Privacy Notice
1 Introduction
2 Definitions
3 Summary
4 How we share Personal data that we collect
5 How we store and secure the Personal data we collect
6 How we transfer Personal data we collect internationally
7 If you reside in the European Economic Area or Switzerland
8 Other important privacy information
1 Introduction
This Privacy Policy was last updated on 02 February 2020.
The purpose of this Policy is to notify you how Cyberconnecting OÜ, Sepapaja 6, Tallinn 15551, Estonia, www.cyberconnecting.net handles, your personal data. When you ("Potential Client," "Client," "Website visitor") visits our website, subscribes to our mailing lists, enquires about our consultation services, purchases our eBook, or attends our seminars and trainings (collectively "Services") you are consequently or willingly sharing your personal data with Us.
This Privacy Policy governs the legal terms and conditions of the agreement between us directing the submission of the data and our use of it in the provision of our Services. Before you start using our Services, please review this Privacy Policy.
Cyberconnecting OÜ
Sepapaja 6, Tallinn 15551
ESTONIA
Contact: [email protected]
2 Definitions
“Applicable Law” – means any Law governing this Privacy Policy. If you are situated in the EEA (meaning European Union, Island, Norway, and Lichtenstein), and Switzerland then you have additional privacy rights that are governed by the Regulation (EU) 2016/679 (''General Data Protection Regulation'', ''GDPR'').“Controller” means the natural or legal person, public authority, agency or other bodies which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Processor” means a natural or legal person, public authority, agency or other bodies that processes Personal data on behalf of the Controller.
“Processing” – is any operation or set of operations which are performed on Personal data or on sets of Personal data, whether or not by automated means (collecting, storing, aggregating, sharing, etc.).
‘’Personal Data Breach’’ – is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
“Staff” means any natural person or legal entity employed or contracted by us (including, but not limited to employees, interns, contract employees, consultants, and volunteers).
“Third Party” means a natural or legal person, public authority, agency or body other than you, Controller or Processor.
‘’AKI’’ means Andmekaitse Inspektioons (Estonian Data Protection Inspectorate).
‘’Cookies’’ mean small files stored on a user’s browser or device.
3 Summary
In this section, we will explain how we collect, use, and share your personal data. As a data controller we are responsible for our Services, which process
- website visitor data (collected through cookies or similar technologies and various contact forms and sign-ups based on your consent),
- client data (collected through your phone/email inquiries, eBook purchase details and various webinars/training based on our business relationship and contract),
- potential client/lead data (collected through our various sales and marketing channels with your permission or based on our legitimate business interest),
- job applicant data (collected through our Services when we have an open job position based on your consent),
- business partners data (various business-related personal data that we process based on our legitimate business interest or contract).
When you visit our website, we may collect data that is connected to your device (i.e., desktop, mobile, etc.). We may also store cookies and similar technologies on your device and browser or try to reach out in some way (newsletter and contact forms). When you attend our webinars/training or buy our eBook, we might collect your payment and contact data. If you apply for one of our open job positions, we will require that you provide certain details about your qualifications/past projects/references.
If we need your personal data for some other purpose that is not related to our Services, we will ask for your consent. We will never sell your information to others. We process this data to:
- understand better how you found our Services,
- analyse how you use our Services,
- provide you with our Services,
- analyse your job application,
- process your job application,
- safeguard our Service against fraud and misuse,
- protect our rights and rights of others,
- support a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction, but we will notify you (for example, via email and/or a prominent Policy on the Website) of any change in control or use of your Personal Information . We will also notify you of choices you may have regarding the information,
- disclose information that we collect when we have a good faith belief that disclosure is reasonably necessary,
- fulfil our legal obligations,
- improve and enhance the functionality and security of our Services,
- offer support and answer your inquiries, or
- to make your experience more enjoyable and personalised.
3.1 Personal data You Choose to Provide
We may collect your contact information through various contact and newsletter forms (email, first and last name, phone number, job application, qualifications, past work experience ). The content of your inquiry might also have some additional personal data. If you wish to hire us, work with us or purchase from us we may need your financial information.
You need to provide us with this personal data so we can respond to your inquiries and provide you with our Services. If you choose to correspond with us via e-mail, we may retain the content of your e-mail messages, your e-mail address and our response to you by our retention policy. General business communication will be retained for two years and then properly deleted.
Under the GDPR, we use the consent as a lawful basis for anyone subscribing to our newsletter or marketing mailing list. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third-party service provider of software/applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic, and demographic data. Such data, within its limitations, will show the activity each subscriber made for that email campaign.
Our EMS provider is MailChimp. Link to their privacy policy is available in session 5 of this Notice.
3.2 Personal data Collected Automatically
Our primary intention for you to feel safe while using our Services. For this reason, we are continually developing new features and improving your user experience while at the same time carefully watching for safety issues. For us to keep you safe and content, we may automatically collect specific personal data.
3.3 Cookies and Similar Technologies
See our Cookie Policy here.
4 How we share Personal data that we collect
We may use third-party partners to help us run and maintain our website and deliver our Services. We may also share your personal data with our service providers and other third parties (“Affiliated Parties”) that provide products or services for or through this website.
Third-party service providers are contractually restrained from using or disclosing your personal data, except as required to perform services on our or your behalf or to comply with legal requirements. Your data may be processed in the EEA and Switzerland or transferred with appropriate safeguards to the United States or some other country.
Full list of our current service providers is available on this link.
5 How we Store and Secure the Personal Data we collect
We have protective measures in place to prevent data breaches and to process personal data securely. This includes data saved to computers, mobile devices, laptops, and tablets. Protective measures entail encryption, firewall technology, multi-factor authentication, passwords, and passcodes. Our staff has received security and data protection training, and we have an external cybersecurity expert that monitors our Services for any threats and vulnerabilities. Our Service providers are monitored for vulnerabilities and audited at least once a year.
Even though we have implemented reasonable physical, technical and organisational measures intended to protect the integrity and security of all data we process, due to the essential characteristics of the Internet as an open global information channel, we cannot guarantee data, either during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers.
If you contact us by e-mail or a similar feature on the website, you should be aware that your transmission might not be secure.
6 How we transfer Personal data we collect internationally
Personal data collected from you may be transferred and processed in the EEA, Switzerland, the United States, or any other country in which our service providers or we maintain facilities.
Such countries may have laws that are different, and potentially not as protective, as the laws of your own country.
Whenever we share Personal data from the EEA or Switzerland, we use suitable safeguards (Standard Contractual Clauses developed by the European Commission, EU-U.S. and Swiss-U.S. Privacy Shield Frameworks).
7 If you Reside in the European Economic Area or Switzerland
You have additional rights available to you under the GDPR and your Applicable Law, including:
Right to access
You have the right to request a copy of the personal data we hold about you.
Right to correction/rectification
You have the right to ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete.
Right of erasure
You have the right to ask that we delete personal data that we hold about you, or restrict how we use such personal data. This is not an absolute right, and we may refuse your request if we need the information for record-keeping purposes, to complete transactions or to comply with our legal obligations, among other things.
Rights to object and restrict Processing
If you receive marketing and non-service-related emails from us, you can opt-out from further emails by clicking the unsubscribe button in the footer of the email. If you believe that the personal data, we hold about you is inaccurate or unlawfully held you can request that we restrict processing of your Personal data until you take appropriate legal actions or provide us with correct data.
Right to data portability
You have a right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable form and transmit it to another data controller.
Right to file a complaint with your Data Protection Authority
You also have the right to complain to a data protection authority about our collection and use of your Personal data. For more information, please contact your local data protection authority or AKI.
Breach Notification
In the event of a data breach that might result in harm to a natural person or may result in the unauthorised access, use or disclosure of Personal Information belonging to you or your End Users, we will promptly investigate the matter and notify you of such breach.
We are responsible for notifying you and, as applicable, any other parties of any security breach by Applicable Law.
8 Other Important Privacy Information
8.1 Third Parties
When you are on this website, you may have the opportunity to visit or link to other websites. These websites may collect personal data about you. This privacy policy does not address the collection practices of those other websites; therefore, you should review the privacy policies of such other websites to see how they treat your personal data.
8.2 Social Media Features
Our Website may include, from time to time, social media features, such as Twitter, Facebook, Instagram and LinkedIn buttons and widgets, such as “share” buttons or interactive mini-programs that run on our Website and Platform. These features may collect your IP address, which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. You can opt-out from all non-essential cookies through our cookie banner.
8.3 Our Policy Towards Children
Our Services are not aimed at children under the age of eighteen. We do not knowingly collect personal data from children under the age of eighteen on our website. If we become aware that we have accidentally collected personal data from a visitor under the age of eighteen on our website, we will delete the information from our records.
8.4 Changes to Our Privacy Notice
We may periodically update this policy. We will notify you about significant changes through email if you are subscribed to our newsletter.