General Principles of Personal Data Protection and Processing

Personal data is data enabling the identification of a natural person, which Service processes in accordance with the General Data Protection Regulation (EU) № 2016/679 of the European Parliament and of the Council for the purpose of concluding and executing agreements and/or resolving issues/disputes/problems according to the following principles.

  • Service retains personal data in a form that allows identification only for as long as it is necessary to fulfill the purpose for which the personal data is processed, to protect Service ’s rights or as required by law.
  • Service implements information technology and other necessary security measures to ensure the protection of personal data, including confidentiality, and to monitor the proper processing of personal data.
  • Service has established internal guidelines and rules of procedure on how to ensure the security and confidentiality of personal data.
  • Service employees are aware of the principles of personal data protection and undertake to follow them, being responsible for breaches of obligations.
  • Service does not disclose personal data to other persons that has become known upon resolving issues/disputes/problems related to the provision of legal/consulting services, unless the obligation to issue data arises from law, Service has a legitimate interest in doing so or if the person has given their consent.
  • Service cooperates with persons to whom Service may transmit, request, and receive data, including personal data, within the framework and for the purpose of cooperation. Such persons may include mobile operators, debt collection service providers, payment default registries, IT-partners, agencies and organisations that mediate or provide settlement services, postal services or other services and products.
  • Service records and preserves the messages and orders given by means of communication (e-mail, telephone, etc.), as well as other actions taken by the person until necessary to collect them and, if necessary, use these records to prove orders or other actions.
  • Service may collect data about visitors to the Service website using cookies and process this data for statistical and authentication purposes. A description of the cookie technology used by Service can be found here.
  • To the extent regulated by the General Data Protection Regulation, a person has the right to request access to their personal data and to request the correction, deletion, transfer of personal data and objections to the processing of personal data, and also file a complaint with Service , the Data Protection Inspectorate or a court.
  • In the event of a question, request or complaint related to the processing of personal data, the data subject has the right to contact Service ’s contacts or directly to the Data Protection Officer via e-mail address estonia@cie.ee