PRIVACY NOTICE

Updated 14.2.2022

On this page you will find general information about Bestcoders OÜ’s data protection policies as well as data protection and privacy notice in accordance with the EU’s general data protection regulation (GDPR, 679/2016).

GENERAL

Bestcoders OÜ is a company producing IT and support services. Our solid know-how and the long experience of our staff lead to high-quality and secure solutions in which a person’s data protection is taken into account responsibly as required by law and regulations.

Bestcoders OÜ constantly strives to improve the level of Data security and data protection management and to prevent threats to it. We do this together with all our staff and all our stakeholders.

Bestcoders OÜ monitors standards, legislation and regulations related to data security and data protection and takes measures required by these changes if necessary.

The key objectives of our security policy are:

  • Uninterrupted and secure operation of Data systems that support the company’s operations
  • Uninterrupted and secure operation of the company’s services to customers
  • Prevention of destruction and unauthorized alteration of data content
  • Preventing intrusion into and unauthorized use of information systems
  • Ensuring personal data protection and rights
  • Ensuring business continuity in exceptional circumstances through continuity planning and contingency arrangements
  • Our personnel are required to participate in relevant training and commit to complying with the information security policy and guidelines.

DATA PROTECTION POLICY

1. THE CONTROLLER

Bestcoders OÜ
Business Registry code: 14835613
Narva mnt 7B
10117 Tallinn, Eesti

2. CONTACT IN DATA PROTECTION MATTERS

Birgitt Lamberg
Office manager
support@bestcoders.ee

3. REGISTRIES CONCERNED

We record personal data at different registries. The safeguards, processing and data subject rights apply to all data collected by us.

We collect personal data in various registries for different purposes:

  • marketing registry (purposes: development of business, communications, website analytics and data collection, cookies)
  • recruitment registry (purposes: processing applications, recruitment, business development)
  • registry of customer contacts (provision of services)

We regularly update this privacy notice, so please check it every now and then.

4. LEGAL BASIS AND PURPOSE OF THE PROCESSING OF PERSONAL DATA

The legal basis for the processing of personal data is the legitimate interest of the controller, and, concerning recruitment, the consent of the data subject.

In the case of cookies, the processing is based on the user’s consent or, in the case of cookies necessary for the operation of the site, a legitimate interest. The user can manage their cookie settings on the website.

Personal data is used to market the controller’s services and events, as well as to communicate with potential and current customers and partners, and to maintain customer and partnership relationships.

Necessary cookies are used to ensure the operation of the site. Other cookies are used to develop the controller’s services and website.

As concerns the personal data collected for or during the provision of service to our customers, the basis for processing is fulfilment of contractual obligations and such data is used as deemed necessary in the provision of service, such as reporting and correspondence with customer.

Personal data is also subject to analytics use and development of our marketing and services.

5. DATA CONTENT OF THE REGISTER

The registry may contain the following Data:

  • First and last name
  • Title/position
  • Employer and employer contact Data
  • email address
  • telephone number
  • cookies, analytics data

In addition, the registry may collect Data on the data subject’s participation and registration for events organized by the controller.

Our general customer registry contains the data of contractual and technical liaison personnel.

6. REGULAR SOURCES OF DATA

The Data contained in the registry is collected through a customer or partnership relationship, through the website’s contact form, and from registrations and participation in events.

Cookies are stored when you use the website.

In addition, Data may be collected from the registries or public sources of other controllers providing search or similar services.

7. DISCLOSURE OF THE CONTENTS OF THE REGISTER

The contents of the registry will not, in principle, be disclosed or transferred outside the EU and the European Economic Area and is by default stored in servers and data storages that are located in European Economic Area.

Data is disclosed to our partners, such as:

  • Business development partners, marketing partners
  • IT infrastructure providers such as cloud service providers (eg. Microsoft, Amazon) or different software providers (eg. CRM-software)
  • Communication solution providers

Least possible amount of data is always disclosed.

Data contained in our registries is not by default transferred outside the European Economic Area. Servers and data storages we utilize are located in the European Economic Area. However, service providers we use may be from third countries and such providers or governmental authorities may have access to data due to administrative structure or statutory demand.

When data is transferred outside the European Economic Area we comply with European Commission standard contractual clauses and additional safeguards to protect the data.

However, Data may be disclosed to authorities, for example, on the basis of a legal requirement.

8. PROTECTION OF THE REGISTER

The registry exists only in electronic form in the company’s high-security cloud service and is protected by appropriate administrative and technical security measures.

Access to the registry is only possible with an encrypted connection and a personal username and password. The use of the registry is confidential and its access is limited to persons belonging to the controller’s own staff whose duties require access to the register. The staff of the controller has a duty of confidentiality and has received appropriate training in data security and data protection.

9. DATA RETENTION PERIOD

The Data collected in the registry shall be kept only for as long and to the extent necessary in relation to its purpose. The Data content of the register, the legal basis for use and the need for processing shall be assessed at least every three (3) years.

10. RIGHTS OF THE DATA SUBJECT

a) The right of access to personal data

The data subject has the right to receive confirmation as to whether personal data concerning him or her are being processed and, if so, the right to receive a copy of his or her personal data.

b) Right to rectification of data

The data subject has the right to request that incorrect or inaccurate personal data concerning him or her be corrected or supplemented.

c) Right to delete data

The data subject has the right to request the deletion of personal data concerning him or her if: – the personal data are no longer needed for their original purpose – the personal data have been processed unlawfully

d) Right to restrict processing

The data subject has the right to restrict the processing of personal data concerning him if: – the data subject denies the accuracy of the data – the processing is unlawful and to defend

e) Right to object

The data subject shall have the right to object to the processing of his data on the basis of his personal situation if the controller cannot demonstrate that there is a substantial and justified reason for the processing which overrides the data subject’s interests, rights and freedoms.

f) The right to transfer data from one system to another

The data subject shall have the right to obtain his or her registry data in a commonly used and machine-readable form and to transfer such data to another controller.

g) Right of appeal to the supervisory authority

The data subject has the right to lodge a complaint with the national supervisory authority, which is the Estonian Data Protection Inspectorate , if the data subject considers that the processing of personal data concerning him or her has infringed the relevant legislation.

Supervisory authority contact:

Estonian Data Protection Inspectorate 

39 Tatari St., 10134 Tallinn
telephone (from abroad add +372) 627 4135
e-mail info[a]aki.ee

FOR MORE INFORMATION

All requests for information and other contacts must be forwarded to the person responsible for the registry at the access point mentioned in point

COOKIE POLICY

Last updated: 22.02.2022.

We use cookies on our website (Codemen.ee). By using the service, you consent to the use of cookies. Here you can find information on what are cookies, how we use cookies on our website, how third-parties who we partner with may use cookies on our website and what are your choices regarding cookies.

WHAT ARE COOKIES:

Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is
stored in your web browser and allows the service or a third­-party to recognize you and make your
next visit easier and the service more useful to you.

HOW WE USE COOKIES:

We use ”session” cookies on our website which means that after accepting the cookies, the data is collected only from the time you spend on our website and on the next visit you can again decide whether you want to accept the cookies or not.

Our company uses cookies in order to analyze the behavior of our customers and therefore, to improve our service. This is done by using a third-party web analytics service from Google Inc. Further information below.

HOW THIRD-PARTIES USE COOKIES:

Our website uses Google Analytics, a web analytics service provided by Google, Inc. (”Google”). The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. Further information about Google’s privacy policy may be obtained from http://www.google.com/privacy.html.

HOW THIRD-PARTIES USE COOKIES:

If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit
the help pages of your web browser.

Please note that if you delete cookies or refuse to accept them, you might not be able to
use all of the features we offer, you may not be able to store your preferences, and some of our
pages might not display properly.