DATA PROTECTION CONDITIONS
This guide to the processing of personal data (hereinafter referred to as the Guide) has been prepared in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council, hereinafter the Regulation) and the Personal Data Protection Act and applyb E-RAAMATUPIDAMINE24 accounting agency, MR Trade OÜ, (registry code: 12686623, registered office address: Võru county, Võru city, F. R. Kreutzwaldi tn 43b, 65610 Republic of Estonia, hereinafter we) for customers and potential customers who have expressed a wish to order our services or cooperate.
The guide is an integral part of the contracts concluded between us and the client and contains the following information:
- what types of personal data do we collect?
- why and on what basis do we collect your personal data?
- how do we handle your personal data?
- what are your rights?
- where can you find us so that you can know about and exercise your rights in relation to the processing of your personal data?
We will use the definitions below in the guide in the following content:
- Customer – a natural or legal person who uses, has used or has expressed a desire to use our Services or is otherwise associated with our Services (hereinafter referred to as the Customer or you);
- data subject – a natural person about whom we have information and information to identify the person. Data subjects are, for example, clients who are natural persons, visitors, providers of inquiries and questions/requests, cooperation partners, representatives and employees of clients who are legal persons (hereinafter the person or client);
- "personal data " means any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is a natural person who can be identified, directly or indirectly, inter alia, through personal data, location information, physiological, social or economic characteristics;
- "processing" means any operation which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure (including by transmission, dissemination or otherwise making available), alignment or combination, restriction, erasure or destruction;
- "controller " means a natural or legal person, as well as a public authority or local authority, which is the primary collector of personal data and which sets out the purposes and means of the personal data processed by that person;
- processor – a natural or legal person, as well as a public authority or local authority, which processes personal data on behalf of and on the instructions given by the controller.
Due to thespecifics of accounting, we are both the controller and the authorized processor of the personal data disclosed to us by the client. As an authorized processor, we process this personal data on behalf of the client and in accordance with the client's instructions. The relationship, rights and obligations between the processor and the controller are determined, if necessary, in the customer's contract between the parties, taking into account the general obligations arising from the applicable legislation.
2. PERSONAL DATA
We process customers' personal data only on the grounds and for the purposes specified in the Personal Data Protection Regulation, the Personal Data Protection Act and the Instructions. We process the following personal data of our customers:
Personal identification data |
|
The client's right of representation |
|
Data related to the provision of the service |
|
Other data |
|
We collect the above data in different ways:
- data disclosed to us by a person (e.g. through inquiries, requests, conclusion of a contract) and data received as a result of communication (e.g. correspondence, telephone calls, oralconversation, etc.);
- data disclosed by the person himself/herself on the Internet and social media;
- data received when paying for the service;
- data from third parties – from public registers, authorities;
- previous information about the person and service stored in our databases.
3. PURPOSE AND BASIS OF DATA PROCESSING
We have a legal basis and interest in processing the personal data of the client or the customer's representative during the establishment, duration and termination of cooperation and customer relationship, and to store personal data throughout the process, including storing data for fulfilling legal obligations, filing claims and holding legal disputes.
We collectand process personal data primarily in the following situations and for the following purposes:
For the purpose of and on the basis of the performance of the contract |
|
For the performance of a legal obligation |
|
On the basis of a legitimate interest |
|
With the consent of the client |
|
4. ACCESS TO PERSONAL DATA AND SECURITY
We ensure the secure preservation of the confidentiality of a person's data required by law and organize the protection of personal data against unauthorised access, unlawful processing or disclosure, accidental loss, alteration or destruction.
Only the legal representatives of our company or designated employees have access to personal data. Certain personal data may be transferred to a third party, i.e. a processor, for the purpose of fulfilling obligations arising from the contract and the law (see clause 5 of the instructions).
We organize the storage and exchange of information in a secure manner, using multiple personal access and identification codes and secure channels for transmitting information, which prevents access to third parties and minimizes the risk of data leakage.
5. DATA SHARING
We transfer the client's personal data to third parties, if required by law, necessary for the organization of our work or for the exercise of legal obligations or rights, or on another legal basis. Personal data submitted to authorized processors are processed on the grounds provided by law and only to the extent necessary.
We transfer personal data to the following recipients:
- was used as processors for the purpose of organizing our work (e.g. IT system manager, client program manager, business software, accounting software, archiving service provider, etc.);
- authorities (Tax and Customs Board, Unemployment Insurance Fund, Health Insurance Fund, Courtes, Police and Border Guard Board, Financial Intelligence Unit, Data Protection Inspectorate, etc.);
- providers of legal services and audit services.
6. STORAGE AND TIME OF PERSONAL DATA
We will not process personal data for longer than is necessary for the purposes related to the respective data, including the data retention obligation set out in law.
Based on the above, we proceed from the following when storing personal data:
- ramatures documents are stored for 7 years under the Accounting Act ;
- the data collected under the Prevention of Terrorist Financing and Terrorist Financing Act will be stored for 5 years;
- theinformation obtained on the basis of the consent shall be kept until the consent is withdrawn.
The customer has the right to withdraw his/her consent at any time by submitting it to us by e-mail or on the basis of the instructions given in the newsletter . The withdrawal of consent shall not affect the lawfulness of the processing of personal data carried out before the withdrawal of the consent.
Personal data are processed within the European Union/European Economic Area. Should there be a need to process personal data on servers located outside the aforementioned area, the transfer will only take place to recipients located in a country with an adequate level of data protection in accordance with the european Commission's decision to that effect or to recipients certified under the Privacy Policy (applicable to recipients located in the United States).
7. KLIENT'S RIGHTS
By organizing the protection of personal data by us, the client has the following rights:
- get acquainted with information about the person and, if necessary, receive a copy of the data;
- request the correction of outdated or erroneous data;
- request the erasure of data or the termination of processing if there is no longer a legal basis for storing or processing the data and if the retention of the person's data is no longer necessary for the processing of the data;
- require the transfer of data to a third party;
- the right to lodge a complaint with a supervisory authority.
In order to exercise the above rights, please contact our representative. If the customer suspects that their personal data has been misused, our representative must be notified immediately.
8. COOKIES AND OTHER WEB TECHNOLOGIES
A cookie is a small text file that is stored on the user's device. On our website and social media, cookies may be used to provide a service to the user, to analyze and improve the user experience, and to market more effectively. By visiting the website and social media, the user agrees to the use of cookies in the manner described in the instructions.
Cookies are generally used to collect statistical data, paying attention to the preferences of users when visiting different websites. The information is used to make the website more user-friendly and better.
In order to limit the use of cookies, the user can set the respective preferences through their browser settings. If cookies are not used, the websites may not work correctly and not all services may be available.
We reserve the right to update and amend this guide. The changes will be made visible to customers on our website.
If you have any questions regarding the processing of personal data, please contact us at the following contacts:
E-RAAMATUPIDAMINE24 Accounting AgencyMR Trade Ltd.
Address: Estonia Võru city, F. R. Kreutzwaldi tn 43b, 65610
Phone: +372 58207197
Email: info@e-raamatupidamine24.ee
www. e-raamatupidamine24.ee