Privacy policy
1. General provisions
The Website is operated by Aroomiturundus OÜ (“Provider”). The Service Provider complies with applicable laws and does not disclose the data of Users and other persons without the permission of the person concerned or other lawful basis. The service provider will only process the personal data that is necessary for the full performance of the service and we will collect the information to provide a better service.
The Privacy Policy applies to the processing of personal data of users of the Service provided by the Service Provider (“User”). The Privacy Policy describes the main principles and purposes of the Service Provider’s processing of personal data. Users may be natural person users of the Service Provider or representatives of the user companies.
Provider The Service may contain links to third party websites or services. These websites and services may have a different privacy policy from the Service Provider. The Service Provider is not responsible for the privacy policies or data processing practices of third parties and recommends that you review the privacy policies of each third party separately.
2. Personal data processed and their sources
Personal data means any data relating to an identified or identifiable natural person, irrespective of the form or format in which the data are held.
The Service Provider obtains the processed personal data from the User by lawful means in connection with the use of the Services.
The Service Provider may use the personal data provided by the User and the User in particular for the purposes of providing the Service and in the specific cases set out in this Privacy Policy.
In particular, the Service Provider processes information about the User that the User discloses when using the Service and information that the Service Provider obtains through the use of the Service, including but not limited to:
- Electronic identifiers (e.g. IP addresses, cookies);
- Correspondence between the User and the Provider;
- Data to provide social media features and traffic analysis;
- Statistical demographic data (e.g. age, gender, interests).
3. Data controller and processor
The Service Provider is the controller of the User’s data. The provider may grant the right to use the data to processors. The authorised processors are:
- Google Inc.
Data are processed by data processors, including:
- for the purpose of providing a service;
- for marketing purposes, unless the User has decided otherwise or has subsequently withdrawn such consent by notifying us in a readily reproducible written form;
- to comply with their legal obligations (e.g. to transmit data to public authorities).
The data may be processed by the processor only for the performance of specific tasks assigned by the Service Provider.
4. Purpose of the processing
The processing of data is based in particular on the consent given by the User to the Service Provider to process the data disclosed by the User. By submitting personal data through the Service, the User authorizes the Service Provider to process any data submitted to the extent and for the purposes described in this Privacy Policy.
The main purpose of collecting and processing data is to maintain, secure and, if necessary, improve the Website. The Service Provider does not store thedata entered by the user but processes the data only to the extent necessary for the provision of the service.
5. Profiling
The Service Provider may use statistical data about the Users of the Website to analyse trends and demographics related to them, but the Service Provider does not compile individual profiles of Users.
6. Transfer of data to third parties
The Service Provider does not sell, rent, exchange or otherwise transfer personal data, traffic data or the content of the communication to any person outside the Service Provider without the consent of the User, except.
- where required to do so by applicable law; or
- by order of the competent authorities; or
- where the need arises to protect the legitimate interests of the Service Provider in accordance with applicable law; and
- in the cases set out in this Privacy Policy.
7. Data security
The Service Provider has implemented the necessary technical and organisational measures to protect personal data against unauthorised access, accidental or unlawful destruction, alteration, disclosure, transmission or other unlawful processing.
The Service Provider is not responsible for the access of third parties to the User’s own controlled devices, the Internet and its security.
8. Storage of personal data
The Service Provider does not store the personal data entered by the User. Correspondence relating to natural persons is generally kept for up to three years.
9. Cookies
In order for the Website to function properly, the Service Provider sometimes saves small data files – so-called cookies – on the User’s device. Most of the big websites do the same.
The legal basis for the use of cookies is the legitimate interest of the Service Provider to ensure the technical functionality of the website. When cookies are used to remember the User’s choices or for statistical purposes, the legal basis is the User’s consent.
What are biscuits?
A cookie is a small text file that a website saves on a user’s computer or mobile device when the user visits the provider’s Website. This allows the website to remember the user’s actions and preferences for a certain period of time. This way, the user does not have to re-enter them every time they return to the Website or browse pages.
How do we use cookies?
The service provider may use cookies and similar tools to provide the service and to improve the quality of the service and the user experience. Cookies may also be used by third parties whose services are used by the Service Provider.
A number of Provider pages use cookies:
- to provide social media features; and
- to analyse web traffic.
The Provider may also provide its social media, advertising and analytics partners with information about how the User uses the Website. The use of such cookies is not directly necessary for the functioning of the website, but it does provide the User with a better browsing experience. The user can either delete or block cookies, but in this case not all website functions may work as intended. Cookies help the Service Provider to provide the Services. By using the Provider’s Services, the User agrees to the Provider’s use of cookies.
How do I check cookies?
The user can control and/or delete cookies as he or she wishes (see. www.youronlinechoices.com). The User may delete all cookies already on the User’s computer and reject cookies at any time by changing the settings of their browser (if the browser allows it) or by discontinuing the use of the Provider’s website. The User must be aware that certain features can only be provided using cookies and if the User chooses to opt out of cookies, these features may not be available to the User.
10. Google Analytics
The Provider may use Google Analytics, a web analytics service provided by Google, Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). Google Analytics uses cookies, files that are stored on the User’s computer, to analyse how the User uses the Service.
The information generated by the cookies about the User’s use of the Service is usually transmitted to and stored by Google on servers in the United States. Since the Service Provider has activated IP anonymisation, Google will shorten the User’s IP address (for the European Union or other Member States of the European Economic Area).
At the provider’s request, Google will use the information to analyse the User’s activity and compile reports on the activity on the Service’s website.
The User can disable the storage of cookies on the User’s computer by setting the browser settings, but in this case the User will not be able to use all the functions of the website to the full extent.
Users may opt out of the collection of their data by Google Analytics at any time. To do this, the User must download and install the appropriate browser add-on from the following website: tools.google.com/dlpage/gaoptout?hl=en.
Google Analytics retains cookies, user identifiers (e.g. user ID) and ad identifiers (e.g. DoubleClick cookies, Android ad identifier, Apple ad identifier) for 26 months.
11. Facebook
The provider’s homepage may have integrated Facebook add-ons (1601 S. California Avenue, Palo Alto, CA 94304, USA) “Like” and “Share”. For an overview of Facebook add-ons, visit the Facebook homepage. developers.facebook.com/docs/plugins/.
When the User visits the Website, a direct connection is established between the User’s browser and the Facebook server using these plug-ins, through which Facebook receives information that the User has accessed the Provider’s website from his/her IP address. If the User is logged in to Facebook and clicks on the “Like” or “Share” buttons, the User can link the content of the Service Provider’s website to their Facebook profile, through which Facebook can reflect the use of the Service on the User’s wall. The service provider does not receive any information about the transferred data or its use by Facebook. More information can be found by reading the Facebook Privacy Policy: www.facebook.com/about/privacy/.
If the User does not want the User’s Facebook account to reflect the visit to the Provider’s page, the User must log out of Facebook.
12. Logs
The server hosting the Provider’s website may record the queries made by the User to the server (the web address the User opens, the browser and device used by the User, the IP address, the time of access). This data is used for technical purposes only – to ensure the proper functioning and security of the website and to investigate possible security incidents.
13. User rights and how to exercise your rights
By contacting the Service Provider, the User may exercise his/her rights as follows:
- request access to your personal data;
- ask for your personal data to be corrected;
- request the deletion of your personal data;
- withdraw your consent to the processing of your personal data, where appropriate.
In some cases, the User may have the right to request the restriction of the processing of the User’s personal data or to object to the processing of personal data.
Users may exercise their rights in accordance with the requirements of applicable European Union and local legislation.
If the personal data is deleted at the User’s request, the Service Provider will retain only such copies of the information as are necessary to protect the legitimate interests of the Service Provider or third parties, to comply with governmental orders, to resolve legal disputes, to troubleshoot, or to enforce any agreement you have entered into with the Service Provider.
Users can disable cookies in their browser settings or when visiting websites:
14. Changes to the Privacy Policy
The Service Provider may make changes to this Privacy Policy and related information without notice to the User. In order to keep abreast of any changes, the Service Provider recommends that the User periodically review the Privacy Policy.
For more information about the Privacy Policy, please contact the Service Provider. by e-mail: info@aroomiturundus.ee
Last modified: 05.11.2019.
