Privacy Policy

1. About Us

This online store is operated by Sipisopi OÜ, registry code 17380627, registered in Estonia.
In this Privacy Policy, “we”, “our”, and “us” refer to Sipisopi OÜ.

If you have any questions about the processing of personal data, you can contact us at:
Email: info@vaikus.store
Address: Tartu linn, Jaama tn 89, 50604, Estonia

2. Who This Policy Applies To

This Privacy Policy applies to all customers and visitors (“data subjects”) who use our online store or interact with our services.

3. Personal Data We Collect

We may collect and process the following types of personal data:

Data provided by you:

  • First and last name

  • Email address

  • Phone number (if provided)

  • Billing and shipping address

  • Order information

  • Communication history (messages, support requests)

Automatically collected data:

  • IP address

  • Device information

  • Browser type

  • Cookies and similar tracking technologies

  • Usage data for site functionality, analytics, and security

Payment data:

Payment data is processed securely through our payment service provider Maksekeskus AS.
We do not store full card details on our servers.

4. Purpose of Processing

We process personal data for the following purposes:

  • To create and manage your orders

  • To process payments and prevent fraud

  • To provide shipping and delivery

  • To communicate order updates and customer support

  • To fulfil legal obligations, such as accounting

  • To improve the functionality and security of our website

  • With your consent — marketing and newsletters

5. Legal Basis for Processing

We process personal data lawfully under the European Union General Data Protection Regulation (GDPR) based on:

  • Performance of a contract (order fulfilment)

  • Legal obligations (accounting, transaction records)

  • Legitimate interest (fraud prevention, service improvement)

  • Consent (email marketing or other optional features)

6. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected:

  • Order and transaction data: up to 7 years (required by Estonian accounting law)

  • Communication and support messages: up to 3 years

  • Marketing data: until you withdraw your consent

  • Technical logs & security data: as required for security and operation

When data is no longer needed, we securely delete or anonymise it.

7. Sharing of Personal Data

We do not sell or disclose personal data to third parties except as necessary to operate our business.

We may share data with:

  • Maksekeskus AS – for payment processing

  • Shipping & logistics partners – for order delivery

  • IT and hosting providers – for website functionality

  • Accounting service providers – to comply with legal obligations

  • Couriers, postal services, and other necessary subcontractors

Each service provider processes data only to the extent required for their task and follows data protection safeguards.

8. International Transfers

As a rule, we store data within the European Union (EU).
If data is transferred outside the EU, we ensure appropriate safeguards (e.g., Standard Contractual Clauses).

9. Cookies & Tracking Technologies

Our website uses cookies to ensure functionality, improve your experience, enable secure ordering, and—for consenting users—analyse traffic.

You can manage or disable cookies in your browser settings.
For more details, see our Cookie Policy (if available).

10. Security Measures

We apply appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, or alteration.

Examples include encryption, secure servers, access control, and safety protocols required by GDPR.

11. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right to access – receive information about your stored data

  • Right to rectification – correct inaccurate or incomplete data

  • Right to erasure – request deletion of your data

  • Right to restrict processing – in certain situations

  • Right to object – especially to direct marketing

  • Right to data portability – receive your data in a commonly used format

  • Right to withdraw consent – at any time if processing is based on consent

You can exercise these rights by contacting us at info@vaikus.store.

12. Third-Party Payments (Maksekeskus Compliance)

Payment processing is handled by Maksekeskus AS, who acts as an independent data controller for payment-related data.
When making a purchase:

  • Your payment data is transmitted directly to Maksekeskus

  • We do not have access to your full credit card information

  • Maksekeskus processes your data in accordance with its own Privacy Policy and legal obligations

This ensures compliance with Maksekeskus merchant requirements and GDPR.

13. Policy Updates

We may update this Privacy Policy when necessary (e.g., legal changes, service updates).
The updated version will be posted on this page with a new revision date.

14. Contact Information

If you have questions about this Privacy Policy or data processing:

Sipisopi OÜ
Registry code: 17380627
Email: info@vaikus.store
Address: Tartu linn, Jaama tn 89, 50604, Estonia

© 2025 All rights reserved.
Successfully added to your cart.