Privacy notice

INTRODUCTION

This Privacy Notice describes how AS Connecto Infra (registration code 10722319) processes personal data.

The purpose of this Privacy Notice is to provide our customers and partners with clear and transparent information about how AS Connecto Infra may process your personal data when you use our services.

If you have any specific questions about how we process your personal data or if you wish to make any requests to exercise your rights in relation to the processing of your personal data, please contact us using the contact details in the “Contact” section below.

AS Connecto Infra may amend these Terms and Conditions for the Processing of Personal Data from time to time. The current terms and conditions for processing personal data are published on our website.

1. DEFINITIONS

“GDPR” – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).

“Connecto” – AS Connecto Infra (registration code 10722319).

‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification code, location data, a network identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Applicable Law” – All applicable European Union legislation and all applicable legislation of the Republic of Estonia, including, but not limited to, national legislation implementing the GDPR, in force at the time these Terms are in force or coming into force after the date of these Terms.

“Data Subject” – A natural person whose data is processed by Connecto.

“Processing” means any operation or set of operations which is performed upon personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation and alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data. For the purposes of the Privacy Notice, the Data Controller is Connecto.

“Authorised Processor” means a natural or legal person, public authority, agency or other body that processes personal data on behalf of a controller.

“Website” – Connecto website https://www.connecto.ee/.

2. WHEN AND FOR WHAT PURPOSES DO WE PROCESS PERSONAL DATA?

2.1. Connecto töötleb isikuandmeid eelkõige teenuse osutamiseks oma klientidele ja koostööpartneritele ja lepinguliste kohustuste täitmiseks oma klientide ja koostööpartnerite eest. Kui Connecto klient või koostööpartner on andmesubjekt, siis on isikuandmete töötlemise õiguslik alus on GDPR artikkel 6 lg 1 punkt b – isikuandmete töötlemine on vajalik andmesubjekti osalusel sõlmitud lepingu täitmiseks või lepingu sõlmimisele eelnevate meetmete võtmiseks vastavalt andmesubjekti taotlusele. Kui klient või koostööpartner on juriidiline isik, siis töötleme andmeid, mis on vajalikud esindusõiguse kindlakstegemiseks.

2.2. Connecto võib töödelda isikuandmeid ka siis, kui see on vajalik Connecto suhtes kehtiva juriidilise kohustuse täitmiseks. Näiteks, kui Connectolt nõuab isikuandmeid kohus kehtiva kohtumääruse või kohtuotsuse alusel või kui isikuandmeid nõuab kehtiva määruse alusel õiguskaitseorgan. Samuti, kui Connecto on kohustatud säilitama isikuandmeid näiteks raamatupidamise seaduse või muude kohalduvate õigusaktide alusel. Isikuandmete töötlemise õiguslik alusel sellise töötlemise korral on GDPR artikkel 6 lg 1 punkt c – isikuandmete töötlemine on vajalik vastutava töötleja juriidilise kohustuse täitmiseks.

2.3. Teatud juhtudel võib Connecto töödelda isikuandmeid ka siis, kui see vajalik Connecto õigustatud huvi korral, välja arvatud juhul, kui sellise huvi kaaluvad üles andmesubjekti huvid või põhiõigused ja -vabadused, mille nimel tuleb kaitsta isikuandmeid, eriti juhul kui andmesubjekt on laps. Isikuandmete töötlemise õiguslik alus on sellisel juhul GDPR artikkel 6 lg 1 punkt f.

2.4. Sõltuvalt teie ja Connecto vahelisest õigussuhtest, võib Connecto töödelda teie kohta järgmiseid andmeid:

Purpose	Personal data collected
Website offer	Data collected through cookies (read the separate chapter on the use of cookies)
Responding to queries:	Responding to enquiries, requests, complaints or other correspondence sent via the Connecto website or other Connecto contacts.
Provision of services to legal entities:	Contact details: name of the contact person of the legal person, e-mail address, telephone number;
Ensuring security on Connecto premises	Security camera recordings: when you are on Connecto premises, we may record your image with security cameras (see the separate section on using security cameras).

3. TRANSFERS OF PERSONAL DATA AND USE OF PROCESSORS

3.1. Connecto ei edasta isikuandmeid kolmandatele isikutele, välja arvatud selleks kehtiva õiguse alusel seaduslikku õigust omades.

3.2. Connecto võib kasutada isikuandmete töötlemisel volitatud töötlejaid. Connecto volitatud töötlejad, kes võivad piiratud juhtudel isikuandmeid töödelda, on näiteks IT-teenuse osutajad (serveriteenuse pakkujad, IT tarkvara arendajad) või muud tugiteenuste osutajad. Connecto kasutab volitatud töötlejatena üksnes selliseid koostööpartnereid, kelle usaldusväärsuses on Connecto veendunud ja kes on võtnud kohustuse töödelda isikuandmeid kooskõlas kehtiva õigusega.

4. STORAGE OF PERSONAL DATA

4.1. Connecto ei säilita isikuandmeid kauem, kui see on lähtuvalt isikuandmete töötlemise eesmärgist või kehtiva õiguse alusel vajalik.

4.2. Connecto rakendab järgmiseid seadusest tulenevaid säilitamistähtaegasid:

4.2.1. Raamatupidamisseaduse alusel säilitame raamatupidamislikke dokumente 7 aastat;

4.2.2. Lepingu sõlmimisega seotud isikuandmeid, mille pikem säilitamistähtaeg ei tulene kehtivast õigusest, säilitame üldreegli kohaselt seni, kuni neid on vaja lepingu täitmisega seoses lepingu kehtivuse jooksul või kuni 10 aasta jooksul pärast lepingu lõppemist tulenevalt Connecto õigustatud huvist GDPR artikkel 6 lg 1 punkt f järgi ja tsiviilseadustiku üldosa seadusest tulenevast aegumistähtajast;

4.2.3. Saadud päringuid, mille mille pikem säilitamistähtaeg ei tulene kehtivast õigusest, säilitame üldreegli seni, kuni vaja päringule vastamiseks või kuni 3 aasta jooksul pärast lepingu lõppemist tulenevalt Connecto õigustatud huvist GDPR artikkel 6 lg 1 punkt f järgi ja tsiviilseadustiku üldosa seadusest tulenevast aegumistähtajast

4.3. Kui soovite saada detailsemat teavet Teiega seotud isikuandmete säilitamise tähtaegade kohta, võtke palun meiega ühendust alltoodud jaotises „Kontakt“ toodud kontaktandmete kaudu.

5. USE OF SECURITY CAMERAS

5.1. Kehtiva õiguse alusel on Connectol õigus kasutada isikute ja vara kaitse eesmärgil jälgimisseadmestikku. Selleks kasutab Connecto enda territooriumil turvakaameraid, millega seoses töötleme ka isikuandmeid.

5.2. Turvakaamerate kasutamine on vajalik eelkõige Connecto territooriumil turvalisuse tagamiseks, turvaintsidentide vältimiseks ning menetlemiseks ning Connecto vara ja inimeste, sh töötajate, turvalisuse tagamiseks.

5.3. Õiguslik alus turvakaamerate kasutamiseks on Connecto õigustatud huvi isikuandmete kaitse üldmääruse (GDPR) artikkel 6 lõige 1 punkti f.

5.4. Connecto jälgimisseadmestik koosneb territooriumile paigaldatud kaameratest, mis salvestavad territooriumi ööpäev läbi (24/7), turvakaamerad on statsionaarsed ning kaamerad heli ei salvesta.

5.5. Connecto kasutab kaameraid Connecto territooriumi üldkasutatavatel õuealadel. Kaamerate kasutamise eesmärk on jälgida tegevust Connecto õuealadel.

5.6. Turvakaameraid ole kunagi paigaldatud aladele, kus Connecto töötajad, Connecto kliendid või teised isikud, kes võivad turvakaamera vaatevälja sattuda, võivad eeldada täielikku privaatsust. Turvakaameraid ei ole siseruumides.

5.7. Turvakaamerate kasutamise korral on turvakaamera jälgimisalasse alati paigutatud silt kaamera kasutamise kohta, s.o silt, millel on kaamera kujutis ja/või sõna „VIDEOVALVE“.

5.8. Reeglina Connecto ei edasta kaamerate salvestisi kolmandatele isikutele, välja arvatud, kui Connecto on kehtiva õiguse alusel selleks õigustatud või kohustatud. Näiteks võib Connecto edastada salvestisi ametiasutustele kehtiva õiguse alusel, näiteks kui see on vajalik toimepandud õigusrikkumiste või muude intsidentide uurimiseks kehtiva õiguse alusel volitatud isikute poolt, näiteks Politsei- ja Piirivalveameti poolt.

5.9. Turvakaamerate salvestistele juurdepääs on piiratud isikute ringiga, kes vajavad ligipääsu rangelt seoses enda tööülesannete täitmisega. Näiteks on juurdepääs salvestitele Connecto IT-juhil.

5.10. Connecto rakendab kaamerate salvestise säilitamisel mõistlikke organisatsioonilisi ja tehnilisi turvameetmeid, et kaitsta isikuandmeid tahtmatu, volitamata töötlemise või avalikuks tuleku eest. Kaamerate salvestisi säilitatakse Connecto kohalikus serveriruumis. Kaamerate salvestisi ei edastata Euroopa Liidust välja.

5.11. Connecto säilitab kaamerate salvestisi kuni 2 kuud alates salvestise tegemisest, välja arvatud, kui selle aja jooksul on algatatud menetlus samal perioodil toimepandud õigusrikkumise või muu intsidendi uurimiseks, millega seoses on vajalik konkreetse salvestise säilitamine pikema säilitamisperioodi jooksul. 2-kuuline säilitamistähtaeg on vajalik selle perioodi jooksul toimunud võimalike intsidentide või õigusrikkumiste avastamiseks või uurimiseks. Võimalikud kahjud seoses õigusrikkumisega Connectos avastatakse reeglina kuni 2 kuu möödumisel pärast rikkumise toimumist. Selleks, et Connecto saaks rikkumise korral ja enda õiguste kaitsmiseks võtta õigusrikkuja vastu õiguslikke meetmeid, peame säilitama kaamerate salvestisi kuni 2 kuud salvestise tegemisest.

5.12. Kõigil Connecto töötajatel, Connecto klientidel või teistel kolmandatel isikutel, kes on viibinud Connecto territooriumil ning kelle kujutist on Connecto salvestanud, on õigus tema kujutist sisaldava salvestisega tutvuda. Connectol ei ole võimalik väljastada töötajale või kolmandale isikule kaamera salvestist, kui salvestis on salvestisega tutvumise taotluse saamise ajaks kustutatud. Lisaks palume arvestada, et teiste salvestisele jäänud isikute õiguste ja huvide kaitsmiseks peame muutma nende kujutise selliseks, et neid ei oleks võimalik tuvastada (kujutise udustama), mistõttu ei saa me tutvumist võimaldada koheselt.

6. USE OF COOKIES

6.1. Connecto veebileht kasutab küpsiseid. Küpsised on väikesed tekstifailid, mis sisaldavad arvutisse talletatavat informatsiooni ning mida kasutatakse jälgimiseks või tuvastamiseks.

6.2. Veebileht kasutab järgmist tüüpi küpsiseid:

6.2.1. Sessiooniküpsised: sessiooniküpsiseid ehk ajutised küpsised – kasutatakse iga kord Veebilehte kasutades ja kustutatakse pärast veebibrauseri sulgemist. Ajutised küpsised on vajalikud Veebilehe funktsionaalsuste toimimise jaoks.

6.2.2. Kolmandate osapoolte küpsised: Veebilehe parema toimimise ja parema pakkumise ja statistika kogumise eesmärgil kasutame kolmandate osapoolte küpsiseid (Google Analytics ja YouTube pluginad). Kolmandate osapoolte privaatsuspoliitika ja tingimustega saate tutvuda küpsise tootja lehel: https://www.google.com/policies/technologies/cookies/.

6.3. Täpsemalt kasutab Veebileht järgmiseid küpsiseid:

Cookie Description Validity Type

wp-wpml_current_language	The WordPress multilingual plugin sets this cookie to store language settings.	To the session	Website functionality
YSC	This cookie is set by YouTube and is used to track views of videos embedded on YouTube pages.	To the session	Advertisement
VISITOR_INFO1_LIVE, VISITOR_PRIVACY_METADATA	YouTube assigns this cookie to measure bandwidth by determining whether the user is presented with a new or old interface.	6 months	Advertisement
__ga	This cookie is set by Google Analytics. This cookie is used to distinguish unique users by assigning a randomly generated number as a customer identifier. It is included in every page query on the site and is used to calculate visitor, session and campaign data for site analytics reports.	1 year 1 month	Website performance

6.4. You have the right to disable the use of cookies at any time by changing your web browser settings. In this case, please note that not all functions of the Website may work correctly. You can disable cookies by following the instructions in the “help” or “help” function of your web browser. You can also find more information on how cookies work or how to disable cookies at www.allaboutcookies.org.

7. RIGHTS OF THE DATA SUBJECT

7.1. Connecto guarantees all rights of the data subject under applicable law.

7.2. Each data subject has the following rights, among others:

7.2.1. right of access: the right to ask at any time whether or not Connecto holds personal data about you and to be informed about the personal data that Connecto processes about you;

7.2.2. right to rectification of personal data: the right to ask Connect to specify or rectify your personal data if it is insufficient, incomplete or incorrect;

7.2.3. Right to object: the right to object to the processing of your personal data by Connecto, for example, where the use of the personal data is based on Connecto’s legitimate interest;

7.2.4. right to request erasure of personal data: the right to request the erasure of personal data, for example where personal data are processed with the consent of the data subject and the data subject has withdrawn his or her consent;

7.2.5. right to restriction of processing: the right to require Connecto to restrict the processing of personal data on the basis of applicable law, for example where Connecto no longer needs the personal data to achieve the purposes of the processing or where the data subject has objected to the processing of personal data;

7.2.6. the right to obtain the consent for the processing of personal data:if the processing of personal data is based on the consent of the data subject, the data subject has the right to withdraw the consent given to Connectoi at any time;

7.2.7. right to data portability: the right to receive from Connecto personal data which the employee has provided to Connecto and which are processed on the basis of the data subject’s consent or for the performance of a contract entered into with the data subject, in written or commonly used electronic format, and, where technically feasible, to request Connecto to transfer those data to another controller;

7.2.8. right to lodge a complaint: if the employee considers that his or her rights have been infringed as a result of the processing of his or her Personal Data, he or she always has the right to lodge a claim or complaint with the Data Protection Inspectorate – Tatari 39, 10134 Tallinn, info@aki.ee, www.aki.ee.

7.3. The rights of the data subject listed in this Chapter in relation to the processing of his or her personal data are not exhaustive. In certain cases, the rights of other data subjects or Connecto’s legal obligations may limit the rights of the data subject.

7.4. To exercise your rights in relation to the processing of your personal data or to make a request concerning the processing of your personal data, please contact us using the contact details in the “Contact” section below or your line manager, Human Resources or Data Protection Specialist.

8. SECURITY OF PERSONAL DATA

8.1. Connecto undertakes to ensure the security of the processing of personal data in order to protect personal data against accidental or unauthorised processing, disclosure or destruction.

8.2. Taking into account the latest developments in science and technology and the costs of their implementation, the nature, scope, context and purposes of the processing of personal data, as well as the varying likelihood and scale of the risks to the rights and freedoms of data subjects arising from the processing, Connecto will implement appropriate technical and organisational measures to ensure the security of personal data when processing personal data.

9TH CONTACT

9.1. If you have any questions about the processing of your personal data, or if you wish to make a request regarding the processing of your personal data, please contact Connecto at.

Connecto’s contact details are:

AS Connecto Infra
Tuisu 19, Tallinn 11314 Phone: +372 6063100 e-mail: info@connecto.ee