Terms and conditions of privacy and data processing

  1. These terms and conditions of privacy and data processing (hereinafter the Privacy Terms) regulate the relationship between Almic OÜ (hereinafter ALMIC) and the users with regard to the personal data of the users and its processing.
  2. ALMIC collects and processes the personal data of its users for specified, explicit and legitimate purposes based on the rights and interests of the users. ALMIC endeavours to ensure the correctness, sufficiency and relevance of the collected personal data pursuant to the objective of providing the best service to the users of ALMIC. ALMIC also processes personal data to fulfil requirements stemming from legislation and legal acts.
  3. ALMIC collects data in several ways. Firstly, ALMIC collects information provided by the user. Information is mainly provided upon registration of a user account and its later amendment, but also upon submitting orders and registering a domain. ALMIC also collects information related to the use of services. With this, information regarding which services the user uses and how and what the user’s most recent preferences have been is collected. Information collected while a used is logged in to their user account is linked to the user account. Upon collection and processing of personal data, ALMIC limits their actions to the minimum data required to reach the objectives of personal data processing.
  4. ALMIC does not process special personal data.
  5. ALMIC allows access to the user’s personal data only to their employees who have undergone relevant training, and representatives of the Estonian Internet Foundation. These persons are only entitled to process personal data to the extent necessary to reach the objectives of personal data processing.
  6. ALMIC uses the information collected about a user to provide, manage, protect and update the services and develop new services. In addition, ALMIC uses the information to identify spam and malware and offer customised content to the user, by presenting most relevant search results to the user. 
  7. ALMIC uses the email addresses of its users to notify users of the terms and conditions of their goods and services and also to notify them of any planned changes or updates. ALMIC shall not use the email addresses of its users to forward ads or for any other marketing purposes. 
  8. ALMIC uses cookies and other technologies. ALMIC uses information gathered from these to improve the conditions of use related to the user account and the general quality of ALMIC’s services. A cookie is a small string of text which a website the user visits sends to the user’s Internet browser and which helps the website to remember information regarding the user’s visit. This may make the next visit easier and the visited portal more useful. ALMIC uses several different cookies to handle the products and services related to the portals they manage and ads. Among others, ALMIC uses temporary cookies and session cookies, as well as persistent cookies which are saved in the user’s computer and are not deleted even after the browser is closed. To offer the highest level of service, ALMIC uses both first party, i.e. the author’s own cookies, and third-party cookies (Google Analytics) which originate e.g. from ads of other websites that the user visits. Cookies play an important role, as it would be much more inconvenient to use the Internet without them.
  9. The aforementioned cookies are also stored in the user’s Internet browser. The user can examine specific cookies used by ALMIC through their Internet browser. The user can also set their Internet browser to block cookies used by ALMIC, including third-party cookies, or indicate when a cookie is appointed. It should be noted however, that services related to the user account may not function correctly when cookies are blocked.
  10. ALMIC enables the user to examine information published, collected and processed with relation to the use of the user account and services. If the information is incorrect, inaccurate or incomplete, ALMIC allows the user to change and update it quickly and also delete it if necessary, unless ALMIC is obligated to retain this information for legitimate, business or legal reasons. ALMIC’s objective is to maintain their services in a manner that would protect the existing information from accidental or malicious damages. Therefore, after the user deletes their information, ALMIC will not immediately delete all copies from active servers or remove the information from backup systems. If necessary, this will be done after 60 days, except for data with a retention obligation pursuant to valid legal provisions and acts.
  11. At any given time, the user is entitled to request the forwarding or transfer of the personal data related to their user account to another service provider established by the user. In this case, ALMIC shall forward the data within 60 (sixty) days, considering ALMIC’s technical capabilities. ALMIC may extend this term for serious reasons.
  12. ALMIC shall not share the personal data of their users with third companies, organisations and persons, unless ALMIC has the user’s consent, it is the administrator, operator or host of the system and sharing the information is unavoidable or if ALMIC is obligated to do so under valid legal acts. If personal data is forwarded to a third party (i.e. not to an EU member state), ALMIC shall ensure sufficient security measures to protect the personal data.
  13. ALMIC has implemented modern technical and organisational security measures to protect the users of portals operated by ALMIC from unauthorised access to the information used by ALMIC and its unauthorised modification, disclosure, breach or destruction. ALMIC shall implement sufficient and relevant technological and organisational security measures to maintain a level of security corresponding to the threat, involving, among others, the following:
    • pseudonymisation and encryption of personal data included under confidential information;
    • capability to ensure the continued privacy, integrity, availability and reliability of systems and services processing personal data included under confidential information; 
    • capability to restore the availability and accessibility of personal data included under confidential information in a timely manner in the case of a physical or technical incident; 
    • a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures to ensure the security of the processing of personal data included under confidential information.
  14. ALMIC shall notify the user of significant security risks, including theft of data related to the user and break-ins to the facilities of ALMIC. ALMIC shall also notify the Estonian Data Protection Inspectorate of the relevant circumstances. In addition, ALMIC shall take relevant measures to alleviate the results of the situation and mitigate similar risks.
  15. ALMIC shall regularly review the terms and conditions of privacy and data processing, bringing them into conformity with new legal provisions and acts. When amending the terms and conditions, ALMIC shall not restrict the rights of users under the privacy terms without the user’s consent. ALMIC shall notify the users regarding changes to the terms and conditions within reasonable time before the amendments take effect.
  16. If ALMIC takes part in a merger, acquisition or another similar transaction, the confidentiality of the users’ personal data shall be continuously protected. ALMIC shall notify current users if they are subjected to new privacy terms. If possible, ALMIC shall include information which allows to evaluate the correctness, integrity, reliability and relevance when forwarding personal data. 
  17. Registering and using an account in any of ALMIC’s portals is not possible without the processing of personal data. ALMIC shall insure that the processing of personal data is carried out pursuant to legal provisions and acts. After a user account is deactivated and if the user does not reactivate their account within 60 days, ALMIC shall delete all data collected and stored about the user, except for such data which ALMIC is obligated to retain pursuant to valid legal provisions and acts. For good reason, ALMIC is entitled to extend the aforementioned term.
  18. Estoninan Internet foundation Data Protection Policy can be found from the link https://www.internet.ee/domains/eif-s-data-protection-policy
  19. Please contact andmekaitse@almic.ee for any personal data processing issues
Last amended 13 March 2019.