Panila OÜ’s Privacy Policy

The responsible employee of the website is:
Panila OÜ
+372 5303 3323
Seemne tn 4, 10617, Tallinn, Harju County
Reg No. 14140489

Protection of personal data

Personal data is data that Panila OÜ (hereinafter Panila) collects to provide a service, to identify a person, to contact a person for the provision of a service, to resolve a query or to send promotional content.

Panila does not process sensitive personal data as defined in Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation or GDPR or EU Regulation 2016/679).

Panila is committed to protecting customers’ and users’ personal data and privacy. Panila’s activities on the internet are in compliance with all relevant activities and applicable European Union legislation and the laws of the Republic of Estonia, including Regulation (EU) 2016/679 of the European Parliament and of the Council. Panila takes all precautions (including administrative, technical, and physical measures) to protect the customer’s personal data collected. Only authorised persons have access to modify and process the data.


All personal data disclosed during visits to Panila’s websites will be treated as confidential information.

The principles of Panila’s privacy policy regarding the collection, processing, use, disclosure, transmission, modification, deletion and blocking of personal data are set out below.

This policy does not apply to the processing of data of legal entities and other companies/institutions, nor does it cover the processing of personal data on websites/services referred to on our websites/services (external links).

The person representing the company (as a service subscriber) is not a natural person, but an authorised representative of a legal person whose processing of personal data is not regulated by Regulation (EU) 2016/679 of the European Parliament and of the Council.

1. What kind of data is collected?

Personal data processed by Panila’s customers uploaded to Panila’s environment within the context of the service is protected by confidentiality requirements, which apply when the customer signs the service contract. Panila’s services can only be used after accepting the contract. Acceptance of the contract will be verified by software, or in its absence you will be asked to accept it.

For the purposes of the processing of personal data listed in this subsection, the data will be accessed by employees of Panila OÜ, who will use all security measures in their work concerning the processing of your data.

Consent to the collection of personal data relating to and necessary for the service is given by the person ordering the service at the time of ordering the service. By ordering the service, consent is deemed to have been given by the corresponding time stamp.

2. How long will the collected data be stored?

The data collected by non-personal technical websites and service environments will be stored indefinitely.

Personal data relating to personalised enquiries and/or transactions will be retained for up to 7 years from the last interaction with the service provider, due to the obligation under the Accounting Act to prove transactions. Interaction includes responding to direct marketing by viewing or clicking on a link.

3. To whom can the collected data be disclosed?

Personal data processed by Panila may only be disclosed, without the consent of the person concerned, to an authority or person who has a direct legal right to it (e.g., a court or a pre-trial procedure officer) and a justified need to know.


The personal data processed by Panila’s customers within the framework of the Panila’s service is treated as confidential and the right to process, disclose or transfer such data is the sole responsibility of the data owner (the customer).

At the customer’s request, Panila provides technical assistance with data processing, but this does not change the ownership of and responsibility for the data.

4. What rights does the person have to the data collected?

Right to access, rectify, and stop processing of your data.

Personal data will not be disclosed by default unless consent has been received (participation in training/seminars/conferences).

If the personal data is not editable, accessible, disclosed on a website or service environment, you should make an identifiable request to us to obtain or correct the data. If possible, the data will be issued or corrected within 7 working days.

If you wish to opt out of direct marketing offers for all or some of the topics, you can do so immediately via the link at the foot of each marketing email. The change will apply immediately.

If there is (no longer) a lawful basis for processing, disclosing, or granting access to personal data, you can request the termination or deletion of the use of, disclosure of or access to the data. This should be done by submitting an application in a manner that allows identification.

The application will be rejected if:

For example:

– Cannot delete an email address if you no longer wish to receive direct marketing offers to it. To comply with the requirement, you must still have an email address to compare – so that no email is sent.

– Cannot delete all the data from CRM if you do not want to be contacted again.  To comply with the requirement, there must be sufficient data to compare – so that no contact is made.

5. How and for what purposes do we use cookies?

We use cookies on our website to make our service more user-friendly and to provide you with enhanced and customised features when visiting our website and products.

Many web browsers offer the possibility to avoid cookies offered by third parties. If enabled by the settings, the web browser will only allow cookies from the web service you are currently visiting to be stored via the website. It is possible to select this option through your web browser settings (this option will exclude all third-party cookies).


You can clear your web browser’s cookie cache through your web browser settings. Deleting a cookie deletes the unique identifier stored in the browser cache, along with the associated online profile. Clearing the cookie cache does not prevent new cookies from being stored in the future.

Every browser is different, so if you do not know how to change your cookie settings, read the Cookie Management and User Manual linked below. Your device’s operating system may include additional cookie controls. If you do not want cookies to collect information, opt out of cookies in your browser settings. For more information on how to manage cookies, please visit

6. What types of cookies do we use?

We use session cookies, persistent cookies, and third-party cookies (Google Analytics, Facebook). These analytics cookies allow us to recognise website visitors, count and identify website traffic. This is what we do to improve the operation of our website.

7. Marketing

Panila wishes to bring relevant news about Panila’s services to its customers who are interested in receiving direct marketing communications.

By signing up to our newsletter at, we will send you news about our company’s activities, new blog posts and upcoming events (such as our training sessions, as well as special offers from our cooperation partners to members of the list) up to 3 times a month. To send marketing communication by email, we process your name and email.

When Panila sends you an email, we may collect statistical information about your interaction with that communication, such as whether you opened the email, the links you clicked, the devices you use to access it, and their technical features. Such information is recorded in the contact’s history. We may assess the behaviour of your contacts (contact history, participation in organised events, etc.) before sending the newsletter. This is necessary so that we can send you more personalised communication by email. Panila has a legitimate interest in understanding the needs and preferences of its contacts to provide them with more relevant information.

Please be aware that if you are in our contact database, we may process your name and email address or mobile phone number for the purpose of showing ads to you or people like you (“Lookalike Audience”) on Facebook, Google, YouTube, LinkedIn and/or Instagram.

Privacy Policy terms, conditions, and amendments

By using Panila’s websites, you have read and agreed to these terms and conditions. We reserve the right to modify the general terms and conditions of the Privacy Policy, if necessary, by informing all related parties.