WHOSE DATA DO WE PROCESS?
Nogel OÜ processes its clients and contact persons´ data, which have been provided to us by our clients, who use our services.
GENERAL SETTINGS – WHO WE ARE
Nogel OÜ is a juridicial person with registry code 14513588, address Endla st 33,
Nogel OÜ can process data as:
– a responsible processor by determining the goals and resources of the processing;
– an authorized processor based on guidelines provided by the responsible processor;
– a receiver to whom personal data are forwarded;
COLLECTING PERSONAL DATA
Nogel OÜ collects different type of personal data:
– personal data given by a person to Nogel OÜ (name, e-mail, address, phone number);
– personal data based on a normal communication between a person and Nogel OÜ;
– published personal data by a person (e.g. in social media);
– personal data from using services (e.g. e-mail when purchasing);
– personal data from visiting and using the website (e.g. time spent on visiting the website);
– personal data from third parties;
– personal data created and combined by Nogel OÜ (e-mail communication and order history).
COMPOSITION OF PERSONAL DATA AND PROCESSING
Nogel OÜ processes personal data exceptionally based on consent or law.
Based on consent Nogel OÜ processes personal data within limits, range and goals that are determined by a physical person. Regarding consents, Nogel OÜ proceeds based on the fact that every consent has to be clearly identifiable from other matters. It has to be clearly understandable and easily available in clear language.
Consent can be given in writing or by e-mail or by oral communication. A physical person gives his or her consent voluntarily, consciously and unequivocally e.g. by ticking a box on the website.
A justified interest means Nogel OÜ´s own interest to manage the company by offering the best possible services on the market. Based on the law, Nogel OÜ processes personal data only after careful evaluation to idenfity that Nogel OÜ has a justified interest based on what processing of personal data is necessary and compliant with the interests and rights of the physical person. In particular, a justified interest may let Nogel OÜ to process personal data based on the following goals:
– to guarantee a trustworthy client relationship, e.g. processing personal data, which are strictly necessary to find out the real beneficiaries or to avoid fraud;
– to manage and analyse client base, to improve the availability, selection, quality of services and products and to offer clients the best offers;
– personal data and identifications collected when using mobile applications and other services. Nogel OÜ uses collected data to analyse the web or mobile and information services, for working, improving work, statistics and to analyse the behaviour of clients and to offer better and more personalized services;
– to manage campaigns including personalized and targeted campaigns, to study clients´ and visitors´ satisfaction and to measure the effectivness of campaigns;
– to analyze the behaviour of clients and visitors in different sales channels, websites;
– to fight network, information and cyber attacks, e.g. piracy and to guarantee the safety of the website, to make backup and save;
– to form legal requirements, present or defend;
– based on the law, Nogel OÜ processes personal data to fulfill its obligations or to implement ways of usage allowed by the law. For example processing of payments and following rules based on money laundering;
– in case personal data are processed based on a new goal than the original goal or is not based on consent given by a physical person, Nogel OÜ carefully evaluates such processing.
PUBLISHING DATA AND THIRD PARTIES
Nogel OÜ makes co-operation with such persons to whom Nogel OÜ can forward data related to a physical person including personal data;
– such third party members can be advertising and marketing partners, companies performing client satisfactory studies, companies recovering debt, payment default registries, IT
partners, persons, companies and organisations offering postal services based on the condition that:
– the related goal and processing is legal;
– processing of personal data is based on guidelines and valid contract by Nogel OÜ.
SAFETY OF PROCESSING DATA
Nogel OÜ maintains personal data only strictly for a minimum necessary time. Personal data, which storage time has passed, are destroyed using best practices and according to the rules set by Nogel OÜ.
– Nogel OÜ has set guidelines and procedure rules about guaranteeing the safety of personal data via organisations and technical methods. In case any incident related to personal data occurs, Nogel OÜ acts based on the necessary procedures to minimize the relevant risks. Nogel OÜ registers all incidents and reports about incidents to Estonian Data Protection Inspectorate and physical person.
RIGHTS OF A PHYSICAL PERSON
Rights related to agreement:
– a physical person has the right to report to Nogel OÜ to take back his or her request for processing personal data.
When processing personal data, a physical person has also the following rights:
– the right to receive information about data collected about the physical person;
– the right to see data, which includes the right of the physical person to see the copy of the agreement about processing personal data;
– the right to correct incorrect personal data;
– the right to delete, i.e. sometimes a physical person has the right to demand that persobal data would be deleted, e.g. when processing is based on an agreement;
– the right to demand limiting processing of personal data. This right is valid when processing of personal data is not permitted based on law or a physical person contests the correctness of personal data.
– a physical person has the right to limit processing of personal data until the processor can check the correctness of personal data or when processing of personal data is illegal, but a physical person does not apply for deleting personal data;
– the right for assessment by a supervisory authority whether processing of personal data of a physical person is according to the law.
IMPLEMENTING RIGHTS AND FILLING CLAIMS
– a physical person has the right to communicate with Nogel OÜ if he or she has a question, request or complaint about processing personal data via e-mail to email@example.com.
– a physical person has the right to communicate with Nogel OÜ, Estonian Data Protection Inspectorate or to court about complaints, if a physical person thinks that his or her rights have been violated;
– Estonian Data Protection Inspectorate (AKI) contact details can be found from their homepage: http://www.aki.ee/et/inspektsioon/kontaktid-nouandetelefon.
COOKIES AND OTHER WEB TECHNOLOGIES
Nogel OÜ can collect information about visitors of webpages and other IT environments by using cookies (i.e. small information details that are saved to the hard drive of a computer or other device) or other similar technologies (e.g. IP-address, device information, location information) and to process that information;
– Nogel OÜ uses collected information to provide a service according to the visitors´ habits; to guarantee high-quality service; to inform visitors and clients; to change advertisements according to clients; to make logging in easier.
Collected information is used to also count visitors and to fix their habits;
– Nogel OÜ uses session based, fixed based and advertisement cookies. Session cookies are deleted after each visit; fixed cookies remain when a webpage is frequently used. Cookies by third parties are used by partners of Nogel OÜ Nogel OÜ cannot check these cookies and information can be asked from third parties;
– visitors agree about using cookies on the webpage, IT device or web browser;
– most of web visitors allow cookies. Without allowing cookies, all functions of the web page are not available. Allowing or refusing cookies and other similar technology is under the control of the visitor according to web browser settings.
IMPORTANT DOCUMENTATION, GUIDELINES AND RULES
– Nogel OÜ´s organisational and technical methods, which consist of different methods that Nogel OÜ uses to retain personal data confidential and secure.