Privacy Policy
Last updated: 25 August 2023
This Privacy Policy describes how Crespect OÜ (a company incorporated under Estonian law with registry code 16557621 and registered address at Ülikooli st. 6a, Tartu, 51003, Estonia; hereinafter “Crespect”, “we”, “us” or “our”) collects, uses or otherwise processes and safeguards information relating to individuals who visit our web portal accessible at www.crespect.com and with whom we otherwise interact. The controller of your personal data is Crespect OÜ. You can contact us by e-mail at info@crespect.com.
Crespect is responsible for ensuring that your personal data is processed in accordance with this Privacy Policy and applicable personal data protection laws, in particular with the General Data Processing Regulation (EU) 2016/679.
Please note that this Privacy Policy does not apply to the extent we collect and process personal data in the role of a processor or service provider on behalf of our clients, including where we provide our clients Crespect’s integrated software solutions and applications [KŠ|C1] through which our clients (or their affiliates) process personal data by using our platforms. We do not have direct relationship with the individuals whose personal data we may process on behalf of our clients. Each client is responsible for providing notice to its individuals concerning the purpose for which our client collects their personal data and how this data is processed.
1. Personal data we collect and how we use it
In this Privacy Policy, “personal data” is defined as any information relating to an identified or identifiable natural person. We usually collect personal data when users interact with our web portal. The data we collect depends on the context of your interactions with Crespect and the choices you make (including your cookie settings), the exact features you use, and applicable personal data protection law.
1.1. Interactions with our web portal
Crespect is constantly improving its web portal, and aims to make using it as easy as possible. For this purpose, we need to know what information is most relevant to the users, how often they connect, what browser and device they use, how they navigate, what region visitors come from, and similar demographics and statistics.
As you navigate through our web portal, certain information can be collected without you actively providing the information using various technologies, such as cookies, Internet tags or web beacons, and navigational data collection (log files, server logs, clickstream, website scripts). Your internet browser or mobile device automatically transmits some of this information, such as the URL of the website you browse or just came from and the Internet Protocol (IP) address and the browser version your computer or mobile device is currently using; the date and time you access our web portal; and the features that you use during the visit and/or access. Crespect collects this information by using an automated tool called Google Analytics.
Crespect uses this data on the basis of our legitimate interest as a business in improving our understanding of our visitors’ and clients’ needs and preferences in order to constantly enhance our web portal, improve access to content that Crespect publishes and to ensure the technical availability and security of our web portal.
1.2. Direct marketing of Crespect’s products and services
Crespect may send you offers and other marketing materials regarding the Crespect’s integrated software solutions and applications with the purpose of advertising our products and services (including to establish client relationships for providing clients our integrated software solutions and applications as a service). In such a case, we may process your personal data, such as your name, job title, company name, phone number and email address. You may object to receiving such offers and marketing materials every time that marketing is sent to you.
We collect this information when you exchange business cards with us at meetings or events, or when you provide your contacts to sign up for any Crespect-related events. We may also collect this information if you subscribe to receive e-mail communication from us on our web portal and you consent to receive such marketing materials (including newsletters).
In some circumstances, we may also collect, or our partners provide us with, publicly available information which may contain personal data that you have published (such as on LinkedIn) or that has been made available online and contains information about you (such as news articles). The way in which our partners collect this is detailed in their own privacy policies, available on their websites. In such a case, Crespect only sends marketing communication by email and tries to limit the list of addressees only to those who may be most interested in the message.
Crespect uses this data on the basis of our legitimate interest as a business in establishing client relationships by marketing our products and services, such as our integrated software solutions and applications, and by maintaining a business relationship with the companies you represent. Where applicable, we may also use this data on the basis of your prior consent, such as when you subscribe to receive e-mail communications from us on our web portal. In such a case, you have the right to withdraw your consent receive direct marketing materials at any time by contacting us at info@crespect.com. You also may disagree (opt-out) with use of your personal data for direct marketing at any time by clicking “unsubscribe” in the message you receive from us.
1.3. Establishing and managing contractual relationships
For the purposes of establishing a contractual relationship, such as concluding a contract for the use of Crespect’s applications or integrated software solutions as a service, and, if applicable, the required non-disclosure agreement, we may process your personal data as a company’s representative or an authorised signee. Moreover, we may process such data, including your personal data as a company’s employee for managing client databases and relationships and for conducting client satisfaction surveys about Crespect’s provided products and services.
Crespect uses this data on the basis of our legitimate interest for enabling the conclusion of a contract on behalf of a legal person you represent. Concerning the management of contractual relationship (including the client satisfaction surveys), we use this data on the basis of our legitimate interest as a business in improving our products and services.
1.4. Inquiries and customer support
If you express an interest in obtaining any additional information (including to request demo of our integrated software solutions and applications) by contacting us with an enquiry through our web portal and/or via other means (e.g. by phone or e-mail), we will process your contact details and content of your inquiry and/or request for support.
Crespect uses this data on the basis of our legitimate interest to respond to enquiries about us and/or requests for support concerning our web portal, applications or integrated software solutions. Where applicable, we may also use this data on the basis of your prior consent.
1.5. Establishing, exercising and defending any potential legal claims
If necessary, we may also process your personal data in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of information in connection with government agency requests, legal process or litigation) on the basis of our legitimate interest for establishing, exercising and defending any potential legal claims.
1.6. Cookies
What are cookies?
A cookie is a small text file that our web portal saves on your computer or mobile device when you visit and use our web portal. A cookie enables the web portal to remember your actions and preferences ‒ such as login, language, font size and other display preferences ‒ over a period, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
What cookies do we use?
Crespect uses cookies to collect your IP address and browsing information, such as the websites you have visited or time you have spent on each page and allow Crespect to remember your system and preferences.
Other cookies allow us to track Crespect traffic and users’ interaction with our web portal – we use these data to analyse users’ behaviour and to improve the user’s experience.
Cookies allow us to:
- give you a better user experience when you visit and use our web portal;
- allow you to set personal preferences;
- create statistical information about the use our web portal;
- and to measure the effectiveness of advertising.
We use the following categories of cookies:
Functional cookies
These cookies are essential in order to enable you to move around Crespect’s technological solutions and use their features on our web portal. For example, functional cookies are used to remember your site preferences and choices you make on our web portal.
Performance cookies
These cookies collect anonymous statistical information on how people use our web portal. For example, performance cookies may help us understand how users browse or use our web portal and highlight areas that are used the most. Performance cookies are stored and used on your device only on the basis of your consent.
Targeted advertising cookies
These cookies collect information about your browsing habits. They are used to make advertising more relevant to you and your interests. The cookies are usually placed by third party advertising networks to create information about your interests through your online behaviour. Targeted advertising cookies are stored and used on your device only on the basis of your consent.
How long are cookies retained on my device?
The storage time for cookies on your device is divided into two categories.
Session cookies
Session cookies are set per session, meaning that they last until you close your browser. Session cookies are not stored on the hard drive of your device.
Persistent cookies
Persistent cookies are stored on your hard drive until you delete them or they reach their expiry date. We will not store cookie information from persistent cookies for longer than a maximum of 2 years.
Cookies are placed on your device only if you provide your consent, unless cookies are required for strictly technical functioning of our web portal. However, note that if you do not consent to the use of cookies, certain functions of our web portal may not function properly or may not function at all.
Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control.
How to control cookies?
You can control and/or delete cookies as you wish – see www.youronlinechoices.com for more details. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.
2. Disclosure and transfer of personal data
We put our best efforts to keep your data safe and always require a high level of security and confidentiality from our employees and partners.
We may share certain categories of your personal data:
- with our trusted services providers when they provide services to us or to you on behalf of us and under our instructions, such as cloud-based service providers, legal service providers, accounting service providers, etc. We will control and shall remain responsible for the use of your personal data at all times;
- with our partners, who provide us with tools for analytics (who may access statistical browsing data);
- with our clients, when we collect data as processors on behalf or at the direction of our clients.
- to public authorities if we are required to disclose personal data by law or to comply with a lawful request of authorities;
- in relation to a merger, acquisition or sale of our business or its part(s).
As a rule, we do not transfer your personal data outside of the European Economic Area. However, if we do so, we use adequate safeguards to protect your personal data, such as the standard contractual clauses for transfers established by the European Commission. You can contact us to get more information about the transfers of your personal data at: info@crespect.com.
3. Retention of your personal data
We process your personal data only for as long as necessary for the fulfilment of the original purposes of personal data processing, which are described above, or as long as required to fulfil our legal obligations. We determine the appropriate retention period for personal data on the basis of the amount, nature, and sensitivity of the personal data being processed, the potential risk of harm from unauthorised use or disclosure of the personal data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation).
When the retention of your personal data is no longer necessary to achieve the purposes of processing, your data will be permanently removed, unless you instruct us otherwise and we agree on the terms on longer storage of your data.
4. Your rights
By contacting us at info@crespect.com you may exercise your rights as the data subject, including the following:
- You may request access to your personal data;
- To the extent allowed under applicable law, you may request us to correct, update, change or remove your personal data. In some cases you may also have a right to object to processing of your personal data;
- If you request the erasure of your personal data, please note that certain information is strictly necessary in order to fulfil the purposes defined in this Privacy Policy and may also be required by law. If personal data is erased under your request, we will only retain such copies of the information as are necessary for us to protect our or third parties’ legitimate interests, comply with governmental orders, resolve disputes, troubleshoot problems, or enforce any agreement you have entered into with us. Thus, such personal data may not be erased;
- You may withdraw your consent regarding processing of personal data, where the legal basis for processing is your consent. Please note that withdrawal of consent does not affect the lawfulness of the processing of personal data carried out on the basis of consent before withdrawal; and
- You may use your right to data portability. In some cases we may limit or deny your request if we are required or permitted by law to do so, e.g. if it is necessary for the purpose of our legitimate interest to protect our trade secrets or any other confidential information.
We will respond to your requests and to provide you with additional privacy-related information within the timeframes specified in applicable personal data protection law. Please note that we may ask you for additional information to adequately verify your identity before actioning your request to exercise your rights as a data subject.
If you are not satisfied with our response or have a concern that your privacy rights have been infringed, you have the right to lodge a complaint with your local supervisory authority. List and contact details of European supervisory authorities can be found here.
5. Security measures
We use reasonable security measures (including physical, electronic and administrative) to protect your personal data from loss, destruction, misuse and unauthorised access or disclosure. For example, we only grant access to your personal data to authorised employees and contractors who need it to perform their duties.
Please note that no method of transmission over the Internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal data from loss, destruction, unauthorised access, misuse, or disclosure, we cannot fully guarantee the security of your personal data.
6. Updates
From time to time, we may update this Privacy Policy in order to adapt it to any updates that might arise. In case of making any substantial update, we will notify you via the e-mail that you have communicated us. This Privacy Policy was last updated as of the “Last updated” date indicated above.