WeAgency OÜ, registration number 16154308, registered under the laws of the Republic of Estonia, with its legal address: Harju maakond, Tallin, Lasnamäe linnaosa, Liikuri tn 10, 13618 has developed this Privacy Policy to inform persons visiting WeAgency website http://weagency.digital (hereinafter — Website) as its clients, including representative of the client, if the client is a legal entity (hereinafter — Client) and who use the services provided by WeAgency via the Website (hereinafter — Services), on the collection, use and transfer of their personal data to third parties.
If you have any questions regarding the Privacy Policy of WeAgency or if you wish to obtain additional information on how to exercise the rights specified herein, you can contact Aleksandr Aleksandrov hi@weagency.digital by writing an email to. Additional contact information is available on the Website.
WeAgency strives to ensure appropriate technical and organizational measures to protect the Client’s data and to provide transparent data protection rules. This Privacy Policy outlines the data processing activities carried out by WeAgency in respect to Clients who are natural persons.
WeAgency processes several categories of the Client’s personal data from the Client:
• identification data such as — the Client’s first name and surname;
• contact data such as — the Client-s email address and/or phone number.
WeAgency must have a legal basis for using the Client’s personal data. The legal basis are one of the following:
WeAgency must have certain personal data to provide the Services and it cannot provide them without the Client’s personal data. The main purpose of the processing of the Client’s data by WeAgency is to provide Services to the Client. Examples of purposes for processing include, but are not limited to:
• for managing client relations, providing access to the Services.
WeAgency sometimes collects and uses the Client’s personal data, or shares it with other organisations, because WeAgency has a legitimate reason to use it and this is reasonable when balanced against the Client’s right to privacy. Examples of purposes for processing are:
• to provide to the Client additional services, such as creating personalized offers;
• to develop, examine and improve WeAgency business, the Services and the Client’s experience by performing surveys, analyses, and/ or statistics;
• to organize campaigns for the Client;
• to protect the interests of the Client and/or WeAgency or its employees;
• to manage the relationships with the Client.
If the Client signs up to WeAgency Services, and where allowed by law, WeAgency may contact the Client by email and/or SMS text message with information about WeAgency and its group products, services, offers and promotions. We may use the personal data we have collected about the Client in order to tailor WeAgency’s offers to the Client.
The Client can adjust his/ her preferences, or inform WeAgency if the Client doesn’t want to receive any information regarding service, offer and promotions from WeAgency, at any time.
WeAgency will not pass the Client’s details on to any organisations outside the WeAgency group of companies for their marketing purposes without the Client’s permission.
To ensure the provision of information and the Services, as well as to fulfil the obligations under applicable law, WeAgency collects information about the Client in the following ways:
4.1.1. Providing an opportunity to fill an application form on Webside;
4.1.2. By means of online communication by phone, email, chat or other communication channels and/or technical tools.
4.2.1. Technical information that may contain the IP address, device data, software data and similar data.
As part of WeAgency processing, WeAgency may share the Client’s data with recipients such as authorities, WeAgency group companies, suppliers, payment service providers and business partners. WeAgency will not disclose more of the Client’s personal data than is necessary for the purpose of disclosure and with respect to regulatory legislation and the data protection legislation.
Recipients may process the Client’s personal data acting as data processors and/or as data controllers. When a recipient is processing the Client’s personal data on its own behalf as a data controller, the recipient is responsible for providing information on such processing of the Client’s personal data. WeAgency undertakes to guarantee appropriate technical and organizational security measures to ensure that the personal data processor upholds security standards that are not lower than the security standards set by WeAgency.
WeAgency and our cooperation partners mainly process the Client’s personal data within the European Union/ European Economic Area (hereinafter — EU/ EEA), but in some cases, personal data is transferred to and processed in countries outside of the EU/EEA. The transfer and Processing of Personal Data outside the EU/EEA can take place provided there is a legal basis and one of the following conditions:
• the country outside the EU/EEA, where the recipient is located, has an adequate level of data protection as decided by the EU Commission;
• the controller or processor has provided appropriate safeguards, for example, the EU Standard Contractual Clauses or other authorized contractual clauses, approved codes of conduct or certification mechanisms.
The data that WeAgency collects from the Client is transferred to and stored at a destination inside the EEA. All information the Client provides to WeAgency is stored securely on WeAgency’s servers or servers of its partners. The information is encrypted.
WeAgency undertakes to do everything necessary, as far as possible, to protect the Client’s data in case of sending and receiving, offering to upload documents in a secure way.
The access to the Client’s personal information within WeAgency is limited to only those employees who have a good business reason to access or know this information. This is achieved through both technical solutions and physical access rights, as well as proper training and education of WeAgency’s employees who have built appropriate safeguards.
All Client related information is kept until the data is no longer necessary to provide Services.
WeAgency respects Client’s rights to access, manage and control the personal data that WeAgency processes. Once WeAgency receives a request from the Client to exercise any of the rights listed below, WeAgency will review the said request and provide a response without undue delay and in any event within one month of receipt of the request. According to the data protection legislation this time period may be extended if the request is complex or if due to the amount of received requests WeAgency cannot prepare a reply within the previously set time limit. In this case WeAgency informs the Client about the extension of the time limit for preparing a reply to the request and indicates the specific term for preparing a reply.
Should the Client wish to exercise any of the rights listed below, the Client can do so by submitting a request in one of the following ways:
• by sending an electronic request to hi@weagency.digital;
• by sending a signed request to hi@weagency.digital. An authorized person can submit a request on behalf of the Client, provided that a valid power of attorney is enclosed with the request.
The Client is entitled to receive information on whether or not WeAgency processes the Client’s personal data, and, if WeAgency processes said personal data, and to request a copy of the Client’s personal data undergoing processing.
The Client has the right to obtain the following information:
• purposes of the processing;
• categories of personal data being processed;
• personal data recipients or categories of such recipients;
• length of time the data will be stored (or criteria for determining the period);
• Client’s rights in connection to the data processing;
• available information on the data source (if the personal data was not obtained from the Client);
• existence of automated decision-making.
The Client is entitled to request WeAgency to rectify the Client’s inaccurate or incorrect personal data.
The Client is entitled to request WeAgency to erase the Client’s data. This right can be exercised if one of the following grounds apply:
• purposes of the processing have been reached;
• personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
• Client withdraws the given consent;
• Client objects to the processing;
• personal data has been unlawfully processed;
• personal data has to be erased for compliance with a legal obligation.
The Client is entitled to request WeAgency to restrict processing. Upon restricting the processing of the Client’s personal data, WeAgency will only process the Client’s personal data after receiving consent from the Client, or for the protection of the rights of another natural or legal person, or for reasons of important public interest. This does not apply to storing personal data.
The Client is entitled to object to the personal data processing activities.
The Client is entitled to request WeAgency to receive and transfer the Client’s personal data to the Client or another data controller. The Client can exercise this right insofar as the data has been provided by the Client based on consent or a contract and the processing is carried out by automated means.
The Client is entitled to withdraw previously given consent at any time. However, this will not affect the lawfulness of any processing carried out before the Client withdraws his/ her/ its consent.
In case of any uncertainty related to the Client’s personal data, the Client is welcome to contact WeAgency and the Client will be provided with an answer or to find a solution for his/ her/ its issue. However, if the Client believes WeAgency cannot find the solution, the Client is entitled to submit a complaint to the national personal data protection authority regarding data processing activities conducted by WeAgency.
The Client is entitled to contact WeAgency and to obtain additional information regarding personal data processing activities.
WeAgency has the right to make changes to the Privacy Policy at any time by posting them on the Website. Any version of the Privacy Policy that is published on the Website replaces all previous versions of the Policy and takes effect immediately upon posting or from the effective date as indicated.