The protection of personal data is very important to us and we take it very seriously. This Privacy Policy, which sets out the principles on which Becky Tööohutuskeskus, provides you with detailed information about what personal data Becky Tööohutuskeskus collects about you, what we use it for and who has access to it. Please take the time to read our Privacy Policy and contact Becky Tööohutuskeskus if you have any questions or suggestions.

We follow applicable personal data protection legislation, including Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”) and the Estonian Personal Data Protection Act, when processing personal data.

Terminology and definitions

The privacy policy of Becky Tööohutuskeskus (legal name Becky AS) is based on the GDPR. The privacy policy that we apply must be understandable and comprehensible to visitors of the website as well as to our contractual customers and partners. In order to ensure that all parties can clearly understand their rights, we will explain the most important terms here.

A data subject is an identified or identifiable natural person whose data is processed;

Personal data means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification code, location data, a network identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Processing of personal data means any operation or set of operations, which is performed upon personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organising, structuring, storing, adaptating and alterating, retrieving, reading, using, disseminating or otherwise making available via processing, alignment or combination, restricting, deleting or destroying;

Profiling is any automated processing of personal data that involves the use of personal data to evaluate certain personal aspects relating to a person. In particular, for the analysis or prediction of aspects relating to the performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements of the natural person concerned;

A controller is a natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the criteria for the controller or for his or her designation may arise from the law;

A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of a controller;

Data set means any structured set of personal data from which data can be retrieved on the basis of certain criteria, irrespective of whether that data set is centralised, decentralised or dispersed in a functional or geographical sense;

Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party is involved. Recipient shall not be understood to be public authorities which may receive personal data in the context of a specific request in accordance with Union or Member State law; those public authorities shall process those data in accordance with the applicable data protection standards for the purposes for which they are processed;

Third party shall mean any natural or legal person, public authority, agency or body, except the data subject, the controller, the processor and persons who may process personal data under the direct authority of the controller or processor;

The ‘consent’ of the data subject is a freely given, specific, informed and unambiguous indication of his or her wishes, by which the data subject signifies his or her agreement to the processing of personal data relating to him or her, either by a statement or by an explicit act of consent.

The controller of personal data

Company name: Becky AS

Address: Laki 30A, Tallinn 12915

Phone: +372 670 6880

Email: becky@becky.ee

Website: www.becky.ee

What personal data does Becky Tööohutuskeskus collect and how is it used?

Website browsing statistics

In order to collect and analyse the data mentioned above, Becky Tööohutuskeskus uses an automated tool called Google Analytics. You can opt out of the collection of your data by Google Analytics at any time, as described here.

Logs

The server that hosts the Becky Tööohutuskeskus website may also record queries you make to the server (the web address you access, the browser and device you use, IP address, time of access). This data is used for technical purposes only – to ensure the proper functioning and security of the website and to investigate possible security incidents.

Profiling

Becky Tööohutuskeskus may use statistical data about visitors to the Becky website to analyze trends and demographics of visitors to the Becky website, but individual profiles for visitors are not compiled.

Enquiries

If you would like to purchase products from Becky Tööohutuskeskus or receive more information about them through the www.becky.ee website, it is necessary to share personal information with us. Becky Tööohutuskeskus is the controller of personal data, our company transfers personal data necessary for the processing of payments to the processor Montonio Finance UAB. Esto AS is our partner for instalment banking services.

Enquiries can be made by filling in the contact form or by sending an e-mail to becky@becky.ee. In order to be able to respond to your request, we collect the following personal data: your name, contact details (e-mail and/or telephone number).

The legal basis for such processing of personal data is the processing of personal data for the performance of a contract concluded with the data subject or for pre-contractual measures taken at the request of the data subject (GDPR Art 6(1)(b)). The personal data referred to above can be accessed by Becky Tööohutuskeskus’ staff. If you submit a request via the contact form, the personal data may also be accessed by a partner providing IT services to us. We take appropriate technical and organisational measures to ensure the security of personal data.

Personal data collected from enquiries will be stored for statistical purposes (sales statistics) for 7 years from the date of the enquiry. Becky Tööohutuskeskus has a legitimate interest (GDPR Art 6(1)(f)) to collect sales statistics in order to better plan its business.

Processing of personal data in customer relations

We process personal data of our customers primarily for the preparation, conclusion and performance of customer contracts and offers. To fulfil this purpose, we process the following personal data: names, contact details and job titles of the company’s representatives, and data on the company and its representatives obtained from credit enquiries. The personal data listed are processed during the customer relationship and for 7 years after the end of the relationship, and are accessible by Becky Tööohutuskeskus’ staff. The legal basis for such processing of personal data is the processing of personal data for the performance of a contract entered into with the data subject or for pre-contractual measures at the request of the data subject (GDPR Art 6(1)(b)).

During the customer relationship and for 7 years after the end of the customer relationship, we process personal data of our customers for statistical purposes (sales statistics) and for archiving customer contracts. Becky Tööohutuskeskus has a legitimate interest (GDPR Art 6(1)(f)) to collect sales statistics for the purpose of better planning its business and to keep records relating to its customers.

If your company should have any debts, please be aware that we will process your personal data for the purposes of debt management until the debt is paid. If the invoice is more than two months overdue, we may hand the debt over to a third party (e.g. Julianus Inkasso OÜ etc.) for pre-court collection of debt. Becky Tööohutuskeskus has a legitimate interest (GDPR Art 6(1)(f)) to collect debts from its customers, should the debts arise from the sale of services or products provided to customers.

We also process personal data of our current customers during the customer relationship and of former customers 7 years after the end of the customer relationship for potential resale purposes, i.e. in preparation for direct marketing of similar services. Becky Tööohutuskeskus has a legitimate interest (GDPR Art 6(1)(f)) in maintaining a business relationship with its current and former customers.

Marketing

Becky Tööohutuskeskus wishes to bring relevant news to its customers and partners who are interested in receiving direct marketing communications. By subscribing to our newsletter at www.becky.ee, we will send you news about the company, new information on occupational safety solutions and products, and sales campaigns by e-mail. We will process your name and email to send you marketing messages by email.

In certain cases involving natural persons, we will need to obtain the consent of the data subject to send marketing messages by e-mail. If you have not consented to such processing of personal data, we will not process your personal data for this purpose. Consent does not expire, but if you no longer wish to receive marketing communications, you can conveniently unsubscribe by clicking on the link at the end of the email (“unsubscribe”). You also have the right to object at any time to the processing of your personal data for direct marketing purposes.

When Becky Tööohutuskeskus sends you an email, we may collect statistical information about your interaction with that communication, such as whether you opened the email, which links you clicked on, what devices you used to access it, and their technical characteristics. Such information will be stored in the history of the contact.

Sometimes we assess the behaviour of our contacts (the information we get from the contact history) before sending a newsletter. This is necessary to enable us to send you more personalised communications by email. Becky Tööohutuskeskus has a legitimate interest (GDPR Art 6(1)(f)) in understanding the needs and preferences of its contacts in order to provide them with more relevant information.

For the purposes of the processing of personal data listed in this subsection, the data will be accessed by Becky Tööohutuskeskus’ staff. Personal data may also be accessed by a partner providing IT services to us. We implement appropriate technical and organisational measures to ensure the security of personal data.

Your rights and how you can exercise your rights

By contacting Becky Tööohutuskeskus by e-mail becky@becky.ee, you can exercise your rights to:

• the right to access your personal data;
• the right to rectify personal data concerning you;
• the right to have your personal data deleted;
• the right to have your personal data transferred;
• the right not to be subject to a decision based solely on automated processing;
• the right to withdraw consent;
• In certain cases, you have the right to request the restriction of the processing of personal data relating to you and the right to object to the processing of personal data relating to you.

You may exercise your rights in accordance with the conditions set out in the GDPR and other local legislation.

If you believe that your privacy has been violated, please contact us at becky@becky.ee. You also have the right to lodge a complaint with the data protection supervisory authority in the country where you are resident. In Estonia, this is the Estonian Data Protection Inspectorate.