Privacy Policy


INTRODUCTION

Baltic Bolt OÜ takes protection of privacy of persons and personal data very seriously.

The privacy policy includes the goals and principles of processing of personal data, the procedure for communication of personal data to third persons, and the rights of data subjects related to personal data.

Baltic Bolt OÜ processes personal data for the purpose of performance of the contract, for the purpose of performance of obligations arising from laws, based on a legitimate interest or based on consent of the data subject.

The Baltic Bolt Web Store uses the personal data entered by the buyer (including name, telephone number, address, e-mail address, bank details) only for the purpose of processing of the order or sending of the goods to the byer. The Baltic Bolt Web Store communicates personal data to the company that provides transport services for the purpose of delivery of the goods.


TERMS

Data subject– an identifiable natural person who can be identified directly or indirectly, especially by a reference to an identifier, and whose personal data is being processed.

Personal data – any information regarding an identified or identifiable natural person (data subject).

Processing – any automated or unauthorised action performed with personal data of the data subject (collection, saving, storage, change, use, communication, deletion, destruction of personal data, and provision of access to such data).

Recipient – a natural person or legal entity (for example, a service provider, supplier, IT administrator, etc.), establishment, body or other institution to which personal data is disclosed on the basis of a respective contract.

Consent – a voluntary, specific, conscious and explicit expression of will by which the data subject, by way of a statement or an action that clearly expresses consent, agrees with processing of personal data in his or her regard.

Breach related to personal data, also Breach – breach of a security requirement which causes accidental or unlawful destruction, loss, change or unauthorised disclosure of, or access to personal data that is being communicated, saved or processed in any other manner.

Responsible processor of personal data– Baltic Bolt OÜ, registry code 10090458, Forelli 6, Tallinn 10621, a legal entity that observes the principles of confidentiality and discloses personal data only in the limited extent, ensuring privacy of persons.


TYPES OF PERSONAL DATA

Baltic Bolt OÜ processes personal data of a person who disclosed his or her personal data.

Baltic Bolt OÜ processes the following personal data:

  1. personal details: name and surname, personal identification code, position of the contact person

  2. contact details: e-mail address, contact telephone, postal address

  3. Internet details: data of a visiting session, cookies, website log data and IP addresses


PRINCIPLES OF PROCESSING OF PERSONAL DATA

Lawfulness, fairness and transparency– personal data regarding the data subject is processed in accordance with the law and transparently.

Limitation of the purpose – personal data is collected for the purpose of achievement of the goals that are specifically and explicitly established and are lawful, and later such data is not processed in a way that is contrary to such goals.

Collection of the minimum amount of data possible –collected personal data is sufficient, relevant and limited to the amount that is necessary for achievement of the goal of processing.

Quality of personal data – personal data is stored in a form that is as correct and current as possible.

Limitation of storage – personal data is stored in a form that allows to identify the data subject only for as long as such identification is required for achievement of the goal of processing of such data, and not for longer than it is stipulated in the law.

Limitation of access – access to personal data is provided by the company to those employees who have a valid need to have such access in order to perform their work duties.

Transparency and confidentiality– personal data is processed in a way that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and from accidental loss, destruction or damage, using appropriate technical or organisational measures.

Security – organisational, physical and IT security measures.


GOAL OF PROCESSING OF PERSONAL DATA

Personal data can be processed only on one or a few of the following legitimate bases:

  1. On the basis of consent of the data subject

  2. Processing is required for conclusion or performance of any agreement between the data subject and the company (for example, for conclusion of customer agreements, creation of a website user account, delivery of goods to a respective person, submission of an invoice)

  3. Processing is required based on a legitimate interest (identification of authorised persons)

  4. For performance of an obligation arising from the law.


COMMUNICATION AND SHARING OF PERSONAL DATA

  1. In order to achieve the established goals Baltic Bolt OÜ can share personal data of data subjects with a third party recipient (for example, with service providers, suppliers, IT administrators, etc.), if there is a legitimate commercial need for that.

  2. Baltic Bolt OÜ can share personal data according to the applicable legal instruments with law enforcement bodies, regulatory bodies or other third person recipients, if such sharing is required by law; if it is required for protection of rights; or if there is a legitimate need for such sharing.

  3. Baltic Bolt OÜ communicates personal data only to such third persons who implement sufficient security measures for assurance of security of personal data.


RIGHTS OF DATA SUBJECTS

  1. Right of access to personal data possessed by the company. The company has the right not to disclose certain personal data to the data subject if such disclosure is forbidden by legal instruments.

  2. The right to correction, deletion or blocking of incomplete or incorrect personal data.

  3. The right to demand cessation of processing of such personal data if there is a legitimate basis for such demand.

  4. The right to submit a complaint regarding processing of personal data to the Estonian Data Protection Inspectorate.


STORAGE OF PERSONAL DATA

Baltic Bolt OÜ stores personal data in a way that allows to identify data subjects for as long as such identification is necessary for achievement of the goal, except where other requirements arise from the law.

Baltic Bolt OÜ deletes all personal data storage of which serves no legitimate goal.


USE OF COOKIES

The www.balticbolt.ee website uses cookies in order to provide a better user experience.

If the user does not agree with the use of cookies, it is possible to block cookies from being saved to the device. If cookies are not used, all services will not be available.


APPLICABLE LAW

Baltic Bolt OÜ handles personal data in accordance with the present privacy policy and with all European and domestic legal instruments that concern protection of personal data and private life.


AMENDMENT OF THE PRIVACY POLICY

Baltic Bolt OÜ reserves the right to amend the privacy policy if necessary, bringing it into compliance with laws, regulations, company practices, procedures or requirements established by data protection bodies.

All substantial amendments are published on the www.balticbolt.ee website.


RESPONSIBLE DATA PROCESSOR

Name of the company: Baltic Bolt OÜ
Address: Forelli 6, 10621, Tallinn
Telephone: +372 650 8960
E-mail: balticbolt@balticbolt.ee
Website: www.balticbolt.ee