The responsible employee of the Panila.ee website is:
+372 5303 3323
Seemne tn 4, 10617, Tallinn, Harju County
Reg No. 14140489
Protection of personal data
Personal data is data that Panila OÜ (hereinafter Panila) collects to provide a service, to identify a person, to contact a person for the provision of a service, to resolve a query or to send promotional content.
Panila does not process sensitive personal data as defined in Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation or GDPR or EU Regulation 2016/679).
Panila is committed to protecting customers’ and users’ personal data and privacy. Panila’s activities on the internet are in compliance with all relevant activities and applicable European Union legislation and the laws of the Republic of Estonia, including Regulation (EU) 2016/679 of the European Parliament and of the Council. Panila takes all precautions (including administrative, technical, and physical measures) to protect the customer’s personal data collected. Only authorised persons have access to modify and process the data.
All personal data disclosed during visits to Panila’s websites will be treated as confidential information.
This policy does not apply to the processing of data of legal entities and other companies/institutions, nor does it cover the processing of personal data on websites/services referred to on our websites/services (external links).
The person representing the company (as a service subscriber) is not a natural person, but an authorised representative of a legal person whose processing of personal data is not regulated by Regulation (EU) 2016/679 of the European Parliament and of the Council.
1. What kind of data is collected?
- When a visitor accesses the website, non-personal technical data is collected.
- The technical data is limited to the Internet address (IP address) of the computer or computer network used, the browser and operating system software version of the computer, the time (time, date, year) and place of the visit. IP addresses are not linked to personally identifiable information.
- Data is collected on website visits and stays to improve websites and service environments and make them more convenient for visitors.
- We use Google Analytics, an automated tool, to collect the above data. If you do not wish to provide this information about yourself, you can opt out of having your data collected by Google Analytics at any time, as described here.
- In the case of natural persons, the data to be collected include, where necessary, personal identification number to identify uniqueness, name for communication purposes, email address, mobile phone, city, and country of residence.
- For the purpose of processing the data of legal persons, we collect the registration number, VAT number, name, country, address, email addresses for contacting and invoicing, the names of the contact persons representing the company and their email addresses and contact telephone numbers.
- In the case of marketing messages sent to emails, we may collect information about your interactions, such as whether you opened the email, which links you clicked on, what devices you use to do so and their technical features. This information is stored in the history of each contact.
- When you are in the Panila OÜ contact database, we may also process your name and email address or mobile phone number for marketing purposes in social media and internet marketing (Facebook, Instagram, Google). For these purposes, we will process your personal data for a period of 5 years from the date of adding your contact to the contact database. Panila OÜ has a legitimate interest (GDPR Art 6(1)(f)) to send marketing communications to its contacts to maintain a business relationship with them.
Personal data processed by Panila’s customers uploaded to Panila’s environment within the context of the service is protected by confidentiality requirements, which apply when the customer signs the service contract. Panila’s services can only be used after accepting the contract. Acceptance of the contract will be verified by software, or in its absence you will be asked to accept it.
For the purposes of the processing of personal data listed in this subsection, the data will be accessed by employees of Panila OÜ, who will use all security measures in their work concerning the processing of your data.
Consent to the collection of personal data relating to and necessary for the service is given by the person ordering the service at the time of ordering the service. By ordering the service, consent is deemed to have been given by the corresponding time stamp.
2. How long will the collected data be stored?
The data collected by non-personal technical websites and service environments will be stored indefinitely.
Personal data relating to personalised enquiries and/or transactions will be retained for up to 7 years from the last interaction with the service provider, due to the obligation under the Accounting Act to prove transactions. Interaction includes responding to direct marketing by viewing or clicking on a link.
3. To whom can the collected data be disclosed?
Personal data processed by Panila may only be disclosed, without the consent of the person concerned, to an authority or person who has a direct legal right to it (e.g., a court or a pre-trial procedure officer) and a justified need to know.
The personal data processed by Panila’s customers within the framework of the Panila’s service is treated as confidential and the right to process, disclose or transfer such data is the sole responsibility of the data owner (the customer).
At the customer’s request, Panila provides technical assistance with data processing, but this does not change the ownership of and responsibility for the data.
4. What rights does the person have to the data collected?
Right to access, rectify, and stop processing of your data.
Personal data will not be disclosed by default unless consent has been received (participation in training/seminars/conferences).
If the personal data is not editable, accessible, disclosed on a website or service environment, you should make an identifiable request to us to obtain or correct the data. If possible, the data will be issued or corrected within 7 working days.
If you wish to opt out of direct marketing offers for all or some of the topics, you can do so immediately via the link at the foot of each marketing email. The change will apply immediately.
If there is (no longer) a lawful basis for processing, disclosing, or granting access to personal data, you can request the termination or deletion of the use of, disclosure of or access to the data. This should be done by submitting an application in a manner that allows identification.
The application will be rejected if:
- it may harm the rights and freedoms of another person,
- it may hinder the provision or the non-provision of the service,
- it can obstruct the work of law enforcement bodies,
- it is not technically necessary and/or possible.
- the applicant’s identity is not legally linked to the data.
- it is not possible to identify the applicant.
– Cannot delete an email address if you no longer wish to receive direct marketing offers to it. To comply with the requirement, you must still have an email address to compare – so that no email is sent.
– Cannot delete all the data from CRM if you do not want to be contacted again. To comply with the requirement, there must be sufficient data to compare – so that no contact is made.
Many web browsers offer the possibility to avoid cookies offered by third parties. If enabled by the settings, the web browser will only allow cookies from the web service you are currently visiting to be stored via the website. It is possible to select this option through your web browser settings (this option will exclude all third-party cookies).
You can clear your web browser’s cookie cache through your web browser settings. Deleting a cookie deletes the unique identifier stored in the browser cache, along with the associated online profile. Clearing the cookie cache does not prevent new cookies from being stored in the future.
Every browser is different, so if you do not know how to change your cookie settings, read the Cookie Management and User Manual linked below. Your device’s operating system may include additional cookie controls. If you do not want cookies to collect information, opt out of cookies in your browser settings. For more information on how to manage cookies, please visit www.allaboutcookies.org/manage-cookies
6. What types of cookies do we use?
We use session cookies, persistent cookies, and third-party cookies (Google Analytics, Facebook). These analytics cookies allow us to recognise website visitors, count and identify website traffic. This is what we do to improve the operation of our website.
Panila wishes to bring relevant news about Panila’s services to its customers who are interested in receiving direct marketing communications.
By signing up to our newsletter at www.panila.ee, we will send you news about our company’s activities, new blog posts and upcoming events (such as our training sessions, as well as special offers from our cooperation partners to members of the list) up to 3 times a month. To send marketing communication by email, we process your name and email.
When Panila sends you an email, we may collect statistical information about your interaction with that communication, such as whether you opened the email, the links you clicked, the devices you use to access it, and their technical features. Such information is recorded in the contact’s history. We may assess the behaviour of your contacts (contact history, participation in organised events, etc.) before sending the newsletter. This is necessary so that we can send you more personalised communication by email. Panila has a legitimate interest in understanding the needs and preferences of its contacts to provide them with more relevant information.
Please be aware that if you are in our contact database, we may process your name and email address or mobile phone number for the purpose of showing ads to you or people like you (“Lookalike Audience”) on Facebook, Google, YouTube, LinkedIn and/or Instagram.