Privacy statement
inteltarget (here and after also „we“, „us“, „our“) considers data privacy as one of their central priorities and are compliant to the requirements and guidelines of EU General Data Protection Regulation (EU GDPR) as well as further legal requirements on private data security.
This privacy statement describes in a transparent way (according to Chapter 13 and 14 GDPR) how the personal data of business process and visitors (data subjects according to Chapter 4 of EU-GDPR) of www.inteltarget.com („our website“, „this website“) are handled as well as affiliated social media profiles (twitter, LinkedIn, XING).
This privacy statement refers to the processing of personal data. Personal data is understood as all data which can identify data subjects as persons directly or indirectly according to Chapter 4 GDPR.
inteltarget OÜ implements the guidelines of data privacy and security of personal data. Data access is limited and takes all the technical (access authorizations, encryption, etc.) and organizational (personal trainings, authorization concept) measures according to temporary security standards to prevent misuse, forwarding, proliferation or loss of personal data.
We reserve the right to update and adjust privacy statement according to the temporary legal requirements and privacy guidelines or as a result of enhancement of website functionalities or introduction, adjustment or cancellation of services on our website.
The state of the privacy statement is indicated at the end of the present statement. Consequently, we recommend you to check the stand of our data privacy regular to be updated.
The terminology used in the present data privacy like data subject, controller, personal data, processing etc. refers to the definitions of Chapter 4 GDPR.
While Chapter I describes handling of personal data while contacting, acquisition, provision of services or contracting, Chapter II introduces which information are collected, saved and processed on the website www.inteltarget.com.
I. Processing of personal data (Chapter 13, 14 GDPR)
- Controller
Controller in sense of Chapter 4. / 7 GDPR for the processing of personal data is:
inteltarget OÜ
Pärnu mnt 158-88
11317 Tallinn
Estonia
e-mail: info@inteltarget.com
In case of any questions, explanations, requests, inquiries or complaints regarding the private sphere please contact us under the e-mail or postal address.
- Which personal data are processed
We process following categories of personal data as part of our business operations and ordinary service fulfillment as well as preparation of business relations as well as data received from third parties according to legal guidelines:
a) Generic technical data
- Version and type of browser used
- Operational system used
- Mobile Device ID
- Date and time of access
- Web-Analysis date (Cookie-ID, Ad-ID, etc.)
- Reference URL (URL from which data subjects came to our website)
b) Data collected during business relations (like ordering and contracting) which are needed for ordinary service providing
- Personal master data (first name, surname)
- Communication data (e-mail, Social Media profiles, phone, mobile phone, postal address)
- Contractual and company relations (position on vendor, customer or partner side)
- Bank, order and payment data. Mostly company and not personal data.
Our website provides no membership area so there is no need for our visitors to register themselves.
c) Sensible data
We generally do not collect sensible data if they are not provided nor disclosed voluntary to us or they were not made public or if they are not required for fulfillment of legal obligations or processing or exercise of legal claims.
d) Cookies
Collection and processing of cookies is described in Chapter 12.
e) Google Analytics
Collection and processing of data for Google Analytics is described in Chapter 13.
- Objectives of collection and processing of personal data
In general your personal data can be collected exclusively for the following objectives and not forwarded to the third parties for other objectives than following. Hereafter are the legal basics for the processing:
a) Fulfillment of contractual and pre-contractual obligations (Chapter 6 § 1)
The subject are the informations listed in the Chapter 2, which are required for service provision
b) Fulfillment of legal guidelines
In case of fulfillment of legal guidelines according to Chapter 6 § 1 c GDPR as well as requirements of proper invoicing and reporting and accounting
c) Safeguarding of justified interests during operational business and service provision
inteltarget OÜ collects during their business operations also personal data especially if there is a justified interest to keep them if they are required for provision of services, acquisition of new and growing of existing business contacts (In this case the justification is also to be referred according to Chapter 6 § 1f GDPR)
- Analysis of interests of data subjects for content of our online offering with the goal to optimize and place these offerings more efficiently
- Analysis of using (user experience) and measurement of reach as well as efficiency of marketing activities
- Statistical and not personal analysis of the website usage
- Customer journey analysis for improvement of customer experience and website usage
- Communication and contact with data subject, prospects and customers
d) Consent of data subjects
Data received on the consent of data subjects
- Legal basics of processing
The processing of personal data is based on the principles of Chapter 5 GDPR
- Data disclosure
Personal data can be disclosed for the objectives listed in Chapter 2 to the following categories of recipients and safeguarding of legal secrecy obligations:
- Authorized employees of inteltarget OÜ who has special access (according to authorization concept)
- Authorities, courts and other in Estonia and abroad so far it is required
- IT providers (like hosting providers) so far it is required for the fulfillment
- European and non-European partners of inteltarget OÜ explicit consent of data subject and only in cases where it is required by service provision and preparations (e.g. expertise of foreign partners). The required data security level is secured contractually according to Chapter 46 § 2c GDPR
- Legal principles for transfer of personal data to third parties
A transfer of personal data to third parties for other objectives than listed in Chapter 2 can only take place when:
- There is an explicit consent from data subject available, e.g. as a visitor of our website
- Data transfer is required for the execution of contract between the data subject and the controller, for the processing of a concern or request of the data subject or for fulfillment of (pre)contractual activities ordered by the data subject
- Data transfer is required for establishment, exercise or defense of legal claims or legal obligations
- Data transfer is needed for protection of vital interests of data subjects or other persons if the data subject is not able to give their consent for physical or legal reasons
- Data transfer is required for important reasons of public concern or for legal reasons
In general, personal data of data subjects can be only transferred to third parties if there is no reason to believe, that the data subject can or could have an interest not to transfer their data.
In case of involvement of external service providers in the fulfillment of contract the data privacy obligations will be transferred to the external service provider.
inteltarget OÜ is authorized to share not personal or anonymized as well as aggregated data with third parties for different purposes like data analysis.
- Transfer of personal data to third countries or international organizations
Transfer of collected personal data to the countries outside the European Union (EU) and the European Economic Area (EEA) is only permitted on agreement and explicit consent of the data subject or for the reasons of fulfillment of legal obligations. In relations to the service providers outside of EEA, EU and Switzerland the required level of data security is provided according to Chapter 45 ff GDPR. An exception is the technical information which can be transferred to non-EU/EAA/Swiss providers (Chapters 12, 13, 14).
- Period of storage for personal data
inteltarget fulfills the principles of data avoidance and data minimization. Hence the personal data of data subjects can be stored only for the period so long it is required for the fulfillment of objectives listed in Chapter 2, for the service provision and fulfillment of contractual obligations as well as so long as it is foreseen by legal and fiscal authorities.
Once all the legal deadlines expire or the data is no longer required for further purposes listed the personal data is deleted.
The storage periods can vary and they normally do not exceed 6 (advocates) till 10 (fiscal audits) years. Justified cases can cause longer storage periods. If there are conflicting storage periods the longer one will be applied.
Decision autonomy over the provision of personal data remains however on site of the data subject.
- Rights of data subjects
As the law stands and according to the chapters 12-23 of GDPR data subjects have following rights regarding the controller on the processing of personal data
a) Right of access by the data subject
The data subject has the right to obtain from inteltarget information at any time, which personal data are collected, stored or processed by the controller (Chapter 15 GDPR).
The right of access can be restricted in cases where further private secured information could be disclosed though such an information sharing.
b) Rectification
If personal data stored by inteltarget is not correct data subjects have the right to demand a data rectification at any time according to Chapter 16 GDPR.
Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
c) Restriction of processing
Data subjects have the right to order a restriction in processing of personal data in sense of Chapter 18 GDPR so far as they can be restricted or deleted based on legal regulations.
d) Erasure
Data subjects have the right to demand the erasure of their personal data by the controller according to the Chapter 17 GDPR if the data are not required for the objectives for which they were collected or the consent based on which they were collected does not exist anymore. In case of such request the processing of the personal data will be terminated and the information will be deleted from company’s systems and data bases.
The right to erasure can be restricted if:
- Data cannot be deleted or should be processed for legal reasons
- Data processing is required for establishment, exercise or defense of legal claims
e) Data portability
The data subject so far applicable in the sense of Chapter 20 GDPR have the right to receive their provided data in a structured, commonly used and machine-readable format or to transmit those data to another controller. This applies in cases where the data were provided to us based on consent or on a contract pursuant or the processing is carried out by automated means.
f) Revocation
Once data subject has given their consent for processing of personal data it can be revoked at any time effective from that time to future. To make use of this right you can contact us any time under info@inteltarget.com
g) Right to object
When the data processing is based on Chapter 6 §1f GDPR the data subject has the right to object at any time to processing of personal data by the controller according to Chapter 21 GDPR.
inteltarget will not process personal data anymore, unless there are compelling legitimate grounds can be demonstrated which override the interests, rights and freedoms of the data subject or for the establishment, exercise of defense of legal claims.
h) Right to appeal
The data subject can contact us under info@inteltarget.com or under a postal address given under Chapter 1 at any time with a complaint if they assume that their rights regarding data collection, processing or storage as well as their data privacy are violated or not followed properly.
Should be result not sufficient according to the guideline of Chapter 77 GDPR the responsible Data privacy authority can be contacted
II. Personal data processing on website and legal basics
- General information
You can use our online services without sending your personal data since our website does not require registration. In general we do not collect sensible data which are not disclosed to us. However there are technical information collected while visiting our website (like Cookies technology), which are required to be able to present correctly and in a performant and relevant way the content and our offering.
We would like to explicitly point out that our website is not intended for usage by children (under 13 years) or underage persons.
Browser collects and transmits automatically following information (server log files):
- IP address
- Time and date of access
- Which website was called (visited sited on our domain)
- http – Status code
- Data volume transmitted
- Reference URL from which the request was received
- Language, type and version of the browser
- Type of device
- Operational system
- Domain of the internet provider
Cookies and data for Google Analytics are collected (refer to Chapter 12, 13) which however do not identify directly the data subject.
The legal basis for the processing is Chapter 6 § 1f GDPR. Missing data can cause defects in website presentation or usage, hence there is a justified interest in collecting these informations.
The data is stored in server log files which are stored by standard no longer than 14 days.
This website is hosted by webgo GmbH in Hamburg, Germany. The collected data are stored on servers of the service provider computer center in Germany and are secured by standard data privacy guidelines and GDPR compliant.
We do not use these data to gain any insights on data subjects on personal level. The information can be evaluated statistically and anonym to optimize our web presence, offering and performance. We do not use this information for any kind of profiling or mapping with information and insights from other sources.
This technical information is used to optimize the presence of web content for the visitors a.o. for following reasons:
- Securing the connection setup for our website
- Securing of the best possible usage of our website
- Providing of system security as well as further administrative purposes
- Third-party links
Our website can contain linkages to third websites. In this case inteltarget cannot guarantee or take any responsibility for the GDPR compliance or compliance with further data privacy guidelines on these sites as well the content of these websites.
- Cookies
To optimize our web presence, we use cookies technology. Cookies are small tokens of information sent from the website via browser to the user’s computer. These files contain basic technical information about browser, operational system or time of an access. In that way, we collect information about browser activities but not directly identify data subject as a person, like if this is the first time the user visited our website or not.
Cookies can contain so called Cookie ID, which is a unique identified of a cookie.
We use two technical types of cookies, so that our website can be used without any restrictions. Second, we use analysis cookies to improve the quality of content and user experience for our prospects and customers.
You can manage your cookies settings over respective browser. In many browsers cookies are accepted automatically. So in settings every data subject can deactivate storage of cookies or they can be deleted at any time. However, we recommend to keep the cookies activated to avoid the risk that our website is presented correctly to you and its functionality is not restricted.
Cookies do not identify the data subject as a person directly. Those cookies which are not required for maintaining of website functionality are collected after an explicit consent from the data subject.
Detailed information on how cookies work can be found on http://www.aboutcookies.org/
- Google Analytics
For analytical purposes as well as to optimize our web presence on our website we use Goolge Analytics, a web analytics service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“). Google Analytics uses cookies, textfiles saved on the user’s computer which allow to analyze the usage of our website by this user. Information collected in such a way about the usage of our website are transmitted to one of the servers of Google in the USA and saved there. If IP anonymizing is activated, your IP address will be first shortened in the EU or EEA. Only in exceptional cases the full IP address will be transmitted to one of Goolge servers in the USA and shortened there.
On request of controller Google can use this information to evaluate the usage of the website and to generate reports about website activities and for providing further services regarding the usage of the website and internet to the controller. The IP address transmitted from browser to Google during Google Analytics activities will be not mapped to the IP address gained by Google in another way. The evaluation of user’s activities on our website and processing of this data concerns our justified interest for optimal presence of our online offering.
Opt-Out
The usage of cookies can be deactivated through the respective settings of your browser.
To avoid the collection of data generated by cookies and your usage of the website as well as to prohibit the transmitting and processing of this data to google you can download and install a Google ad-on under: http://tools.google.com/dlpage/gaoptout?hl=de
Alternatively, the tracking of Google Analytics on our website can be prevented if you install a Google Analytics Opt-Out Cookie, which prohibits the collation of data for Google Analytics for this Website by the browser used and for the device used until the cookie is installed and not deactivated.
- Social media Plug-Ins
To optimize the usage of our website and to make the communication and interaction with our prospects, customers and partners more easy we use Social media plug-ins. While using the online services of the social media platform the respective terms and conditions of usage as well as data privacy are applied.
We would like to emphasize I this context that inteltarget does not take the responsibility for the cases if data is not processed under our control.
To prevent uncontrolled transfer of information and user data to these services we use plug-in “Shariff”.
Our website contains linkages to following platforms: LinkedIn
a) LinkedIn
We have integrated in our website components of the LinkedIn corporation. LinkedIn is an internet-based social network providing business and employment oriented services and networking of users with existing and new business contacts.
Operating company LinkedIn is headquartered 2029 Stierlin Court Mountain View, CA 94043, USA. For the data privacy outside the United States the responsible organization is LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
While the call of LinkedIn functionality by the LinkedIn plug-in a connection is established between the browser and the servers of the LinkedIn. The data is transmitted to LinkedIn. If you already have a LinkedIn-Account this can be automatically linked. If you do not wish an automatic login or assignment please log off from your LinkedIn account before visiting our website.
August 30th, 2023