Definitions
The following terms should be understood as defined below:
Who controls your personal data?
According to Art. 13 sec. 1 and sec. 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), we inform you that the administrator of the client's personal data is OÜ Veterinary Application with its registered office in Tallinn, full address: Harju maakond, Tallinn, Lasnamäe linnaosa, Lõõtsa tn 5, 11415, entered into the Estonian Register of Entrepreneurs of the Ministry of Justice of the Republic of Estonia under number 16570707, share capital of EUR 3,000 paid up in full, e-mail address: [email protected].
In matters of personal data protection, please contact Mariusz Andrych, e-mail: [email protected]
Who do we transfer your personal data to?
The client's personal data may be made available to the Administrator's employees, contractors or associates authorized to process them at the Administrator's request, as well as entities entrusted by the Administrator with the processing of personal data, including entities providing accounting, IT, marketing and organizational services enabling the Administrator to provide services, run a portal preparation and distribution of the newsletter ("Cooperating Entities").
Your data may be transferred to the competent authorities (Police, Prosecutor's Office, Courts) in accordance with the jurisdiction of the conducted proceedings in the scope of their statutory tasks, at their request submitted in accordance with the procedure appropriate for the proceedings and on the basis of a valid decision, judgment or order appropriate for the proceedings, or another decision of an equivalent nature, while maintaining all guarantees ensuring the security of the transferred data.
Your personal data may be transferred to entities from the Administrator's group - that is, entities having capital and personal connections with the Administrator - in particular to the extent necessary for the Administrator to provide services covered by the subject of contracts concluded with the Customer.
In particular, the Administrator exercises due diligence in the selection and choice of the Cooperating Entities, and then, at the stage of concluding a contract with them, makes sure that these entities provide an appropriate level of security with regard to the processing of personal data.
Where do we store your personal data?
We store the collected personal data within the European Economic Area ("EEA"), but it may also be transferred to a country outside this area and processed there. Each operation of transferring personal data is performed in accordance with applicable law, internal procedures of the Administrator's Company and this Privacy Policy.
If the data is transferred outside the EEA, also if, at the Customer's request, the delivery of goods or services is to be delivered outside the EEA, the Administrator applies all available technical measures in relation to countries for which the European Commission has not confirm an adequate level of data protection and processes the data Customer only on the basis of his voluntary consent.
Warranties and statements of the Administrator
The administrator guarantees the protection of personal data and the processing of personal data in accordance with the GDPR. The administrator collects only those data that are necessary for the performance of the contract. The Administrator does not process data without Customer's consent beyond the scope necessary to perform the contract, provide electronic services or the legal obligation incumbent on the Administrator without the Customer's prior consent.
The Administrator takes special care to protect the interests of data subjects; in particular ensures that the data collected by him are processed in accordance with the law; collected for specified, legitimate purposes and not subjected to further processing noncompliant with those purposes; factually correct and adequate in relation to the purposes for which they are processed and stored in a form that allows identification of the persons to whom they relate, for no longer that it is necessary to achieve the purpose of processing.
Due to the nature of the Administrator's services, the Administrator does not process any data of natural persons who are under 18 years of age, or who do not have full legal capacity due to the appropriate ruling on total incapacitation, or who should act through a statutory representative due to partial incapacitation.
On what basis does the Administrator process your personal data?
(1) The processing of personal data is carried out for the following purposes and based on the following legal bases:
1) to the extent that the processing will take place in connection with the Administrator's business and the provision of services to the Customer, i.e. in the scope of receiving and archiving the Customer's declarations of will in connection with undertaking activity on the Website, using the website www.blitefund.com, concluding contract for the provision of services, in order to perform these contracts or perform contracts for the provision of electronic services, and thus to enable the use of the functionality of the Website and the performance of other electronic services, as well as to perform other contracts to which the customer is a party or to take action at the customer's request before concluding the contract, in order to consider any complaints - Article 6 Paragraph 1 Letter b of the GDPR;
2) in order to consider any complaints or reported claims, in the scope of pursuing claims for business activity, for archival (evidence) purposes being the implementation of our legitimate interest in securing information in the event of a legal need to prove facts before the competent state authorities, for analytical purposes (optimization of our products based also on the customer's comments about them and the customer's interest, optimization of service processes based on the course of customer service processes) - in our opinion, the processing of this data is also beneficial for the user, as it improves his experience and allows to offer the user better quality of services – Article 6 Paragraph 1 Letter f of the GDPR;
3) after expressing a separate consent pursuant to Art. 6 Para. 1 Let. A of GDPR, in order for us to offer products and services directly (direct marketing), including selecting them in terms of customer needs, sending newsletters in the communication channels provided by the customer (including in the form of text messages/multimedia messages sent to the telephone number provided by the customer) - only if you give your consent.
|
PURPOSE |
BASIS OF PROCESSING |
| 1. Performing Verification, including the Customer's manual Verification; point (1) subpoint 1 of the Privacy Policy. |
The processing of your data is necessary and results from the legal obligations imposed on the Administrator by a number of legal acts - the Estonian Money Laundering and Terrorist Financing Prevention Act passed 26 October 2017, as well as Directive (EU) 2018/843 of the European Parliament and of the Council of 30 May 2018 amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing and amending Directives 2009/138/EC and 2013/36/EU, Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (Text with EEA relevance). The above-mentioned legal acts require the Administrator to perform Customer Verification - Verification includes, in particular, determining the identity, as well as duly confirming it, specifying the address of the Customer's residence, as well as verification of the sources from which the Customer finances his activity, which includes the services provided by the Administrator . For the purposes of Verification and making decisions on whether to admit the Customer to the services provided by the Administrator or not, the Administrator does not use tools that enable automated management of this process. Customer verification is necessary to enable the Customer to use the Administrator's services. Without the Verification, it would be impossible for the Administrator to provide services, as the Administrator is obliged to determine the risk associated with the transaction concluded with the potential Customer. |
| 2. Performance of the contract, provision of services to the Customer and the effects of the concluded contract or services provided - point (1) subpoint 1, 2 and 3 of the Privacy Policy. |
The processing of the Customer's data is necessary for the performance of the contract for the provision of services and access to the Website. We believe that we have a legitimate interest to make the necessary verifications in order to detect and prevent abuse when providing services to the Customer. In our opinion, the processing of this data is beneficial for all parties involved in the process of making payments for services, and in particular for the customer, as it allows us to take appropriate measures to protect him against abuse attempts by third parties. In addition, the Administrator processes personal data regarding the services provided to you to the extent that it is necessary to keep records, to show the facts of purchases made by customers before the competent state authorities, and in particular in the performance of obligations under the Estonian Value-Added Tax Act passed 10 December 2003. |
| 3. Customer Service, Improving Products and Services and the Website, Quality Analysis - point (1) subpoint 3 Privacy Policy; Cookies Policy. |
The Administrator has a legitimate interest in handling requests and inquiries formulated by Customers through various available means of contact. In the understanding of the Administrator, the processing of this data is beneficial for the Customer due to the possibility of its proper service and the possibility of answering the questions asked by it. When the Customer contacts the Administrator, especially to manage events related to Verification or a product/service purchased through the Website, the processing of data is necessary for the performance of the contract for the provision of services. If the Customer's inquiry concerns the exercise of the rights we inform about below or a complaint about our services, what authorizes us to process the Customer's data is the requirement for the Administrator to fulfill the legal obligations incumbent on him. The Administrator has a legitimate interest to conduct a study of the Website's usability and the extent of customer satisfaction, because in his opinion the processing of this data is also beneficial for the customer. It allows to improve the customer's experience as a user and to offer him a better quality of services. In addition, in accordance with the Cookies Policy, in order to be able to offer the Customer an electronic service of the highest possible quality technically adapted to his individual preferences and to constantly improve the services offered on the Website, we collect cookies in category 1 and 2 based on the Customer's movement on the Website. Cookies are processed automatically and to the extent not covered by the Customer's express consent, it is necessary to improve the Website and to provide the Customer with the technical ability to move around the Website. The customer has the right to prevent the Administrator from collecting cookies - detailed conditions regarding the processing of cookies are included in the Cookies Policy. |
|
4. Marketing - point (1) subpoint 4 Privacy Policy; Cookies policy.
All marketing activities are carried out by the Administrator on the basis of your explicit consent with a precisely defined purpose of processing. |
The legal basis for the processing of customer data for marketing purposes is only his explicit consent expressed, for example, when you accept receiving information customized to your individual preferences via various communication channels or when you accept the legal basis for participation in a specific promotional campaign or when you accept the cookie settings of category 3 collected by the Website. The Administrator's activities in this regard are aimed at presenting the Customer with an offer to purchase the Administrator's goods or services, which suits the Customer's preferences best. |
How long does the Administrator store your personal data? ("Processing Periods")
The administrator stores personal data processed for:
What rights do you have?
The administrator stores personal data on secured servers. Only selected employees and associates indicated above have access to the data. The place and method of storing data is to ensure their full security. Customer rights related to the processing of personal data:
a. the right to withdraw consent to data processing,
b. the right to access personal data and receive a copy thereof,
c. the right to request rectification (correction) of personal data,
d. the right to request the deletion of personal data,
e. the right to request restriction of personal data processing,
f. the right to object to data processing due to a special situation that justifies stopping the procession covered by the objection,
g. the right to transfer personal data, i.e. the right to receive personal data in a structured, commonly used machine-readable IT format. The right to transfer personal data applies only to data that is processed on the basis of a contract or consent.
In order to use the above rights, the Customer should contact the Administrator. In order to be sure that the person authorized to submit the application contacts the Administrator, the Administrator may ask for additional information allowing for effective authentication and identification.
To the extent that data is processed on the basis of consent, this consent may be withdrawn at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Consent can be withdrawn by sending a statement of withdrawal of consent to the correspondence address or to our email address.
Cookies policy
|
Category |
Name |
Basis of processing |
Management |
Purpose of processing |
|
First category Withdrawal of consent to their processing will result in the inability to ensure the operation of the Administrator's Website |
Technical cookies |
Necessity of processing to perform the contract or take action at the Customer's request - art. 6 para. 1 letter b of the GDPR |
Administrator |
They are necessary for the Administrator's website to function properly. They are used to maintain the Customer's session when visiting the website and logging into the Account. They ensure proper display of the Website, adapt services from the technical side to the Customer's choices. They are used to identify the user's http session. They are common in all web applications to identify user requests during sessions. They allow identification of the user's navigation status on the Website. |
|
Second category |
Analytical cookies |
The legitimate interest of the Administrator - art. 6 para. 1 letter f of the GDPR |
Google Analytics - Third Party Administrator - in the remaining scope |
In this way, the administrator measures the movement on the website, examines the effectiveness of actions and also improves the functioning of the website, and prevents undesirable activities (e.g. bot movements, threats to users with undesirable content). As for Google Analytics - they allow to monitor the website using the Google Analytics tool, which is a service provided by Google Inc. with its seat in the United States of America, i.e. outside the EEA. They are used to obtain information about the user's access to the website, e.g. to determine the number of visits to the website by the Customer, the date of the first and last visit, duration of visits, the search engine that the Customer used to access the website or the link that was used to redirects to the site. The administrator has no influence on the content and technical content of these files, it is determined and stored by Google Inc. Therefore, the Administrator recommends reading the Google Analytics privacy page, https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage. |
|
Third category |
Marketing cookies |
Consent submitted by the User - art. 6 para. 1 letter a of the GDPR |
The Administrator and Third Parties |
The Administrator uses them to personalize advertisements displayed on the website and on external websites, taking into account the actions and preferences of the Customer on the Website, and to adapt the content of advertising messages to the preferences of Customers. |
You have the right to file a complaint to the leading supervisory authority in accordance with art. 56 of the GDPR, which is the Director General of the Estonian Data Protection Inspectorate, or in the case of processing significantly affecting persons in another Member State, the supervisory authority competent for that Member State, if in your opinion the processing of your personal data violates the provisions of the GDPR .
