CONDITIONS

Last updated 16. January 2024

 

This Privacy Policy describes the principles on the basis of which https://www.tolkeabi.ee/ website(from here on website) will process your personal information. The purpose of this Privacy Policy is to provide clear and transparent information about how we may process your personal data when you use our website.

If you have any specific questions about how we process your personal data or if you wish to make any requests to exercise your rights in relation to the processing of your personal data, please contact us.

1. DEFINITIONS

„data subject“	is a natural person whose personal data we process;
„GDPR“	Regulation (EU) 2016/679 of the European Parliament and of the Council of 27. April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation);
„personal data“	is any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification code, location data, a network identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
„existing law“	all applicable European Union legislation and all applicable legislation of the Republic of Estonia, including, but not limited to, the national implementing legislation of the ICRMW, in force at the time these Terms are in force or coming into force after these Terms are established;
„user“	means a natural or legal person who has registered as a user of a website or who carries out transactions with a guest account.
„Tõlkekeskus OÜ“ or„we“	is Tõlkekeskus OÜ;
„website“	is on address https://www.tolkeabi.ee/ website managed byTõlkekeskus OÜ;
„privacy policy“	is this personal data processing document;
„controller“	is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of Personal Data. For the purposes of these Terms and Conditions, the data controller is Tõlkekeskus OÜ;
„processor“	is the natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.

2. PURPOSES OF THE PROCESSING OF PERSONAL DATA

2.1 As a data controller, we process personal data for the purposes set out in this Privacy Policy. We base our processing of personal data on applicable law, including the Personal Data Protection Act and other legislation governing the processing of personal data.

2.2 We process personal data in accordance with the principles of the protection of personal data, including the principle of minimisation, according to which we only process the data that are necessary for the provision of the service and the fulfilment of its purposes.

2.3 We process personal data only on the basis of the law. Our lawful basis for processing personal data is either your consent, performance of a contractual obligation, compliance with a legal obligation and/or legitimate interest:

2.4 Processing of personal data based on consent

2.4.1 In cases where you have given us specific consent to process your personal data, the legal basis for processing your personal data is your consent. In this case, we will only process your personal data for the purposes and to the extent specified in the consent. Please note that once you have given us your consent to process your personal data, you have the right to withdraw your consent at any time. The legal basis for the processing of personal data for such processing is Article 6(1)(a) of the GDPR. For example, based on consent, we process data related to the sending of newsletters. For more details, please refer to the section “Overview of personal data processed”.

2.5 Processing of personal data for contractual purposes

2.5.1 We process personal data primarily for the purpose of providing a service and performing our contractual obligations. The legal basis for the processing of personal data for the provision of the service is Article 6(1)(b) of the GDPR (processing of personal data is necessary for the performance of a contract entered into with the involvement of a data subject or for pre-contractual measures at the request of a data subject).

2.6 Processing of personal data to fulfil a legal obligation

2.6.1 We will process personal data when necessary to comply with our legal obligations to you. For example, if we are requested to provide personal data by a court on the basis of a valid court order or judgment, or by a law enforcement authority on the basis of a valid warrant. Also, where we are required to retain personal data under, for example, the Accounting Act, the Tax Information Exchange Act or other applicable law. The legal basis for such processing is Article 6(1)(c) of the GDPR (processing is necessary for compliance with a legal obligation to which the controller is subject).

2.7 Processing of personal data based on legitimate interest

2.7.1 In certain cases, we may also process personal data where this is necessary for our legitimate interest. The legal basis for the processing of personal data in this case is Article 6(1)(f) of the GDPR. We will only process personal data on the basis of legitimate interest where such processing is not overridden by the interests of the data subject or the fundamental rights and freedoms for which the personal data must be protected. On the basis of legitimate interest, only data obtained from the data subject or obtained in the course of the performance of a contract will be processed.

2.7.2 We may have a legitimate interest in processing personal data where it is necessary for the establishment, exercise or defence of legal claims. For example, such a need may arise in a situation where the data subject is in breach of contract. For example, where a user has offered pirated copies for sale or used a website for illegal transactions.

2.7.3 The retention of data processed on the basis of legitimate interest is subject to the statutory retention period of 3 years after the provision of the service. For more details on retention periods, see the chapter “Overview of personal data processed”.

3. AN OVERVIEW OF THE PERSONAL DATA PROCESSED
   

We may process the following data about you, depending on the legal relationship between you and Tõlkekeskus OÜ:

Purpose	Personal data collected	Legal basis	Retention period
User registration for the website	Contact details: name and surname, personal identification number, e-mail address, telephone number. User-related information: username, password (encrypted and securely stored).	Article 6(1)(b) of the IIA, after termination of the Agreement Article 6(1)(f) of the IIA.	Up to 3 years after the provision of the service (§ 146(1) CCC)
Using the website to buy and sell	Contact details: name and surname, personal identification number, e-mail address, telephone number, address, bank account number. User-related information: username, password (encrypted and securely stored), profile picture at the user’s request, feedback given to the user, user’s followers, user’s last year’s statistics (i.e. sales transactions, offers, sales turnover), buy e-account status. Information related to user transactions: Transaction information, such as products sold and for sale (i.e. product images, description, cost), transaction status (e.g. paid, outstanding, not sent, etc.).	Article 6(1)(b) of the IIA, after termination of the Agreement Article 6(1)(f) of the IIA.	Up to 3 years after the provision of the service (§ 146(1) CCC)
Sending newsletters	Contact details: name and surname, e-mail address	Article 6 (1) (a) of the ICMR	Pending withdrawal of consent
Customer enquiries (complaints, enquiries, suggestions or other enquiries)	Information related to the request: the content of the request, the customer’s contact details (name and surname, email address).	Article 6(1)(b) of the ICMR, Article 6(1)(f) of the ICMR.	Up to 3 years from the date of receipt of the referral (CCC § 146(1))
Processing of payment data (e.g. for the provision of additional auction services or the payment of opening fees).	Information related to the invoice, such as information about the invoices paid (date of issue and payment), bank account number, etc.	ICRM Article 6 (1) (b), after termination of the contract, Article 6(1)(f) of the IRC or Article 6(1)(c) of the IRC.	Up to 3 years after the provision of the service (Civil Code § 146(1)) or, to the extent that accounting documents are concerned, 7 years pursuant to the Accounting Act (RPS § 12(4)).
Accounting documents	Documents required to comply with a legal obligation	Article 6 (1) (c) of the ICMR	7 years pursuant to the Accounting Act (RPS § 12(4)).
Data collected through cookies	Read separately in the chapter on using cookies
Collection and reporting of tax information	Contact details: name, surname, address, personal identification number, date of birth. Transaction data: the value of the item, the commission paid to us and other tax information.	ICMR artikli 6 lõike 1 punkt c	Up to 10 years pursuant to the Act on the Exchange of Information for Tax Purposes (MTVS § 8(3)) and the Ordinance on Maintenance Measures, Information to be Provided and the Procedure for the Registration of Non-Federal Platform Operators (§ 2(1) and § 8(2)).

4. TRANSFERS OF PERSONAL DATA AND PROCESSORS

4.1 We will not disclose personal data to third parties, except where we have a legal right to do so under applicable law. We also do not transfer personal data outside the European Economic Community. We may disclose Personal Data to authorities related to national security, authorities related to tax compliance and other authorities that have a legal basis to request Personal Data from Translation Centre OÜ.

4.2 We may use processors to process personal data. Processors appointed by us who may, in limited cases, process personal data include, for example, various company business operations or other service providers necessary for the functioning of the website (for example, accounting companies).

4.3 We use as processors only those partners whom we are satisfied are reliable and who have undertaken to process personal data in accordance with applicable law.

5. USE OF COOKIES

5.1 We also use cookies on our website. Cookies are small text files that contain information stored on your computer and are used for tracking or identification purposes.

5.2 Our website uses the following types of cookies:

• Necessary cookie: essential cookies that ensure that the website runs smoothly.

• Third-party analytics cookies: we use third-party cookies to help us work better and to better serve you and collect statistics. You can read the third party privacy policy and terms and conditions on the cookie manufacturer’s page.

• Unclassified cookies: cookies whose type has not yet been determined.

 

5.3 You have the right to disable the use of cookies at any time by changing your web browser settings. If this is the case, please note that not all features of the web browser may work correctly. It is possible to disable cookies by following the instructions in the “help” or “help” function of the web browser. You can also find more information on how cookies work or how to disable cookies on the following website. www.allaboutcookies.org.

6. DATA SUBJECT RIGHTS

6.1 We will ensure all rights of the data subject under applicable law.

6.2 Each data subject has, inter alia, the following rights:

6.2.1 right of access: the right to ask us at any time whether or not we hold personal data about him or her and to be informed of what personal data we are processing about him or her;

6.2.2 the right to rectification of personal data: the right to ask us to specify or correct your personal data if it is insufficient, incomplete or incorrect;

6.2.3 the right to object: the right to object to our processing of your personal data, for example, where the use of your personal data is based on our legitimate interest;

6.2.4 the right to request the deletion of personal data: the right to request the erasure of personal data, for example where personal data are processed with the data subject’s consent and the data subject has withdrawn his or her consent;

6.2.5 the right to restrict processing: the right to request that we restrict the processing of personal data on the basis of applicable law, for example where we no longer need the personal data to achieve the purposes of the processing or where the data subject has objected to the processing of personal data;

6.2.6 the right to withdraw consent to the processing of personal data: where the processing of personal data is based on the data subject’s consent, the data subject has the right to withdraw his or her consent at any time;

6.2.7 the right to data portability: the right to obtain from us personal data which have been provided to us by the data subject and which are processed on the basis of the data subject’s consent or for the performance of a contract entered into with the data subject, either in written form or in a commonly used electronic format and, where technically feasible, to require us to transfer those data to another controller;

6.2.8 the right to complain: If a data subject considers that his or her rights have been infringed as a result of the processing of his or her personal data, he or she always has the right to lodge a claim or complaint with the Data Protection Inspectorate. – Tatari 39, 10134 Tallinn, info@aki.ee, www.aki.ee.

6.3 The rights of the data subject set out in this Chapter in relation to the processing of his or her Personal Data are not exhaustive. In certain cases, the rights of other data subjects or our legal obligations may limit the rights of the data subject.

6.4 In order to exercise your rights in relation to the processing of your personal data or to make a request in relation to the processing of your personal data, please contact us using the contact details provided in the “Other provisions” section below.

7. SECURITY OF PERSONAL DATA

7.1 We undertake to ensure the security of the processing of personal data in order to protect personal data against accidental or unauthorised processing, disclosure or destruction.

7.2 Taking into account the latest advances in science and technology and the costs of their implementation, and taking into account the nature, scope, context and purposes of the processing of Personal Data, as well as the varying likelihood and magnitude of risks to the rights and freedoms of data subjects arising from the processing, we implement appropriate technical and organisational measures to ensure the security of Personal Data.

8. OTHER CITIES

8.1 Subject to changes in law or practice, we reserve the right to amend this Privacy Policy and it will be published immediately on our website.

8.2 If you have any questions about the processing of your personal data or if you wish to make a request relating to the processing of your personal data, please contact us using the contact details below.

Our contact details are:

Tõlkekeskus OÜ

info@tolkeabi.ee