AS Infragate Eesti (hereinafter referred to as "Infragate") complies with the requirements and principles stated in this policy. The privacy of individuals and the protection of personal data are important to Infragate, and therefore we have developed this privacy policy, which sets out the purposes and conditions of personal data processing and the rights of data subjects related to personal data. Infragate considers the confidentiality and protection of personal data very important and ensures the legality of personal data processing.
1. Definitions
1.1 Personal data - means any information about an identified or identifiable natural person ("data subject"); an identifiable natural person is a person who can be directly or indirectly identified, in particular on the basis of an identification feature such as name, social security code, location information, network identifier or on the basis of one or more physical, physiological, genetic, mental, economic, cultural or social characteristics of that natural person;
1.2 Processing of personal data - an automated or non-automated operation or a set of operations performed with personal data or their collections, such as collection, documentation, arrangement, structuring, storage, adaptation and modification, querying, reading, use, disclosure by transmission, distribution or otherwise making available, reconciliation or connecting, restricting, erasing or destroying;
1.3 Data controller - natural or legal person, public sector, or local government institution that is the primary collector of personal data. The controller determines the purposes and means of personal data processing;
1.4 Authorized processor - a natural or legal person, public sector or local government institution, which processes personal data on behalf of the data controller processor and on the basis of their instructions;
1.5 Third party - natural or legal person, public sector or local government institution, agency or body;
1.6 Violation related to personal data - violation of requirements that causes accidental or illegal destruction, loss, alteration or unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed;
1.7 Data subject – the person whose personal data is processed.
2. Principles
2.1 Infragate is based on the following principles when processing personal data:
2.1.1 principle of legality, fairness and transparency - processing is legal, fair and transparent to the data subject;
2.1.2 principle of purpose limitation - personal data is collected precisely and clearly for specified and legitimate purposes and is not processed later in a way that contradicts these purposes;
2.1.3 the principle of collecting as little data as possible - personal data are relevant, important and limited to what is necessary for the purpose of their processing;
2.1.4 principle of correctness - personal data are correct and, if necessary, updated, and that all reasonable measures are taken to delete or correct personal data that are incorrect from the point of view of the purpose of the processing without delay;
2.1.5 principle of storage limitation - personal data is stored in a form that allows data subjects to be identified only as long as it is necessary to fulfill the purpose for which personal data is processed;
2.1.6 principle of reliability and confidentiality - personal data is processed in a way that ensures appropriate security of personal data, including protection against unauthorized or illegal processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
3. Security of personal data processing
3.1 Infragate implements various organizational, physical, and IT security measures to protect personal data based on the principle of reasonableness.
3.2 Infragate may in certain cases use authorized processors to process personal data and provide services. Infragate ensures that authorized processors process personal data in accordance with Infragate's instructions and in accordance with applicable law and implement appropriate security measures. Confidentiality agreements have been signed with all authorized processors.
3.3 Infragate immediately informs data subjects of a personal data breach.
4. Types of personal data
4.1 Infragate processes personal data received directly from the data subject and personal data encountered during service provision.
4.2 Infragate processes the following personal data:
4.2.1 first and last name;
4.2.2 personal identification code;
4.2.3 email address;
4.2.4 contact phone;
4.2.5 address;
4.2.6 website usage statistics;
4.3 Infragate is the responsible processor of personal data and follows the principles of ensuring the confidentiality of personal data in order to ensure the privacy rights of individuals.
4.4 Only persons authorized by Infragate have access to change and process personal data.
5. Purposes of personal data processing
5.1 Infragate processes personal data to fulfill a legal obligation, to fulfill a contract and to ensure fulfillment, on the basis of consent or on the basis of legitimate interest.
5.2 The purpose of processing personal data specified in clause 4.2 of this privacy policy is:
5.2.1 project coordination with property owners;
5.2.2 transmission of important information related to the work to be performed;
5.2.3 conclusion of contract(s);
5.2.4 submitting invoices for the service rendered;
5.2.5 implementation of project management.
6. Third parties and authorized persons
6.1 Infragate may transfer personal data, limited to strictly necessary purposes, to third parties and authorized persons for the following purposes:
6.1.1 transfer of personal data to the main contractor for the execution of the project;
6.1.2 improving the usability of the website.
6.2 Infragate confirms that it transfers personal data only to such third parties and authorized processors who implement adequate security measures to ensure the security of personal data protection.
7. Rights of the data subject
7.1 The data subject has the right to delete personal data.
7.2 The data subject has the right to make inquiries about the personal data concerning him that he has submitted to Infragate.
7.3 The data subject has the right to limit the processing of personal data.
7.4 The data subject has the right to submit a complaint about the processing of personal data to the Data Protection Inspectorate.
8. Storage of personal data
8.1 After the end of the project, personal data will be archived and deleted from the archive 5 years after the end of the contract, unless Infragate has a legal requirement that would stipulate different personal data storage terms.
9. Use of cookies
9.1 The website managed by Infragate www.infragate.ee may use cookies to make the user experience on the website more convenient and smoother.
9.2 A cookie is a small text file that the web browser automatically saves on the device used by the person. We use cookies:
9.2.1 to collect anonymous and generalized statistics about the number of visitors to the website and information about how the website is used in order to make the website even more user-friendly and better.
9.3 By not agreeing to the use of cookies, it is possible to block cookies stored on the device. For this, the corresponding settings of the web browser must be changed. If cookies are not used, websites may not work correctly and all services may not be available.
10. Changes to the privacy policy
The privacy of individuals is important to Infragate, which is why Infragate regularly updates this privacy policy. We always publish the most up-to-date version of the privacy policy on the website.
11. Contact
For all questions, concerns or suggestions regarding the processing of personal data, you can contact the data controller at the following contacts:
Email: info@infragate.ee
Phone: 626 7777
AS Infragate Eesti
Reg. No 10845129
VAT No EE100745375
