Dynabrac

Authorized processors of personal data

This document is the privacy policy of DynaBrac OÜ, which sets out the ways in which DynaBrac OÜ processes the personal data of customers and other data subjects in its possession.

Processing for the purposes of this Privacy Policy means any activity or activities carried out with personal data or collections of personal data, whether automatically or by other means, such as collecting, storing, organizing, disaggregating, storing, adapting or modifying, extracting, consulting, using, transmitting or disseminating or otherwise making available, combining or combining, restricting, deleting or destroying; any activity involving personal data.

For the purposes of this Privacy Policy, personal data is any information relating to a data subject that can be used, directly or indirectly, to identify an individual, such as a name, e-mail address or contact address.

Customer satisfaction is the highest priority of DynaBrac OÜ. In order to ensure better customer service and to fulfill all contractual relations and legal obligations, DynaBrac OÜ processes the personal data of its customers in accordance with the principles set out in this Privacy Policy and applicable law. Proper processing of personal data ensures DynaBrac OÜ’s accurate and fast customer service and is therefore intended to serve the best interests of DynaBrac OÜ’s customers.

This privacy policy does not affect or protect the processing of anonymous data or data of legal entities.

1. PROCESSOR OF PERSONAL DATA, AUTHORIZED PROCESSORS AND DATA PROTECTION OFFICER

Controller of personal data

Name of the chief processor: DynaBrac OÜ

Company registration code: 14149415

Address: Tähe 127d, Tartu 50113, Estonia

Contacts: phone +372 59196160, echtel.valk@dynabrac.ee

The “controller” of personal data is the legal person who determines the purposes and means of the processing of personal data.

Authorized processors of personal data

The authorized processors of DynaBrac OÜ’s data are third parties to whom we need to transfer personal data in order to provide customers with better services and products. The authorized processors of personal data collected by DynaBrac OÜ are:

  • our partners who process personal data for the purposes we set out, in accordance with the instructions we receive from us;
  • law enforcement authorities to fulfill any legal obligations.

2. PRINCIPLES FOR THE PROCESSING OF PERSONAL DATA

DynaBrac OÜ processes your personal data in accordance with the principles set out in this privacy policy.

Transparency

DynaBrac OÜ processes your personal data in a fair and transparent manner and only if we are permitted by law to process your personal data.

Purpose limitation

DynaBrac OÜ collects your personal data for precisely and clearly defined and legitimate purposes. We do not process your personal information in a way that is incompatible with its original purpose. If your personal information is processed for a purpose other than the original purpose, we will rely on legal bases (such as inquiries from courts or law enforcement agencies) or ask for your permission to process your personal information for a purpose other than the purpose for which you originally provided us.

Collecting as little data as possible

DynaBrac OÜ does its best to ensure that the personal data processed by DynaBrac OÜ are sufficient, relevant and limited to what is necessary for the purposes of data processing. We do not process redundant information about you.

Correctness

Our goal at DynaBrac OÜ is to ensure that your personal information is correct and, if necessary, up-to-date. DynaBrac OÜ makes every reasonable effort to ensure that incorrect personal data is deleted or corrected immediately. If the personal data is incorrect, DynaBrac OÜ will give you the opportunity to correct and / or delete the data. To do so, write to echtel.valk@dynabrac.ee.

Storage restriction

DynaBrac OÜ stores your personal data in a form that allows the identification of data subjects only as long as it is necessary to fulfill the purposes of personal data processing.

Reliability and confidentiality

DynaBrac OÜ processes your personal data in a way that ensures proper security, including protection against unauthorized or illegal processing. DynaBrac OÜ makes all reasonable efforts to prevent data loss, destruction or damage. DynaBrac OÜ uses technical and organizational measures to increase security when processing personal data. Our employees are bound by confidentiality and we make every effort to ensure that your personal information is protected in our hands. The employees of DynaBrac OÜ may view and use your personal data only if they have permission to do so and only in accordance with this privacy policy.

DynaBrac OÜ does not usually process special categories of personal data (sensitive data such as personal data revealing racial or ethnic origin, political views, religious or philosophical beliefs, health-related data).

Integrated and default data protection

When developing, designing, selecting and using applications, services and products based on the processing of personal data or processing personal data, DynaBrac OÜ respects the data subject’s right to the protection of personal data.

3. RIGHTS OF THE DATA SUBJECT

Respect for the rights of the data subject is important for DynaBrac OÜ and therefore special attention is paid to it. DynaBrac OÜ will respond to the data subject’s request for personal data only if the data subject has been able to prove his or her identity. This means that if you have any doubts while processing your request, DynaBrac OÜ may ask you to provide additional information in order to identify the data subject. We do this to be sure of the identity of the data subject and to ensure that we provide the right information to the right person. If the purposes for which DynaBrac OÜ processes personal data do not or no longer require the identification of the data subject, DynaBrac OÜ is not obliged to store, collect or process additional information for the identification of the data subject. At the request of the data subject and if possible, DynaBrac OÜ shall duly notify the data subject of the respective processing.

Right to rectification

All data subjects who notice that their personal data is out of date, incorrect or in need of correction may contact DynaBrac OÜ to correct or correct the data. You can also request that your incomplete personal information be updated. DynaBrac OÜ ensures that personal data is corrected as soon as possible. You can contact us by writing to  echtel.valk@dynabrac.ee.

Right to delete

(“Right to be forgotten”) – this right allows data subjects to request the deletion of their personal data if one of the following grounds applies:

  • personal data are no longer necessary for the purposes for which they were collected or processed;
  • the data subject withdraws the consent;
  • the data subject refuses the processing and there is no overriding legitimate interest in the processing;
  • personal data have been processed illegally;
  • personal data must be deleted in order to fulfill a legal obligation or because personal data were processed in connection with the provision of information society services (eg applications) to the child.

The right to delete is not an absolute right and therefore your request to delete personal data does not necessarily mean that all your personal data will be deleted upon receipt of the request. Sometimes we have a legal obligation to retain some information, in which case we may not be able to process your request. The same can happen when we need to retain such data in order to fulfill or protect legal requirements.

Right to restrict processing

When exercising this right, data subjects may “block” or prohibit the processing of personal data by DynaBrac OÜ. As a result, DynaBrac OÜ may only be allowed to store existing personal data, but not to further process it. At your request, DynaBrac OÜ will restrict the processing of your personal data to verify the accuracy of your personal data or until you dispute the accuracy of your personal data. DynaBrac OÜ may also be obliged to restrict the processing of personal data, for example if it is no longer necessary for DynaBrac OÜ, but you need the data in order to submit, execute or protect a legal claim.

Right to data transfer

You may exercise the right to receive personal data about you that you have submitted to DynaBrac OÜ in a structured, distributed and machine-readable form. When exercising this right, you may exercise the right to have your personal data transferred directly from one administrator to another, where technically possible.

Right to object

You have the right at any time to object to the processing of personal data relating to you, including profiling, on grounds specific to your situation. In such case, DynaBrac OÜ shall terminate the processing of personal data, unless DynaBrac OÜ has good justified reasons for processing personal data.

  • If DynaBrac OÜ processes personal data for the purposes of direct marketing, the data subject has the right to object at any time to the processing of personal data related to him or her in connection with such marketing, which includes profiling at any time and free of charge.
  • If the data subject objects to the processing of personal data for the purposes of direct marketing, DynaBrac OÜ will no longer process the personal data for such purposes. In this case, DynaBrac OÜ will stop processing your personal data for marketing purposes, but may not stop processing them for other lawful purposes.

Right to lodge a complaint with the supervisory authority

All data subjects have the right to lodge a complaint with the Data Protection Supervisor if the data subject finds that the processing of personal data relating to him or her violates and does not comply with the provisions of data protection laws and general data protection rules. In Estonia, the Data Protection Inspectorate is the state supervisor.

Right to withdraw consent

If the processing of personal data is based on consent, the data subject has the right to withdraw his or her consent at any time. Withdrawal of consent shall not affect the lawfulness of the processing carried out before the withdrawal of consent. The data subject shall be informed before consent is given. DynaBrac OÜ terminates the processing of personal data if the only basis for processing is consent. If there are other legal basis (s) for the processing of personal data (eg contract, legitimate interest), the processing may continue on another appropriate legal basis.

4. PURPOSES OF THE PROCESSING OF PERSONAL DATA

DynaBrac OÜ processes personal data for several different purposes. DynaBrac OÜ processes personal data for various purposes, which include the following:

  • data analysis for marketing purposes;
  • billing and appropriate correspondence with customers;
  • legal objectives and legal obligations
  • receiving and handling feedback from customers;

5. CATEGORIES OF PERSONAL DATA TO BE PROCESSED

The data processed by DynaBrac OÜ include the data subject:

  • name and surname;
  • date of birth;
  • nationality and gender;
  • address, telephone number, e-mail address and other contact details
  • other data that data subjects have voluntarily disclosed to DynaBrac OÜ.

6. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

DynaBrac OÜ processes personal data on various legal bases, which are listed below.

Consent

DynaBrac OÜ may process your personal data with your consent.

Agreement

DynaBrac OÜ may process personal data if the processing is necessary for the performance of the contract. For example, DynaBrac OÜ processes your personal data for billing purposes in order to fulfill the contract concluded with you and to deliver the goods you have ordered.

Legal obligation

DynaBrac OÜ may process personal data if the processing is necessary to fulfill a legal obligation.

7. SAFEGUARD MEASURES

DynaBrac OÜ keeps all personal data disclosed to it strictly confidential and protects the personal data of customers and employees from illegal access by third parties by implementing effective IT security measures.

DynaBrac OÜ uses safeguards that take into account the nature, scope, context and purposes of the processing of personal data and the threat to the rights and freedoms of individuals. These measures include, but are not limited to, appropriate IT, technical and organizational data protection measures, pseudonymisation and anonymisation. Such measures shall be taken to ensure that personal data are not made available by default to an unlimited number of persons unless they so request and to ensure the general protection of personal data.

8. IMPLEMENTING PROVISION

DynaBrac OÜ reserves the right to make changes to this privacy policy, taking into account potential changes in legislation, case law and developments in technology related to technology that ensures a high level of personal data protection. Therefore, this Privacy Policy will be reviewed regularly and amended as necessary. Changes to the privacy policy will be published on the website of DynaBrac OÜ. If the changes are significant, we will also use other means to notify you of the changes (for example, we may send you an email notifying you of the implementation of the new Privacy Policy). We also retain previous versions of this Privacy Policy.