0

Privacy Policy

Last updated: 03.08.2025


This Privacy Policy describes how EUROLINN OÜ ("we", "us", or "our") collects, uses, and protects the personal data of customers who use our online store (elinn.ee) powered by Medusa v2 and make payments via Montonio.


1. Data Controller


EUROLINN OÜ

Company registration number: 14814218

Legal address: Ida-Viru maakond, Narva linn, Oja tn 37, 21045, Estonia

Email: shop@elinn.ee

Phone: +37255502204

We act as the controller of your personal data within the meaning of the EU General Data Protection Regulation (GDPR).


2. Types of Personal Data Processed


We process the following categories of personal data:

  • Identification Data: name, surname
  • Contact Data: email address, phone number, shipping and billing address
  • Order Information: order details, purchase history
  • Payment Information: payment status, transaction ID (handled by Montonio)
  • Technical Data: IP address, browser type, device, and usage data via cookies

We do not store sensitive payment details (e.g., card numbers) — these are processed securely by our payment partner, Montonio.


3. Legal Basis and Purpose of Processing


We process your personal data for the following purposes and based on these legal grounds:

  • Processing and shipping orders - Contract performance (Art. 6(1)(b) GDPR)
  • Payment handling via Montonio - Contract performance (Art. 6(1)(b) GDPR)
  • Customer support - Legitimate interest (Art. 6(1)(f) GDPR)
  • Marketing (if opted-in) - Consent (Art. 6(1)(a) GDPR)
  • Legal obligations (e.g., accounting) - Legal obligation (Art. 6(1)(c) GDPR)


4. Sharing of Personal Data


We may share your data with:

  • Payment service provider: Montonio Finance UAB (https://montonio.com) for processing secure payments
  • Delivery companies: for fulfilling orders
  • IT and hosting providers: who support our online store
  • Accountants and legal advisors: for compliance purposes

All third parties are contractually obligated to protect your data and process it in accordance with the GDPR.


5. Data Retention


We retain your data only for as long as necessary to fulfill the purposes above:

  • Order and payment data: 7 years (legal obligation)
  • Customer account data: until account is deleted
  • Marketing data: until you withdraw consent


6. Your Rights


You have the following rights regarding your personal data:

  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent (if applicable)
  • Right to lodge a complaint with the Estonian Data Protection Inspectorate (www.aki.ee)

To exercise your rights, please contact us at shop@elinn.ee.


7. Cookies and Tracking


Our website uses cookies to enhance your shopping experience, ensure website functionality, and help us understand how users interact with our store. Cookies are small text files stored on your device when you visit our website.

We use the following categories of cookies:


Cookie Name and Purpose

  • _medusa_cache_id Used to identify the user's session cache and improve site performance.
  • _medusa_jwt Stores a JSON Web Token (JWT) to maintain the customer session and authenticate user identity securely.
  • cookie_consent Stores the user’s cookie consent preferences. Prevents the consent banner from showing repeatedly.


You can manage or disable cookies through your browser settings. Please note that some cookies are essential for the proper functioning of the website and cannot be disabled.


8. Data Security


We take appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, or destruction.


9. Changes to This Policy


We may update this Privacy Policy from time to time. All updates will be published on this page with the date of revision. Please review it regularly.