Privacy policy

Clicktogo OÜ | reg no 17244516 | Allveelaeva 4,Tallinn 10415, Estonia

This Privacy Policy explains how Clicktogo OÜ (“Clicktogo”, “we”, “us”, “our”) collects, uses, stores and shares your personal data when you visit or make purchases from our website znoozee.ee (the “Site”) and when you interact with us as a customer within the European Union. We are committed to protecting your privacy and processing your personal data in accordance with applicable EU and Estonian data protection law (including the GDPR).

1. What personal data we collect

We collect the personal data needed to provide online shopping, delivery and customer service. This typically includes:

Account & order data

  • Name, billing address, shipping address
  • Email address and phone number
  • Purchase history, order number and details of products purchased
  • Payment details (we do not store full card details; card processing is handled by our payment provider Maksekeskus AS)

Device & site activity

  • IP address, browser type, device identifiers, pages viewed, referral URL and basic analytics data collected via cookies and similar technologies

Communications

  • Emails, messages, returns or complaints you send to us and our responses

Optional marketing data

  • Marketing preferences and consents (if you sign up to our newsletter)

Customer service & support

  • Records of correspondence, returns, warranty or quality claims, and related photos or evidence you provide

2. How we use your data & the legal basis

We only use your personal data where we have a lawful basis:

  • To perform the sales contract / process your orders (art. 6(1)(b) GDPR): name, address, email, phone, order and payment details — to confirm, fulfil and manage orders, deliveries and returns.
  • To comply with legal obligations (art. 6(1)(c) GDPR): accounting and tax record-keeping (we retain certain transaction data to meet statutory obligations).
  • For our legitimate interests (art. 6(1)(f) GDPR): fraud prevention, network and information security, improving and operating the Site, troubleshooting, and handling disputes — balancing our interests with your privacy rights.
  • With your consent (art. 6(1)(a) GDPR): marketing communications (email newsletters, promotional messages) where we rely on consent. You can withdraw consent at any time.
  • To respond to requests and legal claims: processing your messages and legal requests, or defending/establishing legal claims.

3. Cookies & tracking

We use cookies and similar technologies to operate and improve the Site, provide secure login and shopping experience, analyze Site usage and for marketing purposes. When you first visit the Site you will see a cookie notice allowing you to accept or decline non-essential cookies.

  • Essential cookies (required for cart, checkout and site security) — no consent required.
  • Analytics cookies (e.g., page views, performance) — used to improve the Site.
  • Marketing cookies — used to show relevant ads and measure campaigns (used only with consent).

You can manage or withdraw cookie consents in your browser settings or via our cookie banner.

4. Who we share data with

To deliver services we share personal data with trusted third parties under contract and only as necessary:

  • Payment service provider — Maksekeskus AS (Estonia). Payments made on our Site are processed securely through Maksekeskus AS, who acts as an independent data controller for payment processing. They may process your name, transaction details and payment method data to complete your payment in accordance with their own privacy policy. We do not store full card numbers on our servers.
  • Logistics & courier partners — Omniva, DPD and their local partners across the EU for order fulfilment and delivery. We share shipping address, phone and order details as required for delivery.
  • IT & hosting providers — to host the Site, manage email, backups and technical services.
  • Customer support & returns processors — to handle returns, refunds and quality claims.
  • Legal or regulatory authorities — if required by law (e.g., tax authorities, law enforcement).

We require partners to implement appropriate technical and organisational measures to protect personal data. We will not sell your personal data.

6. Data retention

We retain personal data only as long as necessary for the purpose it was collected and to meet legal obligations:

  • Order & accounting records: retained for statutory accounting and tax purposes (generally up to 7 years or the period required by applicable law).
  • Customer account data: while the account exists and for a reasonable period after closure for customer service, fraud prevention and legal defence (typical range 2–7 years depending on the purpose).
  • Marketing consents & preferences: until you withdraw consent.
  • Support correspondence & warranty claims: retained while relevant (usually 2–5 years).
  • Cookies & analytics data: retention depends on the cookie (from session-only to up to 24 months for analytics/marketing cookies).

If you request deletion, we will delete data except where retention is required by law (e.g., accounting records).

7. Your rights under GDPR

If you are a data subject in the EU you have rights including:

  • Right of access — obtain a copy of the personal data we hold about you.
  • Right to rectification — correct inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”) — subject to legal exceptions (e.g., accounting obligations).
  • Right to restriction of processing — in certain circumstances.
  • Right to data portability — receive certain personal data you provided in a structured, commonly used format.
  • Right to object — to processing based on legitimate interest (including profiling) and to direct marketing.
  • Right to withdraw consent — where processing is based on consent (this does not affect processing lawfully carried out before withdrawal).
  • Right to lodge a complaint with a supervisory authority.

To exercise any right contact us at info@znoozee.ee. We will usually respond within one month. We may request identity verification for security reasons. If you remain unsatisfied you may lodge a complaint with your local supervisory authority — in Estonia this is the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).

8. How to unsubscribe or opt out

  • Marketing emails: each marketing message contains an unsubscribe link. You can also withdraw consent by emailing info@znoozee.ee.
  • Cookies: change preferences in the cookie banner or via your browser settings.

10. Security

We implement reasonable technical and organisational measures to protect personal data from unauthorized access, misuse, loss or alteration (e.g., encryption in transit, access controls, regular security testing). However, no internet transmission or storage system is completely secure — if you suspect a data breach affecting your personal data, please contact us immediately at info@znoozee.ee.

11. Automated decision-making and profiling

We do not make automated decisions about customers that produce legal or similarly significant effects. We may use automated systems for basic fraud detection and order risk scoring; such processing is limited and may be based on legitimate interests.

12. Changes to this Privacy Policy

We may update this Policy from time to time. If changes are material we will post a prominent notice on the Site and, where appropriate, notify account holders by email. The “Effective date” at the top indicates when the Policy was last updated.

13. Contact & supervisory authority

Questions, requests or complaints about this Policy or our processing of your personal data should be sent to:

Clicktogo OÜ
Email: info@znoozee.ee
If you are not satisfied with our response you have the right to lodge a complaint with your local data protection supervisory authority. In Estonia: Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).