Privacy Policy

CONDITIONS FOR PROCESSING PERSONAL DATA ON THE TEHNOPOL WEBSITE

Valid from 30.07.2024

These terms and conditions for the processing of personal data (the “Terms“) explain how Sihtasutus Tallinna Teaduspark TEHNOPOL (registration code 90008258, address Mäealuse tn 2/4, 12618 Tallinn; email address info@tehnopol.ee; hereinafter referred to as “Tehnopol” or “we“) uses and protects your personal data which reaches us, in particular by using our website (https://www.tehnopol.ee) or any of its subdomains or other websites operated by Tehnopol. Please read the Terms carefully before using the website. If you do not agree with the Terms, we ask you to stop using the website or not to subscribe to the services offered by us on the website. Please note that links on our website may take you to websites that are governed by the privacy policies of the said service providers and not by these Terms. 

In addition to ensuring that we as the data processor process personal data in accordance with the relevant legislation, we will keep confidential (taking into account any applicable exceptions) and secure any other data that we obtain as a result of your use of the website(s).

We reserve the right to modify and update the Terms without prior notice to ensure that they meet our actual needs and preferences and comply with applicable law and practice.

  1. THE CATEGORIES OF PERSONAL DATA AND THE PURPOSES FOR WHICH THEY ARE PROCESSED

In order to achieve the purposes set out in the Terms, we will process some or all of the following personal data, the exact composition of the personal data processed will vary from case to case, but we will always be guided by the principle that we process personal data to the minimum extent necessary to achieve the intended purposes:

  • We may process your personal data if you have provided us with your personal data through the contact form on our website or by email. For instance, if you have requested information from us about a project, we will process your personal data in order to send you the requested information or offer etc. By sharing your personal data, you authorise us to collect, organise, use and manage the personal data shared with us directly or indirectly through our website for the purposes set out in this privacy policy. Such personal data may include the name, email address, telephone number, address, language preference, area of practice, social media (including LinkedIn profile), etc. of natural persons, including natural persons associated with legal entities such as representatives, contact persons, certain employees, etc.
  • With your consent, we may process your personal data to send you email newsletters, advertising, marketing and other information about our activities and projects. You may opt out of this at any time by using the link contained in the relevant email.
  • Personal data disclosed to us in the course of our dealings with customers and potential customers (including the names of natural persons associated with legal entities, such as representatives, contact persons, certain employees, etc. and the name, personal identification number/date of birth, email address, telephone number, postal address of natural persons) are processed primarily for the purpose of establishing and maintaining customer relationships. In addition, we process such data for the purpose of fulfilling our contractual obligations and protecting our rights.
  • With regards to contracts, we process the name, personal identification number/date of birth, email address, telephone number, bank account number, and where applicable, financial and other information of natural persons and natural persons related to legal entities (representatives, contact persons, certain employees, etc.) in business relations with us, which is necessary for the preparation, conclusion and performance of the contract (and also for the protection of rights). Up to the conclusion of the contract, we process the relevant information for the purposes of the conclusion of the contract (establishment of the customer relationship) and the protection of rights, and from the conclusion of the contract for the purposes of the performance of the contract and the protection of rights. We will process personal data for as long as it is necessary for the above purposes.
  • We may also process your personal data to comply with legal obligations, such as to ensure the protection of your personal data, to store your personal data for any period of time necessary to comply with any obligations stemming from applicable legal acts.

In addition to the foregoing, we are entitled to collect information about you that is available in public registers.

Tehnopol does not aim to collect personal data from special categories, but we may become aware of them accidentally, for example, through an email or telephone call if you have disclosed them to us.  

We will always ask for your prior explicit consent for the processing of your personal data if we use it for purposes other than those set out in the Terms, where such consent is necessary for the processing of the personal data. You can withdraw such consent at any time.

  1. SECURITY INFORMATION

We process personal data only where there is a legal basis for doing so and only for legitimate purposes. We use security measures and store personal data in a way that ensures the security and confidentiality of personal data. Access to personal data is limited to those persons who need to have access to it in connection with the performance of their duties or to whom disclosure of personal data is in accordance with the Terms or the law. All our employees are bound by a duty of confidentiality.

We will not be liable for any misuse of your personal data that is caused by malware on your computer or any other device.

  1. DATA CONTROLLER AND PROCESSOR

Personal data may be accessed, or it may be transferred to, other companies associated with Tehnopol. We will ensure that all related parties comply with the rules for processing personal data under applicable law.

In the framework of projects managed by us, we may transfer personal data to our cooperation partners with whom we have concluded the relevant data processing agreements to ensure that personal data is processed in accordance with applicable law.

For events organised by us, we may use third party service providers to sell or register tickets. In such cases, the service provider selling or registering the tickets is the data controller and Tehnopol is only the data processor.

We commission services from third parties, including, for example, advertising, marketing, accounting, auditing, legal, payment, domain, identity verification, digital signature and similar services. This list is evolving and subject to change over time. We are entitled to disclose and transfer personal data without your prior consent to processors acting on our behalf and under relevant data processing agreements, as well as to comply with legal obligations. We have a right to disclose personal data to third parties, including legal advisors, auditors, etc., in order to protect our rights.

  1. DELETION AND STORAGE

We will retain personal data only for as long as necessary to achieve the purposes described in the Terms, to protect our rights or to comply with our legal obligations.

Personal data is generally retained for up to three (3) years from the end of the customer relationship, except for personal data relating to the performance of a contract with a customer (including debts), which may be retained for up to ten (10) years from the end of the customer relationship. After the expiry of the aforementioned periods, the relevant personal data will be deleted unless the processing of the personal data is necessary in the circumstances to protect our legitimate interests, e.g. in the event of a contractual or other dispute between us (including an ongoing dispute). We also have the right to anonymise the personal data after the aforementioned periods, i.e. to process the personal data in such a way that the data can no longer be considered as personal data.

To comply with accounting and other requirements, we will keep the original accounting records for seven (7) years from 31st of December of the year of the transaction.

Based on consent, we may process personal data until you have withdrawn your consent.

Notwithstanding the termination of the customer relationship, we may, with the customer’s prior consent, process the user’s personal data for direct marketing purposes as long as the user has not withdrawn his or her consent. If the individual prohibits direct marketing (withdraws the consent) and no other legal basis for processing exists, then the information about the prohibition will be retained to the extent necessary to ensure compliance with the prohibition on sending direct marketing communications.

  1. THE LOCATION OF DATA PROCESSING

The main location of processing of your data is in the European Union. We may also transfer your personal data to countries that have received a decision on the adequacy of the level of data protection from the European Commission, such as Canada and the USA (private sector only), in which case we do not need a specific authorisation (Article 45(1) GDPR).  

  1. COOKIES

Cookies are small fragments of data stored in text files that are saved on your computer or other device when a web page is loaded by the browser. You can read more about our cookie policy HERE.

  1. YOUR RIGHTS

You can ask us at any time for information about the processing of your personal data. Under applicable law, you have or may have the right to:

  • request the deletion of your personal data;
  • request the rectification of your personal data;
  • request the restriction of the processing of your personal data, in which case you may not be able to make full use of our website and services;
  • object to the use of your personal data;
  • to receive one’s personal data in a structured, commonly used and machine-readable format and to transmit said data to another processor.

If we process your personal data based on your consent, you can withdraw that consent at any time. Upon withdrawal, processing of your personal data will stop, though it will not affect any processing that was carried out before the withdrawal.

We will respond to requests as quickly as possible, taking into account legal deadlines.

  1. ENQUIRIES AND COMPLAINTS

In case of questions or complaints regarding the processing of personal data, please contact us (Sihtasutus Tallinna Teaduspark TEHNOPOL, Mäealuse tn 2/4, 12618 Tallinn, info@tehnopol.ee or the Data Protection Inspectorate (info@aki.ee; +372 627 4135).

  1. OTHER

This document has been translated using automated translation tools. Although we have done everything possible to provide accurate and reliable translations, they may not always fully reflect the content or nuances of the original language. In situations where there are discrepancies, conflicts, or inconsistencies between the Estonian and English versions of the Terms, the Estonian version is supreme and is considered the definitive version for interpreting and enforcing the Terms.