DATA
PROTECTION TERMS AND CONDITIONS
AS KONESKO
This personal data processing
document describes Konesko’s personal data processing principles. The purpose
of the Privacy Policy is to provide clear and transparent information on how
Konesko may process your personal data when you use our services, come into
contact with us or visit www.konesko.ee.
If you have entered into an agreement with
Konesko, the terms of the concluded agreement may specify the conditions and
legal bases for the processing of personal data. In accordance with changes in
legislation or practice, Konesko has the right to amend the data protection
terms and conditions and they will be published immediately on our website.
If you have any further questions about how we
process your personal data or if you wish to make requests to us to exercise
your rights concerning the processing of your personal data, please contact us
using the contact details provided in the “Contact Us” section below.
“Data Subject” |
The natural person whose personal data is
processed by Konesko.
|
“GDPR” |
Regulation (EU) 2016/679 of the European
Parliament and of the Council of 27 April 2016 on the protection of natural
persons about the processing of personal data and the free movement of such
data, and repealing Directive 95/46/EC (General Data Protection Regulation).
|
“Personal Data” |
Personal information relating to an
identified or identifiable natural person (data subject); an identifiable
natural person can be identified, directly or indirectly, in particular by
reference to an identifier such as a name, an identification number, location
data, an online identifier or to one or more factors specific to the
physical, physiological, genetic, mental, economic, cultural, or social
identity of that natural person.
|
‘’Applicable law’’ |
All applicable legislation of the European
Union and all applicable legislation of the Republic of Estonia, including,
but not limited to, the national implementing legislation of the GDPR that is
in force during the validity of these terms and conditions or will be in
force after the establishment of the terms and conditions.
|
“Konesko” |
AS Konesko, registry code 10047497, address
Aiandi Rd. 21 Viimsi rural municipality, Harju County, 74001.
|
‘’ Website’’
|
Konesko’s website at www.konesko.ee
|
‘’Data protection terms and conditions’’ |
This personal data processing document.
|
‘’Data controller’’ |
A natural or legal person, public authority,
agency, or other body that, alone or jointly with others, determines the
purposes and means of the processing of Personal Data. For these terms and
conditions, Konesko is the controller of personal data.
|
“Authorised Processor” |
A natural or legal person, public authority, agency,
or other body that processes personal data on behalf of the controller.
|
2.
WHEN
AND FOR WHAT PURPOSES DO WE PROCESS PERSONAL DATA?
2.1.
Konesko, as a controller, processes personal data for the purposes set
out in this Data Protection Policy. Konesko shall process personal data following
applicable laws, including the Personal Data Protection Act and other
legislation concerning the processing of personal data.
2.2.
When processing personal data, Konesko adheres to the principles of
personal data protection, including the principle of minimalism, according to
which we process only those data that are necessary for the provision of the
service and the fulfilment of the purposes.
2.3.
Data processing for the performance
of the contract.
Konesko processes personal data primarily for the provision of services to its
customers and for the performance of contractual obligations towards its
customers. If Konesko’s customer is a data subject, the legal basis for the
processing of personal data is Article 6 (1) (b) GDPR (processing of personal
data is necessary for the performance of a contract concluded with the
participation of the data subject or for taking measures prior to the
conclusion of the contract, as requested by the data subject). If the customer
or cooperation partner is a legal person, we process the data necessary to
determine the right of representation.
2.4.
Data processing for the performance of
a legal obligation. Konesko
also processes personal data when it is necessary to comply with its legal
obligations. For example, if a court requires personal data from Konesko based
on a valid court order or court judgment, or if a law enforcement authority
requires personal data based on a valid regulation. Furthermore, if Konesko is
obliged to store personal data, for example, under the Accounting Act or other
applicable legislation. In the case of such processing on a legal basis, Art. 6
(1) (c) GDPR (processing of personal data is necessary for compliance with a
legal obligation of the controller).
2.5.
Data processing based on
legitimate interest. Konesko may also process personal data if it is necessary for Konesko’s
legitimate interest. The legal basis for the processing of personal data in this
case is Article 6 (1) (f) of the GDPR. Based on
a legitimate interest, Konesko processes personal data only if such processing
is not overridden by the interests or fundamental rights and freedoms of the
data subject, for which the personal data must be protected. Only data obtained
from the data subject or generated in the course of the performance of the
contract shall be processed based on legitimate interest.
Konesko may have a
legitimate interest in the processing of personal data if it is necessary for
the establishment, exercise, or defence of legal claims. For example, such a
need may arise in a situation where the data subject has breached the contract.
Konesko may also have a legitimate interest in using security cameras in its
territory for processing, more specifically in the chapter “Using security
cameras”. The storage of data processed, based on a legitimate interest,
is based on a statutory time limit, which is generally 3 years after the
provision of the service. For more information on retention periods, see the
chapter “Overview of personal data processed”.
2.6.
Konesko may also process personal data in connection with employment
relationships or when you apply for a job at Konesko. Konesko has adopted
separate personal data processing terms and conditions that apply to employment
relationships and that have been disclosed to you when you work at Konesko or
apply for a job at Konesko. See also the data protection conditions for
employees, which can be found on Konesko’s electronic bulletin board,
information boards and lounges.
3.
OVERVIEW
OF PERSONAL DATA BEING PROCESSED
Depending on the specific
situation, Konesko may process the following personal data about you:
Purpose |
Personal
data to be processed |
Source
of personal data |
Legal
basis |
Retention
period |
Fulfilment
of contracts and negotiation necessary for the conclusion of contracts |
Contact
details: name, email
address, phone number
|
The
data subject itself, a legal entity that is a customer of Konesko or
Konesko’s cooperation partner’s ID code |
Article
6 (1) (b) of the GDPR, after the termination of the contract Article 6 (1)
(f) of the GDPR |
|
Accounting
records |
Documents
needed to comply with a legal obligation |
A
legal or natural person who is a customer of Konesko |
GDPR
Article 6 (1) (c) |
7
years according to the Accounting Act (subsection 12 (4) of the AA) |
Responding
to inquiries, questions, or complaints |
Depending
on the specific query |
Data
Subject |
GDPR
Article 6 (1) (f) |
Up
to 3 years from request resolution |
Ensuring
security |
Read
the chapter on using security cameras |
|||
Data
collected through cookies |
Read
the chapter on the use of cookies |
|
4.
TRANSFER
OF PERSONAL DATA AND USE OF PROCESSORS
4.1.
Konesko does not transfer personal data to third parties unless it is
legally entitled to do so under applicable law. Konesko does not transfer
personal data outside the European Economic Community.
4.2.
Konesko may use authorised processors for the processing of personal
data. Authorised processors appointed by Konesko that may process personal data
in limited cases are, for example, IT service providers (server service
providers, IT software developers) or other support service providers.
4.3.
As processors, Konesko only uses collaborative partners whose
reliability is assured by Konesko and who have undertaken to process personal
data following the applicable law.
5.
USE
OF COOKIES
5.1.
Konesko’s website uses cookies. Cookies are small text files that
contain information stored on your computer and are used for tracking or
identification purposes.
5.2.
The Website uses third-party cookies. We have added videos to the
website that will be presented through the YouTube platform. You can review
YouTube’s privacy policy and terms and conditions on the website of the cookie
manager: https://www.google.com/policies/technologies/cookies/.
5.3.
Cookie
|
Description |
Validity |
Type |
YSC |
A
cookie installed on YouTube tracks the number of views of embedded videos |
Visit
session |
Third-party
cookie |
VISITOR_INFO1_LIVE |
A
cookie installed by YouTube stores user preferences when playing videos |
6
months |
Third-party
cookie |
5.4.
You have the right to disable cookies at any time by changing your web
browser settings. In this case, please note that not all functions of the web
browser may work correctly. Cookies can be disabled by following the
instructions in the “help” function of your web browser. You can also find more
information on how cookies work or how to disable cookies at www.allaboutcookies.org.
6.
USING
SECURITY CAMERAS
6.1.
Under the current law, Konesko has the right to use surveillance
equipment for the protection of persons and property. For this purpose, Konesko
uses security cameras on its territory, in connection with which we also
process personal data.
6.2.
The use of security cameras is necessary, in particular, to ensure
security on Konesko’s territory, to prevent and handle security incidents, and
to ensure the safety of Konesko’s property and people, including employees.
6.3.
The legal basis for the use of security cameras is Konesko’s legitimate interest
under Article 6 (1) (f) of the GDPR.
6.4.
The monitoring/surveillance equipment consists of cameras installed on
the territory, which record the territory around the clock (24/7).
6.5.
Security cameras have never been installed in areas where Konesko employees,
Konesko customers or other persons who may be caught in the field of view of
the security camera may expect complete privacy. For example, cameras are never
in changing rooms, toilets, etc.
6.6.
When using security cameras, a sign for using the camera is always
placed in the surveillance area of the security camera, i.e., a sign with the
image of the camera and/or the word “VIDEO SURVEILLANCE”.
6.7.
As a rule, Konesko does not transfer camera recordings to third parties,
unless Konesko is entitled or obliged to do so under applicable law. For
example, Konesko may transfer recordings to the authorities under applicable
law, if it is necessary for authorised persons under applicable law such as the
Police and Border Guard Board, to investigate offences committed or other
incidents.
6.8.
Konesko will keep the security camera recordings for 60 days after the
recording has been made, unless proceedings have been initiated during this
time to investigate an offence or other incident committed during the same
period, in connection with which it is necessary to keep the specific recording
for a longer period. A retention period of 60 days is necessary to detect or
investigate possible incidents or violations during this period. Thus,
potential damages related to the offence at Konesko will, as a rule, be
discovered up to 60 days after the infringement has occurred. In order for
Konesko to be able to take legal action against the offender in case of
infringement and to protect its rights, we must keep camera recordings for up
to 60 days after the recording has been made.
6.9.
All Konesko employees, Konesko customers or other third parties who have
been on Konesko’s premises and whose image has been recorded by Konesko have
the right to examine the recording containing his image. Konesko cannot release
a camera recording to an employee or a third party if the recording has been
deleted by the time the request for access to the recording is received. In
addition, please note that to protect the rights and interests of others who
remain on the recording, we need to change their image so that they cannot be
identified (blurring the image), which is why we cannot provide access
immediately.
7.
RIGHTS
OF THE DATA SUBJECT
7.1.
Konesko guarantees all the rights of the data subject arising from the
applicable law.
7.2.
Each data subject has, inter alia, the following rights:
7.2.1.
right of access: the right to ask at any time whether or not Konesko has personal data
about them and to receive information about what personal data Konesko
processes about them.
7.2.2.
right to rectification of personal data: the right to request Konesko to clarify or
rectify your personal data if they are inadequate, incomplete, or incorrect.
7.2.3.
right to object: the right to object to Konesko’s processing of its personal data, for
example, when the use of personal data is based on Konesko’s legitimate interest.
7.2.4.
right to request the erasure of personal data: the right to request the erasure
of personal data, for example where personal data are processed with the
consent of the data subject and the data subject has withdrawn his or her consent.
7.2.5.
right to restrict processing: the right to require Konesko to restrict the
processing of personal data based on applicable law, for example, if Konesko no
longer needs the personal data for processing or if the data subject has
objected to the processing of personal data.
7.2.6.
right to withdraw the consent given for the processing of personal data: if the processing of personal data
is based on the consent given by the data subject, the data subject has the
right to withdraw the consent given to Konesko at any time.
7.2.7.
right to data portability: the right to obtain from Konesko personal data that the data subject
has provided to Konesko and that is processed based on the data subject’s
consent or for the performance of a contract concluded with the data subject in
writing or a commonly used electronic format and, if technically possible, to
require Konesko to transfer these data to another controller.
7.2.8.
right to lodge a complaint: If the data subject considers that his or her rights have been
violated in the processing of his or her personal data, he or she always has
the right to address a claim or complaint to the Data Protection Inspectorate –
Tatari 39, 10134 Tallinn, info@aki.ee, www.aki.ee.
7.3.
The rights of the data subject listed in this chapter concerning the
processing of their personal data are not full rights. In certain cases, the
rights of other data subjects or Konesko’s legal obligations may limit the
rights of the data subject.
7.4.
To exercise the rights associated with the processing of personal data
or to submit requests related to the processing of personal data, please
contact the contact details provided in the “Contact” section below.
8.
PERSONAL
DATA SECURITY
8.1.
Konesko undertakes to ensure the security of the processing of personal
data in order to protect personal data against unintended or unauthorized
processing, disclosure, or destruction.
8.2.
Considering the latest developments in science and technology and the
costs of implementation, as well as the nature, scope, context, and purposes of
the processing of personal data, as well as the risks of varying likelihood and
magnitude for the rights and freedoms of data subjects arising from the
processing, Konesko shall implement appropriate technical and organisational
measures to ensure the security of personal data when processing personal data.
9.
CONTACT
9.1.
For questions related to the processing of personal data or submitting
requests related to the processing of personal data, please contact Konesko at
the following contact details:
The
PLC KONESKO
Aiandi Rd. 21, Viimsi municipality, Harju County 74001
info@konesko.ee
AS Konesko has the following international standards:
ISO 9001 (quality management), ISO 14001 (environmental management) and ISO 45001 (work environment management).
In addition, the metal factory has the EN ISO 3834-2 welding standard.
Konesko 2024 © | Website by Society Web Solutions