Registry data

Registry data that complies with the requirements of section 10 of the Personal Data Protection Act. In connection with various services, personal data of customers are collected in a customer register. In the register, you can find out what data is collected and how it is used.

Sections 10 and 24 of the Personal Data Act (523/1999).
Compiled on: 29 December 2016
iDeal Group AS will use the data in the manner set out in the principles and only for the purposes for which the data was collected by iDeal Group AS and to the extent necessary for the fulfilment of that purpose. iDeal Group AS will use the data in accordance with the Personal Data Protection Act and other laws (hereinafter referred to as the Legislation) and good business practices.

1. Data controller

iDeal Group AS
Tartu mnt 80
10112 Tallinn

2. Person responsible for register

Pursuant to Article 37(1) of the regulation (EU) 2016/679 of the European Parliament and of the Council, we are not required to designate a data protection officer.

3. Name of register

iDeal Group AS customer data register. The register consists of several subregisters.

4. Purpose of personal data processing

Personal data are processed with the consent of the person in the register or on the basis of an order or a customer relationship. The data will be used for customer relationship management, customer communication and marketing. iDeal may use the data in the register for direct marketing if the customer has given their consent. Personal data is not given to other parties.

The purpose of the register is to:

  • maintain and manage the customer and other business relationships between the data controller and the data subject;
  • process feedback sent to the data controller;
  • develop and manage the services and products of iDeal Group AS;
  • manage the internal and external responsibilities of iDeal Group AS, its affiliates, subsidiaries and subcontractors in relation to direct marketing, data mining and customer profiling.

Content of register

The following data may be stored in the register:

  • information provided by the data subject, e.g. name, e-mail address, telephone number;
  • the data subject’s cookie data in connection with the use of iDeal Group AS websites;
  • log data related to the use of iDeal Group AS websites, which identifies the time of day and user preferences;
  • customer financial data relating to the purchase of services and products;
  • customer enquiries and feedback;
  • customer ID.

5. Source of data

The register consists of data from multiple sources obtained during a customer relationship, either in the online shop or in iDeal stores. A customer relationship is established when a customer creates a user ID or places an order in the online shop./p>

6. Accuracy, timeliness and completeness of data

The accuracy of consumer data is not verified based on the population register. iDeal Group AS billing customers’ contact and credit information is verified based on the online databases of the Centre of Registers and Information Systems (

7. Register data

The iDeal e-shop customer register contains the following data: customer data: first name, last name, company registry code, address: postal code, city/town/village, phone, e-mail address, web service username and password; when purchasing with credit: credit terms and conditions, information needed to apply for credit; usage data: orders, deliveries and returns; direct marketing data: direct marketing consent, newsletter subscription.

8. Data transmission

iDeal Group AS will not disclose any information to unrelated parties, except to the extent permitted and required by applicable law to public authorities. Data may be transferred outside the EU or the European Economic Area within the limits allowed by law.

9. Protection of register

The database is kept in locked rooms to which unauthorised persons have no access. The system is protected with firewall and against external connections that bypass user permission checks. The register is regularly backed up in case of disruptions. Only employees of iDeal Group AS with a personal user ID and password who have a need to handle personal data in the context of a customer relationship are allowed to access the register. Persons using the register are under an obligation of secrecy.

10. Customer’s right of access

The customer has the right to access the customer register data concerning them in accordance with section 19 of the Personal Data Act. The request for access must be signed and sent to the registrar in writing.

11. Cookies

The iDeal online shop uses cookies to improve the quality of the website and make it even more user-friendly. If you wish, you can disable cookies in your browser settings – in this case the website will not function fully as intended. Cookies collect the following data: IP address, browser type, operating system, entry and exit pages, network service provider, date and time, and pages opened on the website. The data is used for operations involving the shopping cart and ordering. We use Google Analytics to analyse the data. The identity and data of an individual customer cannot be inferred from Google Analytics data.