top of page

Privacy Policy

PROCESSING OF PERSONAL DATA


The controller of personal data is Plutao Holdings OÜ, located at Lai, Tallinn, Estonia. E-mail: soulofcolorbrand@gmail.com.

 

Personal Data Processed

  • Identification & Contact: Name and e-mail address.

  • Payment Data: Cost of goods, purchase history, and partial payment details (the full card data is processed by the payment provider).

  • Customer Support: Correspondence between the customer and support.

  • Technical Data: IP address and other online identifiers for website functionality and analytics.

 

Purpose and Legal Basis

The data is used solely for the purpose of:

  • Managing orders, deliver digital products (PDFs), and handle customer queries.

  • For accounting purposes (Estonian Accounting Act) and resolving legal disputes.

  • Analyzing purchase history for business statistics and to ensure website security.

  • For direct marketing (newsletters).

 

Recipients of Personal Data

Your data is only shared when necessary to provide our services:

  • Payment Providers: Stripe or PayPal (to process your transaction).

  • IT & Hosting: Wix (website platform) and Google Drive (secure storage).

 

As products are digital, no data is shared with physical transport or courier services.

 

International Data Transfers

Data is stored on servers provided by Wix and Google. While these companies are based in the USA, transfers are protected by the EU-U.S. Data Privacy Framework or Standard Contractual Clauses (SCCs) to ensure your data receives a level of protection essentially equivalent to that in the EU.

 

Security

We implement appropriate technical and organizational measures to protect your data. Access is restricted to authorized employees/contractors only.

 

Your Rights (GDPR)

Under the GDPR, you have the right to:

 

  • Access your data and receive a copy.

  • Rectify incorrect or incomplete data.

  • Erasure ("Right to be forgotten") unless we are legally required to keep the data (e.g., for taxes).

  • Data Portability to receive your data in a machine-readable format.

  • Object to the processing of data for direct marketing or profiling.

  • Withdraw Consent at any time (e.g., clicking 'unsubscribe' in an email).

 

Data Retention

  • Accounting Data: 7 years (as per Estonian law).

  • Purchase History: 3 years.

  • Marketing Data: Until you withdraw your consent.

 

Direct Marketing

We only send marketing e-mails if you have given explicit consent. You can opt-out at any time via the link in the e-mail footer or by contacting us directly.

 

Dispute Resolution

If you have concerns, please contact us at soulofcolorbrand@gmail.com or +372 53301745.

You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Eesti Andmekaitse Inspektsioon), Tatari 28, 10134 Tallinn, info@aki.ee.

bottom of page