Data Protection Declaration (GDPR)
Please read all the terms of this Data Protection Declaration carefully before you start using services of UniTalk.
By accepting the “Terms and Conditions” of unitalk.cloud and the “Data Protection Statement”, you acknowledge that you have understood and agree to be bound by their terms.
Our company UniTalk take the protection of your personal data very seriously and strictly comply with the provisions of the General Data Protection Regulation (GDPR). General Data Protection Regulation, GDPR; Regulation (EU) 2016/679) European Union –” (Hereinafter referred to as GDPR)”.
We are committed to protecting the privacy of our customers and visitors to our website. The website uses a high degree of encryption for information sent over the Internet and information stored on its system. The following rules also describe other specific protections that we have.
Therefore, we collect and/or store your personal data only to the extent that is technically necessary and necessary for the performance of the contract. Under no circumstances the collected data will not be sold. Transfer to third parties is made only to the extent necessary to fulfill the contract – for example: to make payment transactions or invoicing.
Below are statements about how we guarantee this protection and what data is collected and for what purpose.
- 1. Name and address of the person responsible for data processing
The company responsible for the content of the General Data Protection Regulation or other data protection laws applicable in the Member States of the European Union and other provisions relating to data protection is: U.niTalk OU, registration number 16491218, registered address: Harju maakond, Tallinn, Kesklinna linnaosa, Tuukri tn 19-315,10120, hereinafter – UniTalk.
- 2. Data processing for the purpose of fulfilling the contract
UniTalk collects and stores only personal data necessary for the provision of services and the performance of a contract with you and for payment.
- Full name and/or company name
- Postal address, proof of address
- Phone number (personal, corporate for legal entities)
- Passport data and/or company registration data
- IP address
- e-mail address
- metadata (cookies)
- details for issuing an invoice for payment
We assure you that your aforementioned data will only be used by us for the performance of the contract. The transfer takes place only if it is necessary for the performance of the contract and the provision of services, as well as for payment purposes.
The data will only be used for advertising, customer consultation or marketing purposes if you have given your express consent and this is necessary.
- 3. Data processing on this website
When you visit our website www.unitalk.cloud, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and is retained until it is automatically deleted:
- Browser type/version
- used operating system
- Referral URL (previously visited page)
- IP address of the accessing computer
- Server request time
This data is processed by us for the following purposes :
- Ensuring smooth connection setup
- Assessment of system security and stability
- for other administrative purposes.
- 4. SSL Encryption
When you visit our website, we use the widely used SSL (Secure Socket Layer) method due to the highest level of encryption your browser supports. We also use appropriate technical and organizational security measures to protect your data from accidental or intentional manipulation, partial or total loss, destruction or unauthorized access by third parties. Our security measures are constantly being improved in line with technological developments.
- 5. Cookies
The data processed by cookies is necessary for the purposes indicated to protect our legitimate interests and those of third parties in accordance with article 6 paragraph 1, subparagraph (f) of the GDPR.
Most browsers automatically accept cookies. However, you can set your browser so that no cookies are stored on your computer or so that a message is always displayed before a new cookie is created. However, completely deactivating cookies may mean that you may not be able to use all the features of our website.
- 6. Site tracking
Our websites use Google Analytics, a web analytics service provided by Google Inc. («Google»), Google Ads, Hotjar, Facebook Pixel.
Google Analytics uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of the use of the website. The information generated by the cookie about your use of this website (including your anonymized IP address) is transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, to compile reports on website activity for website operators, and to provide other services related to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law or where third parties process the data on Google’s behalf. Under no circumstances will Google associate your IP address with other data held by Google. You can prevent the installation of cookies by setting the appropriate browser software;
Google is a certified company under the EU-US Privacy Shield. In accordance with the Decision of the European Commission of July 12, 2016, the USA level of personal data protection was confirmed (compliance decision, art. 45 GDPR)
The tracking measures listed above and used by us are carried out on the basis of Article 6 paragraph 1 subparagraph (f) of the GDPR. By taking tracking measures, we want to ensure needs-based design and continuous optimization of our website. On the other hand, we use tracking measures to statistically record the use of our website and evaluate it in order to optimize our offer for you. These interests are to be considered legitimate within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the respective tracking tools.
- 7. Use of social media plugins
We use social plugins (“plugins”) from the social networks facebook.com, twitter.com, Google My Businesson our website on the basis of article 6 paragraph 1, subparagraph (f) of the GDPR to report it. The main advertising purpose should be considered as a legitimate interest within the meaning of the GDPR. Responsibility for data protection-compliant work is guaranteed by the respective providers. We integrate these plugins using the so-called two-click method in order to better protect our website visitors.
If you access a page on our website containing such a plug-in, your browser establishes a direct connection to the facebook.com and twitter.com servers. The content of the plug-in is transmitted directly to your browser by the respective provider and integrated into the page.
By integrating the plug-ins, the providers receive the information that your browser has landed on the respective page of our website, even if you do not have a profile on the respective social network or are not logged in. This information (including the IP address) is transmitted directly from your browser to the server of the respective provider and stored there.
If you are logged into one of the social networks, the providers can directly assign a visit to our site to your profile on facebook.com and twitter.com. If you interact with the plug-ins, for example by clicking the “Like” button, the relevant information is also transmitted directly to the provider’s server and stored there. The information is also published on the social network and displayed to your contacts there.
The purpose and scope of the data collection, as well as the further processing and use of the data by the providers, as well as your rights in this regard and the settings for protecting your privacy, can be found in the information on the protection of personal data of the providers.
If you do not want facebook.com or twitter.com to display the data collected through our website directly on your profile on the respective social network, you must log out of the respective network before visiting our website.
- 8. Deletion and blocking of personal data
UniTalk processes and stores personal data of the customer (user, subscriber) only for the period of time necessary to achieve the purpose of storage or if it is provided for by laws or regulations.
If the purpose of storage no longer applies or if the storage period ends, personal data will be blocked or deleted in accordance with legal provisions.
- 9. Legal basis for the processing of personal data
- Insofar as we obtain the consent of the data subject to the processing of personal data, article 6 (1) paragraph 1 lit. (a) of the GDPR is the legal basis for the processing of personal data.
- article 6 (1) paragraph 1, subparagraph (b) of the GDPR is the legal basis for the processing of personal data necessary for the performance of a contract to which the data subject is a party. This also applies to processing operations necessary for the implementation of pre-contractual measures.
- article 6 (1) paragraph 1, subparagraph (c) of the GDPR is the legal basis for the processing of personal data necessary for the fulfillment of legal obligations, to which our company is subject
- article 6 (1) paragraph 1, subparagraph (d) of the GDPR is the legal basis in the event that the vital interests of the data subject or another natural person require the processing of personal data.
- article 6 (1) paragraph 1 subparagraph (f) of the GDPR is the legal basis if the processing is necessary to protect the legitimate interests of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not override the overriding interests.
- 10. You can contact us at the specified email address email@example.com. In this case, personal user data transmitted by e-mail will be saved. In this context, the data will not be passed on to third parties. The data is only used to process the communication.
The legal basis for the processing of personal data transmitted when sending an e-mail is article 6 paragraph 1 subparagraph (f) of the GDPR. If the e-mail contact is directed to the conclusion of a contract, the additional legal basis for processing is article 6 paragraph 1 subparagraph (b) of the GDPR.
The processing of personal data from e-mail serves us exclusively to process the user’s request. This also includes the necessary legitimate interest in data processing.
The data will be deleted as soon as they are no longer necessary to achieve the purposes for which they were collected. For personal data sent by e-mail, this is the moment when the corresponding conversation with the user ended. The conversation ends when it can be concluded from its content that the facts in question have been finally clarified.
The user may at any time withdraw his consent to the processing of personal data. If the user contacts us by email firstname.lastname@example.org, he may object to the storage of his personal data at any time. In this case, the conversation cannot be continued. All personal data saved when establishing a contact will be deleted in this case.
- 11. Cooperation with processors and third parties
If, as part of our processing, we transfer data to other persons and companies (contract processors or third parties) or otherwise provide them with access to the data, this is done only on the basis of legal permission. You agree that in order to process the contractual relationship with you, we have a legitimate interest in the transfer of data (for example, when using agents, web hosts, etc.). If we commission third parties to process data on the basis of a so-called “order processing contract”, this is done on the basis of article 28 GDPR.
- 12. Company social media profiles
We manage company profiles on social networks and platforms in order to communicate with customers, stakeholders and users active there and be able to inform them about our services there. During the transition to the respective networks and platforms, the conditions and data processing rules of the respective operators apply.
Unless otherwise stated in our data protection declaration, we process user data if they communicate with us on social networks and platforms, such as posting notices about our online presence or sending us messages.
- 13. Our website is for adults only
Persons under the age of 18 should not provide us with any personal data without the consent of their parents or guardians. We consciously do not collect personal information from children.
- 14. Links to third party websites
The UniTalk offer may contain links to websites of other providers. Since UniTalk has no influence on these websites, we recommend that you inquire about the privacy information that may be available there. UniTalk is not responsible for the content of the sites it links to.
- 15. Your rights
If you provide personal data, you are a data subject under the GDPR and you have such rights in relation to the person responsible for the processing of personal data of UniTalk.
15.1 Right to information
You can ask the person responsible for confirmation of whether we are processing personal data concerning you.
If there is such processing, you can request information from the person responsible for the following information:
(1) the purposes for which personal data are processed;
(2) categories of processed personal data;
(3) recipients or categories of recipients to whom your personal data has been and will be disclosed;
(4) the planned duration of the storage of personal data concerning you or, if specific information on this matter is not possible, the criteria for determining the duration of storage;
(5) the existence of a right to rectification or deletion of your personal data, a right to restrict processing by the person responsible or a right to object to such processing;
(6) the right to appeal to the supervisory authority;
(7) all available information about the origin of the data, if the personal data is not collected from the data subject;
(8) availability of automated decision-making, including profiling in accordance with art. 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic and scope involved and the intended consequences of such processing for the data subject.
You have the right to request information about whether your personal data is transferred to a third country or international organization. In this context, you may be asked to inform you of the relevant guarantees pursuant to article 46 of the GDPR in connection with the transfer.
15.2. Right to rectification
You have the right to rectification and/or completion by the person responsible if the processed personal data concerning you is incorrect or incomplete. Responsible person must correct immediately
15.3. The right to restrict processing
You can submit a request to restrict the processing of your personal data under the following conditions:
(1) if you contest the accuracy of personal data relating to you within a period allowing the controller to verify the accuracy of the personal data;
(2) processing is illegal, and you refuse to delete personal data, and, instead, ask to limit the use of personal data;
(3) the responsible person no longer needs the personal data for the purposes of the processing, but they are needed for the assertion, exercise or defense of legal claims, or
(4) if you have filed an objection to processing pursuant to art. 21(1) GDPR pending a review as to whether the legitimate grounds of the person responsible outweigh the legitimate interests of the data subject.
If the processing of your personal data has been restricted, these data, other than their storage, may only be used with your consent or for the assertion, exercise or defense of legal claims or for the defense of the rights of another natural or legal person or for the processing of data in an important public interest of the European Union or member state.
If restrictions on processing have been restricted in accordance with the above conditions, the person responsible will notify you of the removal of the restriction.
15.4. Right to erasure
a) Duty to remove
You can ask the responsible person to delete your personal data immediately, and the responsible person is obliged to delete this data immediately if one of the following reasons applies:
(1)The personal data relating to you is no longer required for the purposes for which it was collected or otherwise processed.
(2) You withdraw your consent on which the processing was based pursuant to article 6, paragraph 1, subparagraph (a) or article 9, paragraph 2, subparagraph (a) of the GDPR and there is no other legal basis for the processing.
(3) You object to processing pursuant to article 21 paragraph 1 GDPR and there are no important legitimate reasons for the processing, or you object to processing pursuant to article 21 paragraph 2 GDPR.
(4) Your personal data have been processed illegally.
(5) The deletion of personal data relating to you is necessary to fulfill a legal obligation under European Union law or the law of the Member States to which the person responsible is subject.
(6) The personal data relating to you has been collected in connection with the information society services offered in accordance with article 8 paragraph 1 GDPR.
The right to erasure does not exist if processing is necessary
(1) exercise the right to freedom of expression and information;
(2) comply with legal obligations requiring processing under the laws of the European Union or a Member State, to which the controller is subject, or to carry out tasks that are in the public interest or exercise official powers conferred on the controller;
(3) for reasons of public interest in the field of health in accordance with article 9 paragraph 2 subparagraphs (h) and (i) and article 9 paragraph 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research or for statistical purposes in accordance with art.89 paragraph 5 GDPR for the establishment, exercise or defense of legal claims.
15.5. Right to information
If you assert the right to rectification, deletion or restriction of processing against the person responsible, he must inform all recipients to whom personal data concerning you have been disclosed, about this correction or deletion of data or restriction of processing, except when this proves impossible or requires disproportionate effort.
You have the right to receive information about these recipients from the person in charge.
15.6. Right to object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data based on article 6, paragraph 1, subparagraph (e) or (f) GDPR; this also applies to profiling based on these provisions.
The controller no longer processes personal data that concerns you, unless it can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.
If personal data relating to you are processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
In connection with the use of information society services, you have the possibility – notwithstanding Directive 2002/58/EC – of exercising your right to object by means of automated procedures using technical specifications.
15.7. Right to revoke the declaration of consent in accordance with data protection law
You have the right to revoke the declaration of consent at any time in accordance with data protection law. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent until the withdrawal.
15.8 Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State where you reside or where your place of work is or the location of the likely violation, if you believe that the processing of your personal data violates the provisions of the GDPR.
The supervisory authority with which the complaint has been lodged will notify the complainant of the status and outcome of the complaint, including the possibility of judicial remedy in accordance with article 78 of the GDPR.
- 16. Timeliness of the data protection declaration
This right to data protection is currently valid and effective from june 1st 2022 year. Due to the further development of our website and offerings, or due to changed legal or official requirements, it may be necessary to change this data protection declaration. You can print the current data protection declaration at any time from unitalk.cloud.