WISECOUNTER OÜ PRIVACY POLICY

Wisecounter OÜ (hereinafter referred to as "Wisecounter", "we" or "our") complies with the requirements and principles set out in this privacy policy. For Wisecounter, the privacy of individuals and the protection of personal data are important, and that is why we have developed this privacy policy, which sets out the purposes and conditions of personal data processing and the rights of data subjects related to personal data. We consider it important to keep personal data confidential and protect it, and we ensure the legality of personal data processing. The privacy policy covers the processing of personal data by Wisecounter, including the processing of personal data on the websites www.wisecounter.ee, www.wisecounter.se, www.wisecounter.fi, www.wisecounter.lv and www.wisecounter.eu 

1. Definitions

1.1. Personal data - any identified or non-identified information about a natural person, or "data subject". An identifiable natural person is a person who can be directly or indirectly identified, in particular on the basis of identification features such as name, personal identification number, location information, network identifier or on the basis of one or more physical, physiological, genetic, mental, economic, cultural or social characteristics of that natural person.

1.2. Processing of personal data - an automated or non-automated operation or set of operations performed on personal data or their collections, such as collection, documentation, arrangement, structuring, storage, adaptation and modification, querying, reading, use, disclosure by transmission, distribution or otherwise making available, reconciliation or combining, limiting, erasing or destroying.

1.3. Data controller – natural or legal person, public sector or local government institution, which is the primary collector of personal data. The controller determines the purposes and means of personal data processing.

1.4. Authorized processor – a natural or legal person, public sector or local government institution, which processes personal data on behalf of the responsible processor and on the basis of his instructions.

1.5. Third party – natural or legal person, public sector or local government institution, agency or body.

1.6. Personal Data Breach - A breach of requirements that results in the accidental or unlawful destruction, loss, alteration or unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed.

1.7. Data subject – a person whose personal data is processed (for example, a natural person customer, website user or customer contact person).

2. Principles

2.1. Wisecounter and the persons processing personal data on our behalf are based on the following principles of personal data processing:

2.1.1. principle of legality, fairness and transparency - processing is legal, fair and transparent to the data subject.

2.1.2. the principle of purpose limitation – personal data are collected accurately and for specified and legitimate purposes and are not subsequently processed in a way that is inconsistent with these purposes.

2.1.3. the principle of collecting as little data as possible - personal data are relevant, important and limited to what is necessary for the purpose of their processing.

2.1.4. principle of correctness - personal data are correct and, if necessary, updated, and all reasonable measures are taken to delete or correct personal data that are incorrect from the point of view of the purpose of the processing without delay.

2.1.5. the principle of storage limitation - personal data is stored in a form that allows data subjects to be identified only as long as it is necessary to fulfil the purpose for which personal data is processed.

2.1.6. principle of reliability and confidentiality - personal data is processed in a way that ensures appropriate security of personal data, including protection against unauthorized or illegal processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.

3. Security of personal data processing

3.1. Wisecounter implements various organizational, physical and information technology security measures for the protection of personal data based on the principle of reasonableness, which takes into account the size of the risk when implementing the measures.

3.2. Wisecounter has implemented measures to ensure the security of personal data processing, which include the protection of employees, information, IT infrastructure, internal and public networks, as well as office buildings and technical equipment.

3.3. Wisecounter ensures that persons exposed to personal data have received appropriate instructions for their secure processing.

3.4. Wisecounter understands the importance of ensuring the security of personal data processing, which is why it applies all appropriate administrative and technological security measures necessary for data security to the processing of personal data.

3.5. Wisecounter may use authorized processors to process personal data in certain cases. Wisecounter ensures that authorized processors process personal data in accordance with our instructions and in accordance with applicable law and implement appropriate security measures.

4. Legal basis for personal data processing

4.1. Wisecounter processes personal data to fulfil and ensure fulfilment of the concluded contract, to fulfil a legal obligation, in case of legitimate interest or on the basis of the data subject's consent.

4.1.1. The processing of personal data to fulfil and ensure the performance of the contract applies if we allow the result stipulated in the contract, to which the rights and obligations of the contracting parties are also related, and this cannot be achieved by avoiding the processing of personalized personal data.

4.1.2. The processing of personal data carried out in order to fulfil the obligations arising from the law takes place in the case that Wisecounter is obliged to process personal data because the company is required to do so by the applicable law, for example the Employment Contracts Act, the Act on the Money Laundering and Terrorist Financing Prevention Act, the Auditors Activities Act or the Accounting Act.

4.1.3. Legitimate interest as the legal basis for processing personal data means that, primarily for the purpose of providing a higher quality service and promoting business, we process the data subject's personal data, keeping in mind the data subject's basic rights and freedoms. When processing personal data on the basis of legitimate interest, it is important to ensure proportionality between Wisecounter's legitimate interest and the rights of the data subject. In order to identify a legitimate interest, Wisecounter goes through a three-step test: an interest check, e.g. purpose test, a necessity test and a balance test.

4.1.4. When processing personal data on the basis of consent, we process personal data only with the informed consent of the data subject within the scope of specific purposes. The data subject gives consent to the processing of personal data for the notified purposes voluntarily, specifically, knowingly and unambiguously, for example by ticking a box.

5. Responsible or authorized processor and data collection

5.1. Wisecounter is the responsible or authorized processor of personal data in various personal data processing processes, and Wisecounter follows the principles of ensuring the confidentiality of personal data and discloses personal data only to a strictly limited extent in order to ensure the privacy rights of individuals.

5.2. Only persons authorized by Wisecounter have access to change and process personal data.

5.3. Wisecounter processes personal data received directly from the data subject (i.e. the person who has disclosed the personal data to us) or indirectly through a client who is a legal entity. Personal data obtained indirectly, without the participation of the data subject, is processed by Wisecounter only if we need to process said data to provide a service, such as accounting payroll, to a legal entity client.

6. Types of personal data

6.1. Personal data: first and last name, personal identification number.

6.2. Contact information: e-mail address, contact telephone number, postal address (residential address).

6.3. Indirectly received personal data that we process in the course of providing accounting services or consulting services may include, among other things: first and last name, social security code, e-mail address, contact telephone number, postal address (residential address), salary data, bank account number, data of company partners, owners and beneficiaries’ data.

6.4. Internet data: session data, cookies, website log data and IP addresses.

7. Purposes of personal data processing

7.1. The purpose of personal data processing specified in point 6 of this Privacy Policy is:

7.1.1. provision of accounting services in accordance with the Accounting Act and other legislation;

7.1.2. provision of tax, legal and other consulting services;

7.1.3. sending newsletters and conducting customer satisfaction surveys;

7.1.4. processing of purchase and sales invoices;

7.1.5. fulfilment of the requirements arising from the current legislation.

8. Storage of personal data

8.1. Wisecounter stores personal data in a form that allows data subjects to be identified only for as long as it is necessary to fulfil the purpose for which personal data is processed, unless Wisecounter has a legal requirement that stipulates different personal data storage terms:

8.1.1. accounting documents must be kept for 7 years based on the Accounting Act;

8.1.2. data collected on the basis of the Money Laundering and Terrorist Financing Prevention Act is stored for 5 years after the end of the business relationship.

8.2. Wisecounter stores other data until the end of the retention period specified in the company's personal data processing register.

8.3. Wisecounter securely destroys and/or deletes all personal data for which there is no purpose for retention or the retention period has expired.

9. Third parties and authorized processors

9.1. Wisecounter may transfer personal data, limited to strictly necessary purposes, to third parties and authorized processors for the following purposes:

9.1.1. for issuing sales invoices;

9.1.2. to maintain the customer's database;

9.1.3. cooperation partners to provide better quality service to customers.

9.2. Despite the access restriction, Wisecounter issues the document to an institution or person who has a direct legal right to request it (e.g. pre-trial proceedings, court, supervisory authority, etc.).

10. Rights of the data subject

10.1 The data subject has the right to receive information about the processing of his/her personal data. Regarding the processing of personal data, it is possible to receive a written request from Wisecounter by submitting information via e-mail to info@wisecounter.ee

10.1.1. When a person submits a request for personal data, Wisecounter must make sure that it is the person who has the right to receive the corresponding data. Therefore, the data requester must, if necessary, prove his/her identity or the right to request data.

10.2. The data subject has the right to request data deletion of personal data if the processing of personal data takes place on the basis of consent, and the data controller must do so at his/her request.

10.3. The data subject has the right to make inquiries about the personal data concerning him/her that he/she has submitted to Wisecounter.

10.4. The data subject has the right to restrict the processing of personal data.

10.5. In certain cases, the data subject has the right to receive the personal data in a machine-readable form with him or to transfer it to another responsible employee.

10.6. The data subject has the right to submit a complaint about the processing of personal data to the Data Protection Inspectorate.

11. Cookies

11.1. A cookie is a small text file that is automatically saved by the web browser on the device used by the person.

11.2. The websites www.wisecounter.ee, www.wisecounter.se, www.wisecounter.fi, www.wisecounter.lv and www.wisecounter.eu managed by Wisecounter OÜ use cookies to monitor the operation of the website, to make the user experience on the websites more comfortable and smoother, and for remarketing.

11.3. In addition, we use cookies to collect anonymous and generalized statistics about the number of visitors to the website, information about how the website is used, in order to make the website even more user-friendly and better.

11.4. The websites www.wisecounter.ee, www.wisecounter.se, www.wisecounter.fi, www.wisecounter.lv and www.wisecounter.eu managed by Wisecounter OÜ use the following cookies:

11.4.1. Facebook Pixel cookies for directing advertising through Facebook and for analysing the advertising flow, which leads to the monitoring of a person's web traffic by Facebook.

11.4.2. Google Analytics cookies for directing advertising through Google and for analysing the advertising flow, which leads to the monitoring of a person's web traffic by Google.

11.4.3. LinkedIn Insight Tag cookies to direct advertising through LinkedIn and to analyse the advertising flow, which leads to the tracking of a person's web traffic by LinkedIn.

11.4.4. All the aforementioned cookies collect information anonymously.

11.5 By not agreeing to the use of cookies, it is possible to block the cookies stored on the device. For this, the corresponding settings of the web browser must be changed. If cookies are not used, websites may not work correctly and all services may not be available.

11.5.1. At the same time, the person can easily remove existing cookies from the web browser settings or even reset the web browser to remove all stored cookies. Read more about managing and deleting cookies on the following page: http://allaboutcookies.org 

12. Changes to the Privacy Policy

12.1 Personal privacy is important to Wisecounter, which is why Wisecounter regularly updates this privacy policy. The most up-to-date version of the privacy policy is always published on the website.

13. Contact

13.1. For all questions, concerns or suggestions regarding the processing of personal data, you can contact the data controller at the following contacts:

Wisecounter OÜ

Valukoja 8/2, D-building, 12th floor

Tallinn 11415

info@wisecounter.ee