When you use our services you entrust your personal data to us. We are very serious about data privacy and we collect the data only to send relevant information that promotes entrepreneurship to the company you are representing and only to the extent that is necessary for using our services. We process personal data in line with the EU General Data Protection Regulation (GDPR, EU 2016/679) and laws of the Republic of Estonia. The Estonian Chamber of Commerce and Industry does not process sensitive personal data defined in the GDPR.
Our data protection terms and conditions explain who and why we collect and process personal data.
In order to provide our services, we collect data in two ways:
Data that you submit to us
For example, if you subscribe to the Chambers services or would like to obtain information, you may submit data such as name, company, title and e-mail address.
Data that we obtain from you while using the services
Depending on the use of the services, we collect the following data: time of submission of registration or application, IP address, cookie information.
Processing personal data related to your company is necessary for providing our services. Without processing personal data, we cannot broker the required service to you and fulfil related duties. In order to use our service, we need your consent for processing the personal data for the abovementioned purposes. We use data collected from all services in order to offer, manage, protect and improve our services as well as develop new services.
Before using the data for purposes other than those described in our data protection terms and conditions, we will ask for your explicit consent for it.
We treat the processed personal data as confidential and send such data to other persons or companies (or recipients) only to the extent that is necessary for rendering a service.
We do not share the personal data with companies, organisations or persons outside our organisation, except in the following cases:
We treat the processed personal data as confidential and we send them to other persons or companies (i.e. recipients) only to the extent that is necessary for providing a service.
As a rule, we process the customer data within the European Union/ European Economic Area. The Estonian Chamber of Commerce and Industry may send or process personal data outside the European Union/ European Economic Area should there be a legal basis for it, e.g. in order to perform a legal obligation, or the client’s consent, and relevant protective measures are applied: there is an agreement containing standard conditions in compliance with the General Data Protection Regulation, approved action guidelines, certifications etc.; in a country where the recipient is located has, according to the decision of the European Commission, a sufficient level of data protection; the recipient is certified based on the Privacy Shield data protection framework.
We are dedicated to protecting your data against unauthorised access or unauthorised changing, disclosing or tampering.
To ensure data security, we do the following:
Although we apply strict security rules for the personal data that have been received in our environment, we must point out that the internet is never completely safe and we cannot guarantee safe forwarding of your data to us. Safety of sending data is always your own risk.
If you have published a consent for certain collection, processing and using of your personal data, you may withdraw the consent at any time in the future.
In line with the applicable legal acts concerning data protection, you have the right:
The application must enable clear establishing of your identity. You have the right to withdraw your consent at any time. Withdrawal of your consent will not affect the legality of the processing that took place on the basis of the consent before the withdrawal.
The respective applications must be submitted (including withdrawal of the consent) to the Estonian Chamber of Commerce and industry by the e-mail address koda [a] koda.ee.
Please consider that you can request deletion of your personal data, establishing a limit to the processing etc. only if it is in line with the legal basis and legal acts concerning data protection.
If you are applying for a limitation or suspension of processing of your personal data or deletion of the data, it may stop the services rendered to you either partially or fully.
In case of complaints, you have the right to submit the complaint to the competent data protection authority. We cooperate with the respective regulation authorities, including local data protection authorities in order to settle complaints related to disclosing personal data.
Your personal data is stored as long as it is necessary for providing the desired services to you. If personal data have not been used during 7 consecutive years, we will delete your personal data or make your personal data anonymous, except if the mandatory obligations for data storage apply.
We may have a legal obligation to store some of your personal data for 10 years. That is after the end of using the services provided by us, if your personal data is required for complying with other applicable laws or if we need your personal data in order to protect, create and perform legal obligations only on the need to know basis.
Data collected without personalisation are stored without a term.
When you use the services of the Estonian Chamber of Commerce and Industry, you confirm that you have read these principles and conditions and agree to them.
Our data protection terms and conditions may change at times. We will not decrease your rights arising from our data protection conditions without your explicit consent. We will post a notice on any changes in the data protection conditions on this page and in case of major changes we will send a more elaborate notice.
Like most websites, we use the text files that are called cookies and the aim of which is to help us develop our service.
A cookie is a small text file that your web browser saves in your computer and that allows the website to remember the user preferences.
|Names of cookies||Purpose||When do these cookies expire?|
|koda.ee base and function cookies|
|_session||Necessary for storing the user sessions during purchasing.||Until closing of the web browser.|
|XSRF-TOKEN||To ensure security against request forgery (cross-site request forgery, CSRF).||One day.|
|Google Analytics analysis cookies|
|_ga||To distinguish between the different website visitors.||Two years.|
|_gid||To distinguish between the different website visitors.||One day.|
|To distinguish between the different website visitors.||One minute.|
You can block the use of the cookies when you activate the settings of your web browser that allow you to refuse all or some cookies settings. However, if you block all cookies with the settings of your web browser, you might not have access to our website or parts of it.
To cover the activities of the Chamber photographing and filming may occur at the events.
Should you have concerns or questions related to our data protection terms and conditions, please contact us:
Estonian Chamber of Commerce and Industry, Toom-Kooli 17, Tallinn, Estonia
koda [at] koda.ee
Last amended: 25 May 2018