On this page you will find general information about Bestcoders OÜ’s data protection policies as well as data protection and privacy notice in accordance with the EU’s general data protection regulation (GDPR, 679/2016).
Bestcoders OÜ is a company producing IT and support services. Our solid know-how and the long experience of our staff lead to high-quality and secure solutions in which a person’s data protection is taken into account responsibly as required by law and regulations.
Bestcoders OÜ constantly strives to improve the level of Data security and data protection management and to prevent threats to it. We do this together with all our staff and all our stakeholders.
Bestcoders OÜ monitors standards, legislation and regulations related to data security and data protection and takes measures required by these changes if necessary.
The key objectives of our security policy are:
Business Registry code: 14835613
Narva mnt 7B
10117 Tallinn, Eesti
We record personal data at different registries. The safeguards, processing and data subject rights apply to all data collected by us.
We collect personal data in various registries for different purposes:
We regularly update this privacy notice, so please check it every now and then.
The legal basis for the processing of personal data is the legitimate interest of the controller, and, concerning recruitment, the consent of the data subject.
In the case of cookies, the processing is based on the user’s consent or, in the case of cookies necessary for the operation of the site, a legitimate interest. The user can manage their cookie settings on the website.
Personal data is used to market the controller’s services and events, as well as to communicate with potential and current customers and partners, and to maintain customer and partnership relationships.
Necessary cookies are used to ensure the operation of the site. Other cookies are used to develop the controller’s services and website.
As concerns the personal data collected for or during the provision of service to our customers, the basis for processing is fulfilment of contractual obligations and such data is used as deemed necessary in the provision of service, such as reporting and correspondence with customer.
Personal data is also subject to analytics use and development of our marketing and services.
The registry may contain the following Data:
In addition, the registry may collect Data on the data subject’s participation and registration for events organized by the controller.
Our general customer registry contains the data of contractual and technical liaison personnel.
The Data contained in the registry is collected through a customer or partnership relationship, through the website’s contact form, and from registrations and participation in events.
Cookies are stored when you use the website.
In addition, Data may be collected from the registries or public sources of other controllers providing search or similar services.
The contents of the registry will not, in principle, be disclosed or transferred outside the EU and the European Economic Area and is by default stored in servers and data storages that are located in European Economic Area.
Data is disclosed to our partners, such as:
Least possible amount of data is always disclosed.
Data contained in our registries is not by default transferred outside the European Economic Area. Servers and data storages we utilize are located in the European Economic Area. However, service providers we use may be from third countries and such providers or governmental authorities may have access to data due to administrative structure or statutory demand.
When data is transferred outside the European Economic Area we comply with European Commission standard contractual clauses and additional safeguards to protect the data.
However, Data may be disclosed to authorities, for example, on the basis of a legal requirement.
The registry exists only in electronic form in the company’s high-security cloud service and is protected by appropriate administrative and technical security measures.
Access to the registry is only possible with an encrypted connection and a personal username and password. The use of the registry is confidential and its access is limited to persons belonging to the controller’s own staff whose duties require access to the register. The staff of the controller has a duty of confidentiality and has received appropriate training in data security and data protection.
The Data collected in the registry shall be kept only for as long and to the extent necessary in relation to its purpose. The Data content of the register, the legal basis for use and the need for processing shall be assessed at least every three (3) years.
a) The right of access to personal data
The data subject has the right to receive confirmation as to whether personal data concerning him or her are being processed and, if so, the right to receive a copy of his or her personal data.
b) Right to rectification of data
The data subject has the right to request that incorrect or inaccurate personal data concerning him or her be corrected or supplemented.
c) Right to delete data
The data subject has the right to request the deletion of personal data concerning him or her if: – the personal data are no longer needed for their original purpose – the personal data have been processed unlawfully
d) Right to restrict processing
The data subject has the right to restrict the processing of personal data concerning him if: – the data subject denies the accuracy of the data – the processing is unlawful and to defend
e) Right to object
The data subject shall have the right to object to the processing of his data on the basis of his personal situation if the controller cannot demonstrate that there is a substantial and justified reason for the processing which overrides the data subject’s interests, rights and freedoms.
f) The right to transfer data from one system to another
The data subject shall have the right to obtain his or her registry data in a commonly used and machine-readable form and to transfer such data to another controller.
g) Right of appeal to the supervisory authority
The data subject has the right to lodge a complaint with the national supervisory authority, which is the Estonian Data Protection Inspectorate , if the data subject considers that the processing of personal data concerning him or her has infringed the relevant legislation.
Supervisory authority contact:
Estonian Data Protection Inspectorate
39 Tatari St., 10134 Tallinn
telephone (from abroad add +372) 627 4135
FOR MORE INFORMATION
All requests for information and other contacts must be forwarded to the person responsible for the registry at the access point mentioned in point
Last updated: 22.02.2022.
Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is
stored in your web browser and allows the service or a third-party to recognize you and make your
next visit easier and the service more useful to you.
We use ”session” cookies on our website which means that after accepting the cookies, the data is collected only from the time you spend on our website and on the next visit you can again decide whether you want to accept the cookies or not.
the help pages of your web browser.
Please note that if you delete cookies or refuse to accept them, you might not be able to
use all of the features we offer, you may not be able to store your preferences, and some of our
pages might not display properly.