. Only designated employees of the controller and companies acting on behalf of, or commissioned by, the controller have access to the data contained in the register through the personal right of use granted by the controller.

 

10. Sotsiaalmeedia

On the social media pages of Aktsiaselts Wendre, personal data is processed by the respective platform provider in accordance with the privacy terms and conditions of the respective platform. Aktsiaselts Wendre complies with these privacy terms and conditions when processing personal data. In social media, you must take into account that social media platforms process personal data based on their own terms and conditions, which you can read on the social media websites.

 

11. Right of Inspection of Data

The data subject has the right to inspect what data, concerning the data subject, has been stored in the client register. A written and signed request for inspection must be sent to the person responsible for register matters. An inspection request can also be presented in person to the controller. If the controller refuses to provide access to the data in question, the controller must issue a written certificate on the matter. The certificate must state the reasons for refusing the right of inspection. The data subject may refer the matter for consideration by the Data Protection Ombudsman (Andmekaitse Inspektsioon).

In normal cases, the processing time for an inspection request is around one month. Inspection requests are free of charge if they are not unfounded or unreasonable. The controller may charge a reasonable fee for providing access to data if the data subject exercises their right of inspection more than once a year.

Requests for inspection must be addressed to the person responsible for client register matters, see the contact details above.

 

12. Right to Request the Rectification of Data

The data subject has the right to request the rectification or erasure of inaccurate, unnecessary, incomplete or outdated personal data, by contacting the controller. A written and signed request for rectification must be sent to the person responsible for client register matters. A rectification request can also be presented in person to the controller. If the controller does not accept the data subject's request for rectification, the controller must provide a written certificate on the matter. The certificate must state the reasons for refusing the request. The data subject may refer the matter for consideration by the Data Protection Ombudsman (Andmekaitse Inspektsioon).

Personal data will be erased in accordance with applicable law when there is no longer a basis for the processing of such data. A check for unnecessary personal data is performed every two years. Customer data can be deleted when the customer account and related mutual obligations have ended.

 

13. Other Rights Related to the Processing of Personal Data

The data subject has the right, by contacting the controller, to prohibit the processing and disclosure of data, concerning the data subject, collected for the purposes of direct advertising, distance selling, other direct marketing, and market and opinion surveys.

In addition, the data subject has the right, under data protection regulations, to the erasure, and to restrict the processing of, their personal data, to transfer personal data from one system to another, and to object to the processing of their personal data. The data subject also has the right to lodge a complaint with the supervisory authority, i.e. the Data Protection Ombudsman (Andmekaitse Inspektsioon).

If the processing of personal data is based on the data subject's consent, the data subject may withdraw their consent at any time by contacting the person responsible for client register matters (see above for the contact details). After consent is withdrawn, processing of personal data based on consent will be ended.

 

Page details updated on December 2025.