Robby&bobby OÜ is the owner of the website. Website content copyright holder is Robby&Bobby OÜ, unless stated otherwise. Use of website content in any way (also partially) is allowed with sole consent by Robby&Bobby OÜ. When consent is given, a link to every content copy of this website must be added.
Website content is informative. Owner of website does not claim the website content or content of referred webpages to be exact or complete. Website owner is not liable for information mistakes or deficiencies nor their availability.
Robby&Bobby is data processor and we are responsible for protection of your personal data.
E-mail address: email@example.com
Postal address: Pärnu mnt 148 Tallinn
Phone: +372 513 2365
2. TERMS AND DEFINITIONS
- Website – domain robbybobby.ee
- Customer – natural or legal person, who uses, has used or wishes to use our services or is in any other way related to our services
- Data subject – natural person, who can be identified according to our information and knowledge. Data subjects are for example natural persons as customers, visitors, those who submit inquiries and questions/applications, partners, representatives of customers as legal persons and employees (hereinafter as person or customer)
- Personal data – any information about identified or identifiable natural person (data subject). Identifiable natural person is a person who can be directly or indirectly identified by personal data, location data, or according to physiological, social or economic special features
- Processing – automated or non-automated actions made with personal data, like collecting, documenting, arranging, structuring, preserving, adjusting or changing, submitting inquiries, reading, using, publicizing (including forwarding, publishing or making them available in other ways), reconciling or uniting, restricting, deleting and destroying
- Controller – natural or legal person, public institution or local government, who is primary collector of personal data and who sets out the means and goals of the controlled personal data
- Authorized processor – natural or legal person, public institution or local government, who processes personal data upon the request of controller and according to the given guidance.
Due to the nature of accounting services, we are acting both as authorized processor as well as controller regarding the personal data of our employees and regarding the personal data submitted to us by our customers. As a processor, we process such data upon customer demand and according to customer instructions. Relations, rights and authorities between controller and authorized processor shall be defined, if necessary, in customer contract, considering the general liabilities under the applicable legal acts.
3. PERSONAL DATA
We process customer personal data only for the purposes set out in Personal Data Protection regulation and the Personal Data Protection Act. We process the following customer personal data:
|Person identification data
- Name and surname, contact data (Inc. place of residence, e-mail address, contact phone number), personal ID/birth data, copy of Document (Passport, ID-card), citizenship, if necessary, data due to other legal act (Inc. The Money Laundering and Terrorist Financing Prevention Act).
|Right of customer representation
- Data about connections to legal persons (i.e. data submitted by person or from public registers, representation basis or other relations for representing legal person or for making transactions in the name of legal person).
|Data related to service provision
- Personal data revealed by providing services to customer, so-called indirectly received data (i.e. customer employees, customers, suppliers and contract partners) that we process for accounting and for providing other related services and which may include the following data: name and surname, national identification code/date of birth, number of dependent family members, marital status, contact data (place of residence, e-mail address and contact phone number), residency, profession, paid fees, bank account number, customer work contracts, additional data needed for remuneration calculations (including salary calculations, miscellaneous health data, bailiff letters), service to be ordered, goods to be bought, settlements and arrears, partner/shareholder data, beneficiary data or personal data of persons related to business in other ways like investments and financial interests)
- Data, reflecting person’s actions on contracting for services and use of services, including service content, signed contracts and data for contract breach, customer communication and correspondence (payments, arrears)
- Details of bank transactions, including payer’s name, payment date, currency, sum and explanation.
- Internet data: data related to website usage, cookies, logging data and IP addresses.
We collect data in different ways:
- data submitted to us by person (i.e. by requests, applications, contract signing) and data received by communication (i.e. correspondence, phone conversations, conversations etc.)
- data disclosed in internet and on social media by the person
- data received upon payment for services
- data received from third persons – public registers, authorities
- earlier information about persona and service, recorded in our databases.
4. DATA PROCESSING PURPOSE AND BASIS
We have legal basis and interest in processing personal information of a customer or customer representative during the creation, duration and termination of cooperation and customer relationship and to maintain personally identifiable data throughout the process, including for legal purposes, lawsuits, and litigation.
We collect and process data in the following situations and purposes:
|For the purpose and on the basis of Contract performance
- service offering, making price quote for customer, pre-contractual activities, signing and executing customer contract
- customer person identification and establishing the right of representation
- arranging and recording customer communication, updating and correcting personal data
- data received during service provision, keeping records of customer works, earlier projects, time recording, processing of purchase and sales invoices
- data related to customer payment obligations, settlements, invoicing and payment collection
- filing customer claims or participating in legal proceedings.
|To fulfil a legal obligation
- due diligence, inc. prevention of money laundering and terrorist financing
- accounting and tax compliance
- mandatory notification of public authorities and response to information requests from public authorities (considering restrictions arising from law)
- forwarding personal data to processors, national or supervisory authorities
- protection of our and customer assets.
|By legitimate interest
- protecting customer and our legitimate interests to improve the quality of our services, to prove a business relationship and to enhance customer communication
- marketing activities, maintaining and developing customer relationships, including the provision of information related to the organization of customer events and training
- capturing customer events and trainings with photos and / or filming to introduce our business, products and services to customers, and to provide events of interest.
|With Customer consent
- direct promotion (i.e. promoting and offering our services by e-mail)
- data generated from website visits and usage (i.e. data about your website usage, IP address and location data).
5. ACCESS TO PERSONAL DATA AND SECURITY
We guarantee the confidentiality of personal data, required by law and secure personal data protection against unauthorized access, illegal processing or disclosure, accidental loss, alteration or destruction.
Only our legal representatives or appointed employees have access to personal data. Certain personal data can be forwarded to third person, i.e. to controller, with the purpose to fulfil contractual and legal obligations.
We arrange data exchange and storage in a secure way, using multiple personal access and identification codes and secure information channels. Therefore access for third persons is restricted and data leakage risk minimized.
6. DATA SHARING
We forward customer personal data to third persons if required by law, necessary for our work arrangements or to fulfil our legal obligations or rights or on any other legal basis. Personal data submitted to authorized processors are processed according to legal basis and only to necessary extent.
We forward personal data to the following receivers:
- Authorized processors with the purpose to arrange our works (i.e. IT-systems manager, accounting software)
- Authorities (Tax and Customs Board, Unemployment Insurance Fund, Health Insurance Fund, courts, Police and Border Guard Board, Financial Intelligence Unit, Data Protection Inspectorate)
- Legal and auditor service providers.
7. PERSONAL DATA STORAGE AND TIME
We do not process personal data longer than necessary for achieving our goals related to corresponding data, including the liability of data storage set in legal acts.
According to the abovementioned, in storing personal data we consider the following:
- accounting documents are stored for 7 years, according to accounting rules;
- data collected according to the law on the prevention of money laundering and terrorist financing are stored for 5 years;
- information received on the basis of consent is held until the consent is withdrawn.
Customer has the right to withdraw the consent at any time, by submitting a corresponding message by e-mail or according to guidance given at the newsletter footage. Consent withdrawal does not affect the legality of personal data processing prior to consent withdrawal.
8. CUSTOMER RIGHTS
In case of our arrangements of personal data protection, customer has the following rights:
- get to know information about person, if necessary, receive a copy of data
- demand corrections of outdated or incorrect data
- demand data deletion or seize of processing, if there is no more legal basis for data storage or processing and when personal data storing is no longer necessary for data processing
- demand the submission of data to third persons
- right to submit a complaint to regulatory authority.
To exercise the abovementioned rights, you need to turn to our representative. If customer suspects the false use of his personal data, our representative must be noted immediately.
9. COOKIES AND OTHER WEB TECHNOLOGIES
User can either decline the usage of cookies in his web browser or delete them, however in this case Robby & Bobby OÜ cannot ensure the correct functioning of website.
If you have questions regarding the use of personal data processing, please contact us:
E-mail address: firstname.lastname@example.org
Postal address: Pärnu mnt 148 Tallinn
Phone: +372 513 2365
10. OTHER PROVISIONS
© Robby&Bobby 2020