DATA PROTECTION TERMS
Welcome to the website https://silenrent.com/
We always have a legal basis for personal data processing, meaning that we process personal data lawfully.
We have clearly defined purposes for personal data processing and process personal data only for those purposes.
We follow the principle of minimal processing, meaning that we process only relevant and necessary personal data.
We demand and expect careful processing of personal data from our contracting partners, avoiding unauthorized disclosure or inappropriate use of personal data, and processing personal data honestly and lawfully.
We do our best to protect personal data. We implement various measures (physical, technical, organizational) to protect personal data.
We only transfer personal data to those persons who have a legal right to receive it (government agencies, supervisory authorities) or with whom we have signed a data processing agreement (our authorized processors).
We retain personal data only for as long as required by law or contract or necessary for our business operations. When the retention period ends, we permanently delete personal data.
Personal data and processing of personal data
We offer you a quiet room for meeting and concentration, which is comfortable, private, and quiet (the “Quiet Room”). Renting out the Quiet Room is our service (the “Service”).
Since our Service clients are mostly legal entities, we process personal data primarily as an authorized processor in our daily economic activities, but also as a data controller in certain cases.
As a data controller, we obtain personal data directly from the data subject (“You”) when you visit our website or contact us through the website. As a data controller, we determine the purposes and means of processing personal data, as well as the conditions.
As an authorized processor, we receive personal data from our legal entity clients, primarily businesses that order the Service (rental of the Quiet Room) from us.
When processing personal data as an authorized processor, we do so in accordance with written instructions from the data controller and, if a data processing agreement has been concluded, according to the terms of the agreement.
When you contact us, we process the following personal data:
- personal data, such as first name, last name;
- contact information, such as email address, phone number, country;
- data collected through “cookies.”
As an authorized processor, we process the personal data of our client’s representative, contact information, and, among other things, the following personal data:
- personal data, such as first name, last name;
- contact information, such as address, phone number, email address, preferred language;
- invoice data, such as data regarding the use of the Service.
Purposes of processing personal data
- We process personal data for the following purposes:
- In connection with the provision of the Service and preparation for providing the Service (i.e., to fulfill the contract, conduct pre-contractual negotiations).
- To exercise our rights and fulfill our obligations under applicable laws (e.g., to fulfill accounting obligations).
- To process your requests and inquiries.
- For analysis of the use of our Service and the use of research and analysis results, including Service development.
- For sending newsletters, marketing, and the development and promotion of our products and services. For this purpose, we only process your contact information.
- To send you notifications.
Legal bases for processing personal data
We process personal data in accordance with the requirements of applicable laws in Estonia.
The legal bases for processing personal data are primarily the performance of the customer agreement concluded (as stated in the Data Protection Terms, sections 3(1) and 3(3)), as well as the fulfillment of legal obligations (as stated in the Data Protection Terms, section 3(2)), your consent (as stated in the Data Protection Terms, section 3(3)), and our legitimate interests (as stated in the Data Protection Terms, section 3(4)).
Values and general principles we follow in processing personal data
We always have a legal basis for processing personal data, meaning that we process personal data lawfully.
We have defined clear purposes for processing personal data, and we only process personal data for those purposes.
We adhere to the principle of minimization in processing personal data, meaning that we only process relevant and necessary personal data.
We make efforts to protect personal data by implementing various measures (physical, technical, organizational) for data protection.
We only disclose personal data to individuals who have a lawful right to access such data (e.g., authorities, supervisory bodies) or with whom we have concluded a data processing agreement (our authorized processors).
We retain personal data only for as long as required by applicable laws or the contract, or as necessary for our business operations. Once the retention period ends, we permanently delete the personal data.
We process personal data through cookies on the website based on your consent, which we request from you during your first visit to the website, except for cookies necessary for the functioning of the website. You cannot refuse the use of these necessary cookies.
As a website user, you have the option to either give consent to the use of all cookies used by us or give consent on a per-cookie basis.
We use functional, statistical, and advertising cookies, some of which are third-party cookies.
- Personalizing the user experience and providing customized content.
- Tracking website usage to better understand how you interact with our offerings.
- Remembering you when you return to the website.
- Conducting research to improve our website content and services.
- We use cookiebot.com to inform you about cookies and store your cookie preferences. We may also use a third-party analytics partner who may use software technologies to help us better manage our website content by informing us about the effectiveness of the content. We use this knowledge to optimize our website and provide you with the best possible experience. We use Google systems, including Google Analytics.
If you prefer that your personal data is not processed on our website, you can activate the private browsing feature in your web browser. This is your choice.
Rights related to personal data:
- Right to access your personal data: You have the right to know what personal data we retain, how we process it, including the purpose of processing, recipients of personal data, information about automated decision-making, and the right to receive copies of your personal data.
- Right to rectification of personal data: You have the right to request the correction of incomplete, inaccurate, or incorrect personal data.
- Right to withdraw consent for personal data processing: You have the right to withdraw your consent for the processing of your personal data at any time. Please note that withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.
- Right to erasure of personal data (“right to be forgotten”): You have the right to request the deletion of your personal data (e.g., when you withdraw consent for the processing of personal data or when the personal data is no longer necessary for the purpose for which it was collected). We have the right to refuse the deletion of personal data if the processing is necessary for compliance with a legal obligation, the exercise of the right to freedom of expression and information, the establishment, exercise, or defense of legal claims, or for reasons of public interest.
- Right to restriction of processing: You have the right to restrict or prohibit the processing of your personal data for certain periods under certain circumstances (e.g., when you have objected to the processing of personal data).
- Right to object: You have the right to object to the processing of your personal data if the processing is based on legitimate interests or public interests. You can object to the processing of personal data for direct marketing purposes at any time, and we will respond promptly.
- Right to data portability: If your personal data processing is based on consent and the personal data is processed automatically, you have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit this data to another controller. You also have the right to request that we transmit the personal data directly to another controller if technically feasible.
- Automated decision-making (including profiling): If we have informed you that we make decisions based solely on automated processing (including profiling) that significantly affects you, you have the right to request that the decision not be based solely on automated processing.
- Right to lodge a complaint: You have the right to lodge a complaint with the Data Protection Inspectorate (aki.ee) regarding the processing of personal data by us.
If you wish to exercise any of the aforementioned rights or have questions about data protection, please send us a relevant request to the email address email@example.com. We will respond to your request by email within one month. Please note that before providing you with the requested information regarding your personal data, we must verify your identity.
Personal Data Disclosure
Your personal data is confidential. We only disclose personal data if required by a specific legal obligation. We disclose personal data to our authorized processors only after having concluded a written data processing agreement.
Generally, the processing of personal data takes place within the European Economic Area (including EU countries, Norway, Iceland, and Liechtenstein). If it is necessary for us to transfer personal data outside the European Economic Area, the transfer will be carried out in accordance with the requirements of the General Data Protection Regulation.
We use a service provider (Mailchimp.com) with whom we share the necessary personal data, such as email addresses, for sending emails. This service provider is located in the United States. The transfer of personal data to them is carried out in accordance with the General Data Protection Regulation.
Personal Data Retention
We retain personal data for as long as it is mandatory or permitted by applicable laws or necessary to achieve the specified purposes.
Personal data related to disputes is retained until the expiration of the claims.
After the expiration of the retention period, we permanently delete the personal data.
What to Do in Case of Personal Data Breach?
Please inform us immediately of any known personal data breaches or risks of breach at the following address: firstname.lastname@example.org. We take the matter of personal data security seriously and will respond promptly to any potential breach.
© 2023 Silen email@example.com