PROCESSING PERSONAL DATA OF NATURAL PERSONS
When concluding and executing a contract (-s) and/or a transaction (-s) with you, Balti Veski AS (hereinafter – the Company or we) shall process some of your personal data. This repot (hereinafter – the Report) contains information on how we process your personal data, what we use them for, how long we store them etc. This information is important, thus we expect you to read it carefully.
Your personal data shall be processed pursuant to the General Data Protection Regulation (EU) 2016/679 (hereinafter – GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts.
DATA CONTROLLER
BALTI VESKI AS, legal entity code 10282360, registered office address: Mõisa tn. 7, Jüri, Eesti, tel.: +372 60 340 30, e-mail: info@veskimati.ee
WHAT DATA DO WE PROCESS?
We collect and process the following personal data:
- Identification data, such as the name, surname, personal identification number, date of birth, address of the place of residence, VAT code (if you are a VAT payer), telephone number, e-mail address, a copy of an activity license or certificate and / or its data, a farmer’s certificate number, a copy of an identity document and / or its details, bank account details;
- Contract, transaction conclusion and execution data, such as the object of the contract (for example, data of property, goods and/or services) and other contract conditions, invoice data, payment information, information on the performance of contractual obligations, violations of the contract, etc.;
- Creditworthiness (solvency) data, such as the credit rating determined by credit bureaus (for example, Creditinfo Eesti AS) and other information presented in reports of credit bureaus – financial liabilities, outstanding debts, payment history and business links;
- Data on third persons related to you, such as legal representatives (for example those acting under a power of attorney), your debtors, a spouse and family members (for example, if the object of the contract is property, which is jointly owned by spouses).
NOTA BENE: we do not collect special categories of personal data that reveal your racial or ethnic origin, political opinions, religious or philosophical beliefs or membership in trade unions, health data or data on your sexual life or sexual orientation.
WHAT ARE THE PURPOSES AND LEGAL BASES FOR COLLECTING AND USING YOUR PERSONAL DATA?
We collect and process your data to be able to conclude and execute a contract (-s) and/or a transaction (-s) with you, and to implement other related rights, legitimate interests and duties, including:
- to identify and contact you;
- to assess your commercial offer and the expediency of concluding a contract or a transaction with you;
- to conclude and sign a contract, to amend or terminate it;
- to assess your creditworthiness (solvency), financial risks and to manage debts;
- to control the execution of your other contractual obligations;
- to execute our contractual obligations;
- to take legal remedies, where such a necessity arises;
- to implement applicable legal requirements, for example, to handle accounting, to declare and pay taxes and to archive documents for the period of time set in legal acts.
The processing of your personal data is based on the following legal grounds:
- the processing of data is necessary in order to implement the contract, a party whereof you are, or in order to take action at your request before concluding a contract (clause b of Article 6(1) of the GDPR);
- the processing of data is necessary in order to fulfil the legal obligation imposed on the Company (clause c of Article 6(1) of the GDPR);
- the processing of data is necessary in pursuit of legitimate interests of the Company or a third party (clause f of Article 6(1) of the GDPR).
WHERE DO WE GET YOUR PERSONAL DATA FROM?
We collect and process your personal data, which you present to us, usually at the time of conclusion of a contract or a transaction, or before its conclusion.
We may also get your personal data from other sources when it is necessary for the conclusion and / or execution of a contract or for our legitimate interest:
- SE Centre of Registers;
- The Population Register;
- Credit bureaus (for example, Creditinfo Eesti AS);
- Joint debtors’ data file processors;
- Insurance companies, when we are a beneficiary;
- The central mortgage institution;
- Our or your suppliers or partners, who help us conclude and/or execute transactions and maintain relations with you.
WHO DO WE PROVIDE YOUR PERSONAL DATA TO?
We provide your personal data to the following data recipients (their categories) in compliance with legislative requirements:
- the parent company AB Baltic Mill, code 302639722, registration adddress: Stoties g. 65, Vievis, Republic of Lithuania, and its subsidiaries;
- tax administrators;
- our professional advisers and auditors;
- banks, transport organizations or other legal and / or natural persons, if our concluded mutual transactions require bank financing, cargo transportation and / or other type of service;
- notaries, if the contract concluded with you requires a notarial form;
- SE Centre of Registers, if the contract, legal facts or other information related thereto are to be registered in public registers;
- bailiffs, entities providing legal and / or debt recovery services, entities taking over the right to debt; processors of joint debtors’ data files;
- law enforcement authorities, at their request or on our initiative, if there are suspicions of a committed criminal offense, also to courts and other dispute resolution institutions;
- other third persons to the extent this is related to the sale of our business, mergers, acquisitions or the reorganization of the entire or a part of business, or in the implementation of similar changes;
- companies providing data center, hosting, cloud computing, website administration and related services, companies providing advertising, marketing, accounting, archiving, physical and/or electronic security, property management and/or other business services, companies creating, providing, supporting and developing software, companies providing information technology infrastructure services, communications services, advisory companies, also companies carrying out analysis of web browsing or online activities and providing online services.
WHERE DO WE PROCESS YOUR PERSONAL DATA?
Normally, we process and store your personal data in the territory of the European Union or the European Economic Area (EU/ EEA), however, we may also transfer your personal data outside the EU/ EEA, when this is necessary in order to implement the purposes wherefor those data were collected and managed.
We may transfer personal data outside the EU/ EEA without your consent, if at least one of the following measures has been implemented:
- The European Commission has acknowledged that the state ensures an adequate level of protection of personal data;
- The recipient of data in the United States has been certified according to the requirements of the EU-US agreement called the Privacy Shield;
- There is an agreement concluded in accordance with the standard conditions approved by the European Commission,
- Codes of conduct are complied with, or other safeguards under the General Data Protection Regulation apply.
We may also transfer your personal data without your consent, if such a transfer is necessary in the performance of the contract, a party whereof you are, or in order to take actions at your request before concluding a contract, or in other cases provided for in the GDPR.
HOW LONG WILL YOUR DATA BE STORED?
We shall store your personal data no longer than this is necessary for the purposes wherefor they were collected, or for the period of time established by laws.
WHAT ARE YOUR RIGHTS?
You shall have the following rights:
- to ask us to allow accessing your personal data;
- to ask to rectify your personal data;
- to ask to restrict the processing of your personal data;
- to ask to erase your personal data;
- to cancel your consent, if data are processed on the basis of your consent;
- to ask to transfer personal data to another data controller;
- to disagree with the processing of your personal data when they are processed on the basis of a legitimate interest, except for cases where we have compelling legitimate reasons for such processing, which are superior to your interests, or in order to file, enforce or defend legal requirements;
- to file a claim with the State Data Protection Inspectorate (for more information, refer to www.aki.ee).
HOW CAN YOU IMPLEMENT YOUR RIGHTS?
You may submit an application for the implementation of the above rights, also complaints, notices or requests (hereinafter – Request) by e-mail: info@veskimati.ee
PROCESSING PERSONAL DATA OF EMPLOYEES, REPRESENTATIVES OF LEGAL PERSONS AND OTHER PERSONS
This report explains how UAB Malsena Plius (hereinafter – the Company or we) shall process personal data of employees, representatives of its partners (hereinafter – your, yours) and other persons (hereinafter all together – data subjects), which we receive from you when negotiating contract conclusion, concluding, administering and executing contracts.
Personal data of data subjects shall be processed in accordance with the General Data Protection Regulation (EU)2016/679 (hereinafter – GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts.
Please provide the information contained in this report to all data subjects, whom this information concerns.
DATA CONTROLLER
BALTI VESKI AS, legal entity code 10282360, registered office address: Mõisa tn. 7, Jüri, Eesti, tel.: +372 60 340 30, e-mail: info@veskimati.ee
WHAT DATA DO WE PROCESS?
We collect and process the following personal data of data subjects (employees, representatives of the partner and other persons):
- Identification data, such as the name, surname, job position, telephone number, e-mail address, personal identification number (only when this datum is necessary when registering transactions in public registers).
WHAT ARE THE PURPOSES AND LEGAL BASES FOR COLLECTING AND USING PERSONAL DATA?
We collect and process the data to be able to:
- conclude and execute a contract (-s) and/or a transaction (-s), to implement other related rights, legitimate interests and duties, including: (a) to control the performance of contractual obligations of the other party to the contract; (b) to carry out our contractual obligations;
- fulfil the requirements of applicable legal acts;
- maintain relations with another party to the contract, including marketing of services and goods.
The processing of personal data is based on the following legal grounds:
- the processing of data is necessary in order to fulfil the legal obligation imposed on the Company (clause c of Article 6(1) of the GDPR);
- the processing of data is necessary in pursuit of legitimate interests of the Company or a third party (clause f of Article 6(1) of the GDPR).
WHERE DO WE GET PERSONAL DATA FROM?
We receive the above-listed personal data at the time of concluding and executing a contract from the other party to the contract.
WHO DO WE PROVIDE PERSONAL DATA TO?
We provide personal data to the following data recipients (their categories) in compliance with legislative requirements:
- the parent company AB Baltic Mill, code 302639722, registration address: Stoties g. 65, Vievis, Republic of Lithuania, and its subsidiaries;
- companies providing data center, hosting, cloud computing, website administration and related services, companies providing advertising, marketing, accounting, archiving, physical and/or electronic security, property management and/or other business services, companies creating, providing, supporting and developing software, companies providing information technology infrastructure services, communications services, advisory companies, also companies carrying out analysis of web browsing or online activities and providing online services;
- competent state authorities.
WHERE DO WE PROCESS PERSONAL DATA?
Normally, we process and store personal data of data subjects in the territory of the European Union or the European Economic Area (EU/ EEA), however, we may also transfer personal data outside the EU/ EEA, when this is necessary in order to implement the purposes wherefor those data were collected and managed.
We may transfer personal data outside the EU/ EEA without the consent of the data subject, if at least one of the following measures has been implemented:
- The European Commission has acknowledged that the state ensures an adequate level of protection of personal data;
- The recipient of data in the United States has been certified according to the requirements of the EU-US agreement called the Privacy Shield;
- There is an agreement concluded in accordance with the standard conditions approved by the European Commission,
- Codes of conduct are complied with, or other safeguards under the General Data Protection Regulation apply.
Personal data of a data subject may also be transferred outside the EU/ EEA without his/ her consent on other grounds provided for in the GDPR.
HOW LONG DO WE STORE PERSONAL DATA?
We shall store personal data of data subjects no longer than this is necessary for the purposes wherefor they were collected, or for the period of time established by laws.
WHAT ARE THE RIGHTS OF DATA SUBJECTS?
Data subjects shall have the following rights:
- to ask us to allow accessing their personal data;
- to ask to rectify their personal data;
- to ask to restrict the processing of their personal data;
- to ask to erase their personal data;
- to cancel their consent, if data are processed on the basis of their consent;
- to ask to transfer their personal data to another data controller;
- to disagree with the processing of their personal data when they are processed on the basis of a legitimate interest, except for cases where we have compelling legitimate reasons for such processing, which are superior to their interests, or in order to file, enforce or defend legal requirements;
- to file a claim with the State Data Protection Inspectorate (for more information, refer to www.aki.ee).
HOW CAN THESE RIGHTS BE IMPLEMENTED?
An application for the implementation of the above rights, also complaints, notices or requests (hereinafter – Request) may be submitted to us by e-mail: info@veskimati.ee
USE OF COOKIES
What are cookies?
A cookie is a small text file, which a website writes in the browser of your computer or a mobile device when you visit a website. The cookie allows the website to “remember” your actions and selections (such as your registration name, language, font size and other display options) for some time, so that you do not have to re-enter them each time you visit the website or browse its various pages.
What do we use cookies for?
The information which cookies collect allows us to provide you with the opportunity to browse more conveniently and to learn more about the behavior of website users, to analyze the trends and to improve the website.
We use the following cookies on the Company’s website:
Local cookies
Provider | Name | Purpose of use | Type | Expires after |
Google Analytics | _ga | The cookie is used to determine the popularity of the website or its parts, to measure traffic and behavior of visitors, and to better understand the website usage trends. | Analytics | 2 years, or a session, 1 day |
Google Analytics | _gid | The cookie is used to determine the popularity of the website or its parts, to measure traffic and behavior of visitors, and to better understand the website usage trends. | Analytics | 24 hours |
Google Analytics | _gat | Used to throttle request rate. | Analytics | 1 minute |
Third party cookies:
Provider | Name | Purpose of use | Type | Expires after |
1P_JAR/DV/NID | The NID cookie contains a unique ID Google uses to remember your preferences and other information, such as your preferred language (e.g. English), how many search results you wish to have shown per page (e.g. 10 or 20), and whether or not you wish to have Google’s SafeSearch filter turned on. | Analytics | 6 monts, or a session, 1 day |
How cookie settings are to be changed?
Choosing the cookies to be accepted or discarding certain cookies is possible at any time by changing browser settings. If you do not want cookies saved on your computer or another device, you can choose to receive a notification in your browser settings before saving any cookie. You can also set the browser to reject all or some cookies at once. You can also remove cookies that have already been saved on your computer or another device. Please note that in this case, you will need to separately select the settings for each browser and device you use.
Each browser has a different method for applying settings. If necessary, use the Browser Help feature to properly select your settings.
For more information refer to: www.allaboutcookies.org.
Our contact details
BALTI VESKI AS, legal entity code 10282360, registered office address: Mõisa tn. 7, Jüri, Eesti, tel.: +372 60 340 30, e-mail: info@veskimati.ee