General provisions on Personal Data Processing Policy

General provisions on Personal Data Processing Policy The Company Stankoin OÜ, based in Estonia, Padriku tee 4/1-12 Pirita linnaosa, Tallinn Harju maakond 11912 («Site Administrator»), the operator of the web-site, declares that all personal data (hereinafter also referred to as «data») is treated as strictly confidential and is handled in accordance with applicable legal provisions in the area of personal data protection.

The security of your personal data is our priority. We, therefore, pay due attention to personal data and its protection. In this Personal Data Processing Policy (the «Policy» or «General Provisions»), we would like to inform you how we collect and handle your personal information.

1. Personal data and its processing

1.1. Personal data categories

We collect various types of data necessary for sufficient website usage:

Name and contact details: First name and surname, email address, delivery address, billing address, bank details, payment details.

Demographic data: gender, date of birth, country and preferred language.

Login details: Login names and passwords. We have no access to the actual password.

If you are subscribed to our marketing mailing list, we collect:

Name and contact details: First name and surname, email address.

Demographic details: country, gender.

We also process the following personal data:

Communication between Site Administrator and the User;

On-site Users’ Behavior records for website

Log files: (IP address, data provided by the browser (resolution, version, operating system, browser fingerprint, language).

1.2. Purpose of processing personal data:

In order to provide the services offered and improve them to your satisfaction, we process your personal data. This means:

Customer support and communication. We use the data that is collected to communicate with you and to provide customer service, and to prevent any potential problems; we will process your personal data on the basis of these General provisions.

Services improvement. We use data to continuously improve our services and systems, including addition of new features. To ensure a sufficient protection of your rights and interests, we anonymise your personal data as much as possible while using it to improve our services.

Protection, security and dispute resolution. We may also process data out of legitimate interest, to ensure the protection and security of our systems and customers, detect and prevent fraud, resolve disputes and enforce our agreements on the basis of legitimate interest.

Marketing communication. We can send you marketing communications regarding community news and useful community related articles. You can always decline marketing communications via the unsubscribe link found in every email. If you unsubscribe from marketing communications, we will stop using your electronic contact information for this purpose. We will start using it again if you register or request it specifically. The marketing offers that you see can be selected on the basis of additional information that we have collected over time, based on contact information, demographic information, data on the use of our website (cookies, IP address, data provided by your browser, information following links, displaying commercial notifications, visiting pages of the site). We do not perform fully automated processing that could have legal implications for you. You have the right to raise an objection to the processing at any time free of charge. Contact details are provided at the end of this document.

Processing of cookies from website If you allowed cookies on your web browser, we will process behavioral records based on the cookies located on the website to ensure better operation of the website. More information can be found in a separate chapter of this document.

1.3. Transfer of personal data to third parties

Your personal information may be passed on to third parties or otherwise arranged only if it is necessary to fulfill services provided by and is based on legal interest, or if you have given your prior consent:

to affiliated companies and processors based on fulfillment of internal processes and procedures;

to other service providers and third parties involved in data processing;

public authorities (e.g. the police);

third parties carrying out surveys among users.

If a third party uses data in connection with their legitimate interests, the Site Administrator is not liable for this processing. This processing is governed by the personal data processing policy of the relevant companies and individuals.

1.4 Cross-border transfer of personal data

Taking into account that the data administrator is based in Czech Republic (EU), you agree to the cross-border transfer of personal data.

2. The user account

Concluding an agreement on the use of the online-community site, we open a user account protected by a password

You have the right to terminate the agreement on the use of the online community site in accordance with the agreement on the use of the Site.

3. Personal data security and retention period

3.1. Personal data security

Your personal data is transmitted to us in encrypted form. We use the SSL (secure socket layer) technology. We secure our websites and other systems using technical and organizational measures against the loss and destruction of your data, unauthorized access to your data or its modification or dissemination.

We require our processors to prove compliance of their systems with the GDPR.

Access to your user account is only possible after entering your personal password. In this context, we would like to draw your attention to the fact that you must not share your access data with third parties and after finishing your activity in your user account, always close the window of your web browser, especially if you are using a public computer. Site Administrator is not liable for the misuse of passwords used, unless caused directly by Administrator.

3.2. Duration of processing

We process and store personal data:

Throughout the term of the agreement on the use of the website of the online community;

During the period for which the Site Administrator agrees to perform the functions of a data administrator in accordance with GDPR.

Consent to marketing offers is valid for four years or until it is withdrawn.

Communications - for two

In other cases, the processing time depends on the purpose of the processing or is determined by data protection legislation.

4. Rights of data subjects

If we process your personal data, you may request free information about the processing of your personal data at any time.

If you believe that we are processing your personal data in a manner contrary to the protection of your personal data and legal conditions for the protection of personal data, you may ask for an explanation and ask for us to remedy the situation that has arisen and, in particular, you may ask for corrections or supplementations to be made, the disposal of your personal data, or the blocking of your personal data

If you want to exercise your rights, contact the data protection officer at the e-mail address [email protected].

You may withdraw your consent to the processing of your personal data at any time. If you withdraw your consent to the processing of your personal data, your personal data will be deleted or anonymised however, this does not apply to personal data that the Site Administrator needs to exercise its legal rights and obligations or to protect its legitimate interests. Personal data will also be destroyed if personal information is not required for its intended purpose or if the storage of your data is unacceptable for other legitimate reasons.

5. The website

5.1. Cookies

Our website uses cookies to make our products relevant, interesting and user-friendly for you. Cookies are small text files that are stored on your computer, smartphone or other device, and are used in your web browser. For example, we use cookies:

to remember your login details, so you don`t have to enter them repeatedly;

to adapt our site to your needs in the best possible way by monitoring visits, your movement on the site and the functions used.

Some cookies may collect information which is then used by third parties (i.e. third-party cookies). However, you cannot be identified by this data.

5.2. Use of cookies

The cookies used on our website can be divided into two basic types. Session cookies are deleted as soon as your visit to our website ends. Persistent cookies remain stored on your device far longer or until you remove them manually (the period for which a cookie is left on your device depends on the cookie’s own settings and your browser settings).

Settings for cookies are part of your browser. By default, most browsers automatically accept cookies. You can also reject or restrict cookies to the ones you select by using your web browser.

5.3. Links

Our website contains links to other websites that are practical and contain useful information. Please note that these sites may be owned and operated by other companies and organizations and have different security and personal data protection policies. Our company has no control over, and nor does it bear any liability for, any information, material, products or services contained on or accessible via these websites.

6. Contact Us

If you have any questions, comments or requests regarding this Policy, please do not hesitate to contact us at the address or customer hotline listed in the footer of this Policy.

Data protection officer: [email protected]

Customer service: [email protected]