Privacy Policy

Privacy policy – processing of personal data

The controller of personal data for the e-shop is LOCK FORCE OÜ, registry code 11884410, address Mustamäe tee 18 Tallinn, phone 660 9997 and email (hereinafter the Controller).

This privacy policy includes information on how and for what purposes Lock Force OÜ collects, processes, and shares personal data.

The data subject (hereinafter the Customer) is a private or legal person whose personal data is processed by the Controller. A Customer is a private or legal person who purchases goods from the website of the Controller or uses any other services provided by the company.

Personal data is any data regarding an identified or identifiable natural person which is gathered from the Customer when formalising an order at the Lock Force OÜ e-shop at

The processing of personal data is guided by the applicable legislative acts regarding the protection of personal data, including Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter ‘the GDPR’) and the Personal Data Protection Act of the Republic of Estonia. The purpose of the privacy policy is to protect the privacy of the Customers in accordance with the laws of the Republic of Estonia and the legislative acts of the European Union.

The personal data collected by the Controller is confidential and not communicated to third parties, except to a company providing postal or courier services in the extent necessary for delivering the goods to the Customer or making a payment.

By sharing their personal data, the data subject grants the Controller the right to collect, use, and manage for the purposes defined in the privacy policy the personal data that the data subject shares with the Controller by making purchases at the Lock Force OÜ e-shop and that are necessary for performing legal obligations. The data subject is responsible for the correctness of the data submitted by them. The data processor is not liable for changes in data caused by the data subject submitting false data.

Which personal data is processed?

The personal data used for processing include the following:
  1. name;
  2. contact information, such as the telephone number and email address;
  3. address of the payer and delivery address;
  4. bank account number;
  5. price of the goods and services, payment information (purchase history);
  6. customer support data;
  7. payment card data;
  8. other data related to customer surveys and/or offers.

For what purposes is the personal data processed?

Personal data is processed for the purpose of performing the contract concluded with the Customer. Personal data is processed to fulfil a legal obligation (e.g. accounting and settlement of consumer disputes).

Personal data is used to manage the Customer’s orders and deliver the goods.

Purchase history data (purchase date, goods, quantity, Customer data) is used to prepare an overview of purchased goods and services and analysing customer preferences.

The bank account number is used to return payments to the Customer. Payment card data is processed to make payments.

Personal data, such as the email address, phone number, and name of the Customer, are processed to solve matters related to the goods and provision of services (customer support).

The IP address or other network identifiers of the e-shop user are processed to provide the e-shop service as an information society service and for compiling web usage statistics.

Personal data: transferring to processors

The Controller maintains the secrecy of the personal data of a Customer made known to them and discloses it to third parties only with the consent of the Customer, except if the obligation or right to disclose personal data arises from legislation.

The user of the e-shop agrees that the merchant has the right to process their data for the provision of services suitable for the Customer, which includes transferring the data of the Customer to persons related to providing the service by the merchant to the Customer.

A list of processors:

  1. Economic software DIRECTO (for managing and fulfilling orders and invoices)
  2. Google Analytics (for monitoring the website traffic)
  3. Omniva parcel terminals (for providing delivery services)
  4. Itella Estonia OÜ (for providing delivery services)
  5. Montonio Finance UAB
  6. PayPal
  7. OSC Transport OÜ

Security and access to data

The e-shop implements appropriate physical, organisational, and information technology security measures to protect the personal data from accidental or illegal destruction, loss, alteration, or unauthorised access and disclosure.

Transferring personal data to the data processors of the e-shop – personal data is processed under contracts concluded between the e-shop and data processors. The processors are obligated to ensure appropriate security measures when processing personal data.

Accessing and rectifying personal data

It is possible to access personal data saved at the e-shop and to rectify it by sending an email to our customer service at

Withdrawal of consent

If the personal data is processed with the consent of the Customer, the Customer is entitled to withdraw the consent by sending an email to our customer service at


In case of disputes related to payments and consumer disputes, personal data is stored until the claim is fulfilled or until the end of its expiration deadline (three years).

Personal data necessary for accounting is preserved for seven years.


The personal data saved to the e-shop along with the user account can be deleted by sending an email to our customer service at

With regard to the deletion of other personal data, you can submit an inquiry via email to our customer service at The request to delete data will be responded to within a month, at the latest, and the data deletion period will be specified, if necessary.


You can get an electronic extract of the personal data saved to the e-shop via email to our customer service at

You can submit an inquiry about the portability of other personal data via email to our customer service at The application for data portability will be responded to within a month, at the latest, and the customer support will identify the person and notify them of the portable personal data.

Direct marketing notices

The email address and phone number will be used for sending direct marketing notices, if the Customer has granted their consent.

If personal data is processed for the purposes of direct marketing (profiling), the Customer has the right to object to the initial and further processing of personal data, including the profile analysis for direct marketing, at any time by notifying the customer support via email.

Settling disputes

Disputes related to the processing of personal data are settled via the customer support ( The supervisory authority is the Data Protection Inspectorate of the Republic of Estonia (

Sign Up to Our Newsletter and Get Special Offers Straight to Your Inbox!

Ask a question

    We'll take a look at it as soon as possible. In case of quick questions call us on (+372) 660 9997.

    Internet Explorer Icon

    NB! Microsoft on loobunud Internet Exploreri arendamisest ning sellele uuenduste tegemisest ja ei soovita antud internetibrauserit turvanõrkuste tõttu kasutada. Internet Explorer ei toeta enam uusi võrgustandardeid ning antud veebilahendus ei tööta siinses brauseris korrektselt.