Introduction
1.1. While using the website www.gofaizen-sherle.com (hereinafter – Website), belongs to Gofaizen & Sherle OÜ (hereinafter – Company) and upon concluding the contract on the service provision by Company, you (hereinafter – User) confirm that you have read this Personal data processing policy (hereinafter – Policy) and agree for your personal data processing in accordance with Policy.
1.2. Policy sets methods of work with personal data which were collected by the Company while using Website and services provision by Company. While using the Website User agrees for his personal data processing in accordance with Policy and affirms that. In case when the User does not agree with the Policy partially partly or fully, he or she must stop using the Website. All data collected before above-mentioned refusal will be processed in accordance with Policy until the direct User prohibition is received.
Definitions
Personal data – any information relating to an identified or identifiable natural person («data subject»);
2.2.1. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2.3. User – natural or legal entity using the Website or services of Company.
2.4. Service – company’s obligation within the framework of the service provision contract, concluded between User and Company.
2.5. Processing– any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Personal data and its processing methods
3.1. Company collects personal data in next cases:
3.1.1. When filling out and submitting forms on the Company’s website;
3.1.2. When providing Client with services;
3.1.3. When the User uses the functionality of the Company’s website.
3.2. Company processes inter alia next personal data:
3.2.1. Identification data (name, surname, personal code, sex, birth date, etc.);
3.2.2. Contact details (phone number, e-mail, address and delivery address);
3.2.3. Payment data (payer’s bank account number, payer’s bank name, other details);
3.2.4. IP address and cookies;
3.2.5. Data which is obligatory to be processed grounded on the Money Laundering and Terrorism Financing Prevention Act;
3.2.6. Data which is obligatory to be processed grounded on the International Sanctions Act;
3.2.7. Other data required to provide User with service.
Targets and legal basis for personal data processing
4.1. Company processes data in accordance with next targets and legal grounds:
4.1.1. To conclude and perform service provision contract;
4.1.2. To provide services in accordance with concluded contract;
4.1.3. To provide User with information related to providing services;
4.1.4. To grant User access to the Company’s services;
4.1.5. To send and display advertisements to the User that are relevant (in the Company’s opinion);
4.1.6. To send commercial offers from Company and Company’s partners;
4.1.7. To participate in the contests and campaigns performed by Company;
4.1.8. For the justified interest of Company, for the purpose of fulfilling a contract, including for establishing violations of the contract or legislation, as well as to confirm such violations. In such case, Company has a legitimate interest in protecting its rights;
4.1.9. To collect statistical or technical non-personalized data about the use of the Company’s website and Company’s services;
4.1.1.0. In order to comply with legal requirements.
4.2. Company can also process data in certain case of necessity to protect interests of Company and Third Parties only if above-mentioned interests do not outweigh User interests in protecting his/her fundamental rights and freedoms.
4.3. If personal data processing is carrying out in accordance with justified Company interests, User has a right to submit objections to such processes.
Personal data transfer to data Processor
5.1. Company has a right to use data processors for data processing without User permission. Company is convinced of Processor’s reliability and responsible to the User for their activities.
5.2. Company uses next data Processors:
5.2.1. Server rental and cloud services providers;
5.2.2. Agents, translators, lawyers and other persons through whom the Company provides services.
5.3. User has a right to receive information about data Processors responsible for his/her personal data processing.
Personal data transfer to the third parties
6.1. Company transfers User’s personal data to the third parties only in certain cases like:
6.1.1. This obligation follows from the law;
6.1.2. It is required to execute the agreements between Company and User;
6.1.3. Company has a justified interest;
6.1.4. User gave a permission for data transfer.
6.2. Company transfers User’s personal data to the next persons:
6.2.1. To public authorities on the grounds provided by Law or the service provision contract concluded between User and Company;
6.2.2. To auditors, lawyers and other similar persons if it is required for performance of User’s obligations to Company or third parties.
Policy changing
11.1. Policy can be changed to comply with changes in Law, personal data processing or under instructions of supervisory authorities. In this case Company updates Policy provided on the website and notifies User with whom Company concluded valid at the moment of changes service provision contract.