Cookie and Privacy Policy notification

This cookie and privacy policy notification (hereinafter notification) contains useful information about how and why Digra OÜ collects, processes and shares personal data (data). The privacy policy is governed by the General Data Protection Regulation (GDPR).

The objective of the privacy policy is to protect the privacy of customers in accordance with the legislation of the Republic of Estonia and European Union law.

Personal data means any information about an identified or identifiable natural person, such as name, address, email address, and information about visits to our website and social media channels, and the use of our services.

By using our website, you agree to the use of cookies and the terms of processing personal data as described in our Cookie and Privacy Policy.

Valid as of 1 May 2022

  1. Whose data does Digra OÜ process?

Digra OÜ is the controller of personal data and if you have any questions, please contact digra@digra.ee

Digra OÜ processes the data of its customers and contact persons who have expressed a wish to use our services or have used our services in the past.

In certain cases, we process personal data that is available from public sources.

  1. Purposes of and legal bases for the processing of personal data (data) of customers

We process the personal data of voluntary users of our marketing channels and users of our services and our customers (including customer representatives) to perform our contractual obligations as well as to provide our potential customers with higher quality service and information.

If Digra OÜ processes personal data for these purposes, the legal basis for the processing is our legitimate interest in ensuring the correct and high-quality provision of our services.

We collect information from Digra OÜ’s marketing channels (including the website) about their use and the interests of potential customers to better understand the actual interests of our customers, provide better quality information and improve the functioning and user-friendliness of the website.

In this case, the legal basis for the processing is our legitimate interest in better understanding the needs of our customers and providing a better service.

For example, Digra OÜ processes data about the customers’ purchasing behaviour, data on reading and opening newsletters and data on opening ads with the aim of providing customers with offers and content they prefer.

Digra OÜ processes personal data for the following purposes:

  • Creating and managing the customer base of Digra OÜ;
  • Providing new services to the customer;
  • Analysing and improving the services of Digra OÜ;
  • Website management;
  • Compliance with legal requirements;
  • Responding to customer inquiries;
  • Issuing certificates.
  1. How data is collected

We generally collect personal data directly from data subjects and with their consent. In addition, we use automated data collection tools, including cookies and other tracking tools, to optimise the user experience of our website and provide better services to our customers.

Cookies and pixel tags and how to get rid of them

A cookie is a small text file sent by a web server to the user’s browser and stored on the user’s computer’s hard drive which enables to remember user preferences such as font size, language, device information, visit statistics etc.

All browsers are set to allow cookies by default, but the browser settings can generally be changed to have the browser completely refuse cookies, block third party cookies or notify the user of any cookies sent.

Pixel tags are small snippets of website code that allow websites to read and install cookies. They are triggered when a user opens an email or arrives on the website, after which third-party cookies connected to the user opening the email are downloaded or recorded.

Digra OÜ uses the following cookies:

  • Session cookies (temporary cookies) to enable the use of the service;
  • Persistent cookies (stored on the user’s computer after the browser is closed) to remember the customer’s preferences on the webpages of Digra OÜ.

To be expand on that, Digra OÜ uses:

  • Analytical cookies that collect information about how the website is used. For example, which content pages are visited most or what visitors search for on the website etc. These cookies do not collect identifiable information. This includes, for example, Google Analytics and Hotjar cookies;
  • Advertising cookies that help deliver ads targeted at the interests of the user. For example, a Facebook Pixel code has been integrated into the Digra.ee page, and if you do not want to see the Digra OÜ website ad on Facebook, you can disable it. Go to https://www.facebook.com/ads/preferences and delete Digra under ‘Advertisers you’ve interacted with’;
  • Third-party cookies, such as Youtube and Google Maps. Location map and videos will not be shown unless you agree to the Privacy Policy. To make this technically possible, we use the Privacy_embeds cookie created by Avada design.

The user has the right to prevent cookies from being saved on their computer. To do this, the user must change the settings of their browser.

Instructions for changing the settings of the most commonly used web browsers:

Internet Explorerhttp://support.microsoft.com/kb/278835

Crome: https://support.google.com/chrome/answer/95647?hl=en

Firefoxhttp://support.mozilla.org/en-US/kb/Clear%20Recent%20History

Operahttp://www.opera.com/browser/tutorials/security/privacy

Safarihttps://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac

When blocking cookies, the user must take into account that all the functions may no longer be available to the user.

  1. Personal data (including data) processed by Digra OÜ

Digra OÜ may process the following personal data (including data):

Contact details — name, email address and phone number;

Data collected and generated during the performance of an agreement — personal identification code, customer preferences regarding Digra OÜ services and products, feedback on our services, information about the habits and preferences related to the customer’s work, business processes or studies;

Automatically collected data — data received from the user’s web browser, including browser type, device type, language, website address from which the user arrived, which content pages were visited, the user’s IP address and other traffic data;

User actions in connection with Digra OÜ emails — including information on which emails and when and how the user opened;

Other personal data — that you have made publicly available or made available to us on third-party social networks such as LinkedIn, Facebook, Google Plus, Instagram etc.

Digra OÜ does not process special categories of personal data as the controller.

  1. Sharing personal data

Digra OÜ does not transfer customer data outside the European Economic Area.

Digra OÜ does not share the customer’s personal data with third parties except on the terms listed below. All data will only be used for communication and for the purpose of providing a better product or service.

We may share your personal information in the following cases:

  • Sending educational material by mail – persons, institutions and organisations that mediate or provide postal services;
  • Debt recovery — debt recovery service providers, credit registers;
  • State supervision authorities and the police;
  • Data on the customers of the Estonian Unemployment Insurance Fund to the training consultants of the Unemployment Insurance Fund;
  • Public feedback with the customer’s consent.
  1. Security, use and storage of personal data (data)

Digra OÜ may send customers information about its services, products, newsletters and offers if the customer has provided us with their contact details, but only as long as the customer has not requested that such activities be terminated or has opted out of receiving the newsletter.

6.1. Security of the personal data

Secure storage of personal data is Digra OÜ’s highest security priority. We will take every possible measure to prevent unauthorised access, disclosure and other unlawful processing. We protect the confidentiality and integrity of personal data and ensure access to the data in accordance with applicable legislation.

We have reasonable and adequate organisational measures and technical and physical restrictions in place to protect the personal data we collect and process. The measures taken depend on the type of personal data and the possible consequences of their disclosure.

Digra OÜ has implemented the necessary technical, physical and organisational security measures to protect the customer’s personal data (data) against loss and unlawful processing.

6.2. Retention period — how long do we store personal data?

Digra OÜ retains personal data only for as long as it is necessary to achieve the purpose of collecting it. The retention period also depends on the need to respond to requests from data subjects, solve problems and fulfil legal requirements for storing documents.

If we no longer need personal data and the legislation does not require it to be retained, we will delete such personal data.

We may continue to use this data for statistical purposes, but only in a pseudonymised or anonymised form.

If you have any questions at all, please email digra@digra.ee

  1. Rights of the customer (data subject)

The customer has the right to access their personal data processed by Digra OÜ and the right to request the rectification of inaccurate personal data.

If the customer has questions about their rights or finds that Digra OÜ has violated their rights in the processing of their personal data (data), they should contact digra@digra.ee.

If you do not wish to receive marketing notices from Digra OÜ, you can opt out of them by following the opt-out instructions in the footer of each marketing notice or by contacting us via our contact page.

Rights of the data subject

Right of correction — the right of the data subject to request that incorrect personal data relating to him or her be corrected without undue delay.

Right of deletion — the right of the data subject to request that their personal data be deleted without undue delay if certain additional conditions are met.

In certain cases the data subject has the right to restrict processing.

The data subject has the right to access the personal data we store about them and that they have provided to us and the right to transfer that data to another controller, where technically possible and where the processing is carried out on the basis of consent or agreement and is automated.

The data subject will have the right to object at any time to the processing of their personal data carried out on the basis of the relevant legal provisions, including profiling on the basis of such provisions.

Subject to legislation, the data subject is entitled to request that a decision related to them which is based solely on automated processing, including profiling, and which has legal consequences or significant influence on the data subject, is not made.

Where the processing of personal data is based on the data subject’s consent, the data subject has the right to withdraw that consent at any time without prejudice to the lawfulness of the processing carried out on the basis of consent prior to withdrawal.

If you wish to exercise these rights, please contact us.

If the solution offered by Digra OÜ does not satisfy you, you have the right to appeal to the Data Protection Inspectorate of the Republic of Estonia and the court.

  1. Other provisions

Digra OÜ has the right to unilaterally amend the use of cookies and the Privacy Policy. The latest version of the Cookie and Privacy Policy is always available on this website.

This Cookie and Privacy Policy is governed by the laws of the Republic of Estonia. Disputes or claims arising from the policy will be settled in Harju County Court.