Southestonia.ee

Southestonia.ee

Home
/
Privacy Policy

Privacy Policy

Privacy Policy and Processing of Personal Data

The data controller for the Southestonia.ee website is:

OÜ Puupõld

Reg. no: 12800208

Estonia, Valga Parish, Raavitsa Village, 68112

Protection of Personal Data

Personal data is information that OÜ Puupõld collects to provide services, identify individuals, contact individuals for service delivery, resolve issues, or send promotional content.

OÜ Puupõld does not process sensitive personal data as defined in Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation or GDPR).

OÜ Puupõld is committed to protecting the personal data and privacy of its clients and users. OÜ Puupõld’s online activities comply with all relevant actions and corresponding European Union legislation and the laws of the Republic of Estonia, including Regulation (EU) 2016/679. OÜ Puupõld implements all precautions (including administrative, technical, and physical measures) to protect collected personal data. Access for modifying and processing data is restricted to authorized persons only.

Security

All personal data disclosed during visits to OÜ Puupõld websites is treated as confidential information.

The following are the principles of OÜ Puupõld’s privacy policy regarding the collection, processing, use, disclosure, transmission, modification, forgetting, and deletion of personal data.

These principles do not apply to the processing of data of legal entities and other companies/institutions, nor do they cover the processing of personal data on websites/service environments linked to from our websites/service environments (external links).

A person representing a company (as a service subscriber) is not a natural person; they are an authorized representative of a legal entity, whose personal data processing is not regulated by Regulation (EU) 2016/679.

  1. What data is collected?
  • Non-personalized technical data is collected about visitors when they visit the websites.
  • Technical data is limited to the internet address (IP address) of the computer or network used, the software version of the web browser and operating system, and the time (time, date, year) and location of the visit. IP addresses are not linked to personally identifiable information.
  • Data is collected about website visits and stays to improve the websites and service environments and make them more convenient for visitors.
  • We use the automated tool Google Analytics to collect the data mentioned above. If you do not wish to transmit this data about yourself, you can disable data collection by Google Analytics at any time, as described here.
  • Regarding natural persons, the data collected includes a personal identification code if needed for uniqueness, and for communication: name, email address, mobile phone, city, and country of location.
  • For processing the data of legal entities, we collect the registry number, VAT number, name, country, address, email addresses for contact and invoicing, names of contact persons representing the company, and their email addresses and contact phones.
  • For marketing messages sent via email, we may collect information about your interaction, such as whether you opened the email, which links you clicked, which devices you used for this, and what their technical characteristics are. This information is saved in each contact’s history.
  • While in the OÜ Puupõld contact database, we may process your name and email address or mobile phone number for marketing purposes in social media and online marketing (Facebook, Instagram, Google). For these purposes, we process your personal data for 5 years from the addition of your contact to the database. OÜ Puupõld has a legitimate interest (GDPR Art 6(1)(f)) to send marketing communications to its contacts to maintain a business relationship with them.

Personal data processed by OÜ Puupõld clients and uploaded to the OÜ Puupõld environment as part of the service is protected by a confidentiality requirement that applies upon the client signing the service agreement. OÜ Puupõld services can only be used after agreeing to the contract. Agreement to the contract is verified by software; if missing, you will be asked to agree.

For the purposes of personal data processing listed in this section, data is accessed by OÜ Puupõld employees who use all security measures in their work regarding the processing of your data.

Consent for the collection of personal data related to and necessary for the service is given by the subscriber at the moment of ordering the service. By ordering the service, consent is considered given with a corresponding timestamp.

  1. How long is the collected data stored?

Non-personalized technical data collected from websites and service environments is stored indefinitely.

Personal data related to personalized inquiries and/or transactions is stored for up to 7 years from the last interaction with the service provider, based on the obligation in the Accounting Act to prove transactions. Interaction includes, among other things, responding to direct marketing by viewing or clicking a link.

  1. To whom can the collected data be transferred?

Personal data processed by OÜ Puupõld may be transferred without the person’s consent only to an institution or person who has a direct legal right to it (e.g., a court or pre-trial investigator) and a justified need.

Personal data processed by clients within the OÜ Puupõld service is treated as confidential, and the right to process, release, or transfer this data belongs solely to the responsibility of the data owner (the client).

At the request of an OÜ Puupõld client, OÜ Puupõld provides technical assistance in data processing, but this does not change the ownership and responsibility relationship of the data.

  1. What rights does a person have regarding the collected data?

The right to access your data, correct it, and stop its processing.

By default, personal data is not disclosed, except when a corresponding confirmation has been obtained (participation in trainings / seminars / conferences).

If personal data is not modifiable, accessible, or disclosed on the website or service environments, a request should be submitted to us in a way that allows for identification to obtain or correct the data. If possible, data will be issued or corrected within 7 working days.

If you wish to opt out of direct marketing offers for all or some topics, you can do so immediately via the link in the footer of every marketing email sent. The change takes effect immediately.

If there is (no longer) a legal basis for processing, disclosing, or providing access to personal data, you can demand that the use of data be stopped or deleted, and that the disclosure or access to data be terminated. To do this, a request should be submitted in a way that allows for identification.

The request will not be granted if:

  • it may harm the rights and freedoms of another person,
  • it may hinder the provision or non-provision of the service,
  • it may hinder the work of law enforcement agencies,
  • it is not technically necessary and/or possible.
  • the applicant is not legally linked to the data.
  • the applicant’s identity cannot be identified.

For example:

– An email address cannot be deleted if you no longer wish to receive direct marketing offers. To fulfill the requirement, the email address must be kept for comparison – so that no mail is sent.

– All data cannot be deleted from the CRM if you do not wish for further contact. To fulfill the requirement, enough data must be kept for comparison – so that no contact is made.

Privacy Policy Terms and Changes

By using OÜ Puupõld websites, you have read and agreed to these principles and terms. We reserve the right to change the general terms of the privacy policy if necessary, notifying all related persons.