Log in
+37256604744
+37256604744
Log in
  • Home
  • Privacy Policy

Privacy Policy

This Privacy Policy explains how HealthyFood.ee ("we," "us," "our") collects, uses, discloses, and protects your personal data when you use our website, place orders, or interact with our services.

We process personal data in compliance with the EU General Data Protection Regulation (GDPR) and applicable Estonian laws.

By using our website or services, you agree to this Privacy Policy.

1. Data Controller

HealthyFood.ee
Email: [email protected]

We are the data controller responsible for the processing of personal data.

2. Personal Data We Collect

We collect the following categories of personal data:

2.1 Data you provide directly

  • Name
  • Email address
  • Phone number
  • Delivery address
  • Payment-related information (handled via payment processors; we do not store card details)
  • Account login information
  • Communication with customer support

2.2 Automatically collected data

When you visit our website, we automatically collect:

  • IP address
  • Device type
  • Browser type and version
  • Operating system
  • Pages visited and interaction data
  • Cookies and tracking technologies

2.3 Data from third-party analytics tools

We use various analytics services, including but not limited to:

  • Google Analytics
  • Meta Pixel (Facebook Pixel)
  • Google Tag Manager
  • Other performance and usage tracking tools

These services may collect:

  • Device identifiers
  • Browsing behavior
  • Interactions with our website and ads
  • Demographic and interest-based data (when available)

All third-party services process data according to their own privacy policies.

3. Purpose of Processing

We process personal data for the following purposes:

3.1 Service delivery

  • Processing and delivering orders
  • Managing subscriptions
  • Communicating order updates

3.2 Account management

  • Creating and maintaining customer accounts
  • Providing customer support

3.3 Payments

  • Processing secure payments via trusted third-party payment providers

3.4 Analytics and improvement

  • Monitoring website performance
  • Understanding how users interact with our service
  • Enhancing user experience

3.5 Marketing

  • Showing personalized ads across platforms (Google, Meta, etc.)
  • Sending promotional emails (only with consent)
  • Retargeting visitors using cookies and analytics tools

3.6 Legal compliance

  • Preventing fraud
  • Maintaining security
  • Complying with tax, accounting, and legal obligations

4. Legal Basis for Processing (GDPR)

We process personal data based on:

  • Contractual necessity — to fulfill your orders
  • Legal obligation — for tax and record-keeping
  • Legitimate interest — analytics, service improvement, marketing
  • Consent — for marketing emails, cookies, and tracking technologies

You may withdraw consent at any time.

5. Cookies and Tracking Technologies

We use cookies to:

  • Enable website functionality
  • Analyze traffic
  • Improve performance
  • Personalize marketing

5.1 Google Analytics

Google Analytics helps us understand how users interact with our website. Google may process:

  • IP address (anonymized where applicable)
  • Browsing behavior
  • Device information

For more information:
https://policies.google.com/privacy

6. Sharing of Personal Data

We do not sell personal data.

We share data only with trusted partners when necessary:

6.1 Service providers

  • Payment processors
  • Delivery partners
  • Email service providers
  • Hosting and cloud infrastructure services
  • Analytics providers (e.g., Google Analytics, Meta Pixel)

6.2 Legal requirements

We may share data with authorities when required by law.

7. Data Retention

We retain personal data only as long as necessary for:

  • Delivering services
  • Maintaining accounts
  • Meeting legal and tax obligations (usually 5–7 years)
  • Resolving disputes

You may request deletion at any time (see section 9).

8. Data Security

We implement technical and organizational measures to protect your data, including:

  • Encrypted connections (HTTPS)
  • Secure servers and firewalls
  • Access controls and authentication
  • Regular system monitoring

No online service is 100% secure, but we take all reasonable steps to protect your data.

9. Your Rights Under GDPR

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data ("right to be forgotten")
  • Restrict processing
  • Object to processing (including marketing)
  • Receive a copy of your data (data portability)
  • Withdraw consent at any time

Submit requests to: [email protected]

We respond within 30 days.

10. International Data Transfers

Some of our service providers (e.g., Google, Meta) may process data outside the EU. In such cases, transfers are protected by:

  • Standard Contractual Clauses (SCCs)
  • GDPR-compliant safeguards

11. Children's Privacy

We do not knowingly collect personal data from children. If you believe a minor has submitted data, please contact us for deletion.

12. Changes to This Privacy Policy

We may update this Privacy Policy at any time. Changes take effect once published on the website. The "Last updated" date will reflect the latest revision.

13. Contact Information

For privacy-related questions or requests, contact us at:

Email: [email protected]