Privacy Policy

Protection of personal data

Personal data is data
 collected for the provision of a service, identification of a person, contact
 with a person for the provision of a service or solving a matter. We do not process 
sensitive personal data as defined in the Regulation of the EUROPEAN PARLIAMENT
AND OF THE COUNCIL REGULATION (EU) 2016/679 (General Data Protection 
Regulation, GDPR or EU Regulation 2016/679).

We undertake to protect the personal data of our clients and users and their privacy. Our
 activities on the Internet are in line with all relevant activities and 
relevant European Union legislation and the laws of the Republic of Estonia,
 apply all precautionary measures (including administrative, technical and 
physical measures) to protect personal information collected. Access to data
 editing and processing is restricted to authorized persons.

What data are collected?

When visiting websites, visitors receive unlisted technical data. Service environments also collect personal data for the provision of services and identification of
 individuals. Specifications are limited to the Internet address (IP address) of the computer or computer 
network used, the computer browser and the operating system software version, 
time of visit (time, date, year). IP addresses are not associated with 
personally identifiable information except for service environments where this
 is an additional security measure. Data is collected on the visits and stays of websites to improve web pages and service environments and make it more convenient for visitors. In service environments (including epochs) personal data is collected for the execution of
 contracts and data on topics of interest to the person (including the contents 
of the cart, preferences, attitudes, behaviors, etc.) in order to improve, as 
far as possible, the forwarding of the expected information and thus improve 
customer experience in the consumption of services and direct marketing.

As far as natural persons are concerned, the data collected is, if necessary, personal
 identification code for identifying uniqueness, for communication name, email 
address, mobile phone, city and state of location. To process legal entity data, we collect registry number, VAT number, name, country, address,
 contact emails and invoices, names of contact persons representing the company,
 their email addresses and contact phone numbers. 

Paying for services through a credit card or bank link service, only access to bank card
 information and bank requisitions is provided by Maksekeskus AS, which only 
issues the payment of the payment information and the last 4 digits of the
card.Consent for the collection of personal data necessary for a related service and service is provided 
upon subscription of the service by the subscriber at the time of ordering the
 service. Subscribing to the service will list the consent with the appropriate
 time stamp.

How long will the data 
be stored?

Unbound technical data collected from websites and service environments is retained indefinitely. Personal data relating
 to personal queries and / or transactions will be kept for up to 7 years from
the last interaction with the service provider in accordance with the 
obligation under the Accounting Act to prove transactions. Interactions
 include, inter alia, response to direct marketing by clicking on a view or

Who can collect data 

Personal data 
collected and processed without the consent of the person can be forwarded only 
to the institution or person who has a direct right (for example, a court or a
pre-trial prosecutor) and a justified need for it. Personal data entered by clients in the context of the Service is treated as confidential and the
 right to process, publish or transmit such data belongs solely to the data
 owner (customer).

What rights are the
 data collected by a person?

The right to access, 
rectify, terminate your processing. The default personal information will not be published, unless the relevant confirmation (participation
in training / seminars / conferences) has been obtained. All persons have the
 right to access their personal data in service environments.

If the improvement is 
possible, depending on the service and the service environment, it can be done immediately. If the personal data 
are not alterable, accessible, disclosed on the website or in service 
environments, we should submit an application for obtaining or correcting the 
data in a way that enables us to identify the person. If available, data will 
be issued or corrected within 7 working days. If you want to opt out 
of direct marketing bids for all or some of the topics, you can do so instantly 
through any link in the footer of any marketing message you send. The change will take effect immediately.

If there is (no 
longer) a legitimate basis for processing, disclosure or access to personal
 data, the termination or deletion of data, the disclosure of information or the
 termination of access to data may be required. To this end, an application
 should be submitted to allow identification of the person.

An application will 
not be accepted if:
- it may harm the 
rights and freedoms of another person,
- it may prevent the
 provision of a service or the provision of a service,
- this may hinder the 
work of law enforcement agencies,
- this is not 
technically necessary and / or possible,
- the applicant's 
identity is not legally connected with the data,
- the identity of the
 applicant can not be identified.

Privacy Policy Terms and Conditions

By using the web pages 
and / or service environments, you have read and agreed to these Terms and
 Conditions. We reserve the right to change the general terms and conditions of
the Privacy Policy if necessary, informing all related parties.