Messages
chat-robot

Privacy Policy

Last Modified: 27-06-2024

 

PRIVACY POLICY
 
Last updated on 20.06.2024.
 
1. INTRODUCTION
 
We process personal data for the purposes and according to the procedures described in this Privacy Policy (also referred to as "Policy"). Please read this document carefully to understand what personal data is processed, for which purposes, what rights you have as a data subject, how to lodge a complaint, how to ask for additional information, as well as other important details. If you have any questions, contact us using the information provided in Section 2 or 15 of this document.
 
Your continued use of our website signifies that you have read, understood, and agree with the provisions stipulated herein.
 
2. DATA CONTROLLER
 
The data controller for processing your personal data is the following legal entity:
 
Company name: WebWise Solutions OU
Company registration number: 16984524
Legal address: Harju maakond, Tallinn, Lasnamäe linnaosa, Väike-Paala tn 2, 11415, Estonia.
Email address: hello@bakeboss.online
 
As the data controller, we are responsible for determining why and how data is processed, as well as ensuring that the processing takes place in compliance with applicable personal data protection laws, including the General Data Protection Regulation (the GDPR). If you have any questions about our data processing practices, please do not hesitate to contact us.
 
3. CATEGORIES OF PERSONAL DATA
 
We may process the following categories of personal data for the purposes outlined in this document. For example:
(a) Contact Information: e.g., name, email, phone number, address.
(b) Account Information: e.g., usernames, passwords, account settings, avatar, photo and activity logs.
(c) Identification Data: e.g., full name, date of birth, personal identification numbers, and details from identification documents.
(d) Technical Data: IP address, device type, and browser details.
(e) Transaction Data: e.g., order and purchase history (including any data related to your orders or purchases).
(f) Payment Data: e.g., payment history and status, bank account details, payment card details, your current balance.
(g) Communication Data: Records of your communications with us (e.g., through emails, chat, online forms, phone calls, etc.).
(h) User Support Data: data related to user support and troubleshooting cases.
(i) Uploaded and User-Generated Content: Data you upload or create while using our services.
(j) Compliance Data: information required for legal and regulatory compliance (e.g., data obtained for anti-money laundering (AML), counter-terrorist financing (CFT), know-your-customer (KYC) processes and other similar activities). 
(k) Marketing Data: preferences and participation in marketing programs.
(l) Video-surveillance data: data obtained through video surveillance conducted in our office premises (e.g., video footage, timestamps, etc.).
 
4. SOURCES OF PERSONAL DATA
 
We collect personal data from various sources, including:
(a) Direct Interactions: Data you provide directly, such as when creating an account, making purchases, communicating with us, or through other similar interactions with us or our website.
(b) Third-Party Sources: Data obtained from third-party service providers (e.g., payment processors), state institutions, and publicly available sources.
 
5. PURPOSES AND LEGAL BASES FOR PROCESSING
 
We process your personal data for several purposes and based on different legal bases. Below you can find the respective outline:
(a) Service Provision: Providing the requested services (Legal Basis: Contract).
(b) Account Management: Setting up and managing your user account (Legal Basis: Contract).
(c) Legal Compliance: Meeting legal and regulatory requirements (Legal Basis: Legal obligation).
(d) Identity Verification: Confirming user identity (Legal Basis: Legal obligation, legitimate interests).
(e) Order Management: Processing and managing orders (Legal Basis: Contract).
(f) Transactions: Handling transactions (Legal Basis: Contract, legitimate interests).
(g) Fraud Prevention: Preventing fraud and misuse (Legal Basis: Legal obligation, legitimate interests).
(h) Dispute Resolution: Handling claims and resolving disputes (Legal Basis: Contract, legal obligation, legitimate interests).
(i) User Engagement: Offering support and information (Legal Basis: Contract, legitimate interests).
(j) Risk Management: Managing risks and making business decisions (Legal Basis: Contract, legal obligations, legitimate interests).
(k) Marketing: Offering marketing info and personalized content (Legal Basis: Consent, legitimate interests).
(l) Security: Ensuring the security of our information and assets (Legal Basis: Contract, legal obligation, legitimate interests).
(m) Troubleshooting: Resolving technical issues (Legal Basis: Contract).
(n) Service Improvement: Enhancing and developing our services (Legal Basis: Legitimate interests).
 
6. NECESSITY TO PROVIDE PERSONAL DATA
 
Certain personal data is required for the functionality and availability of our services. Failure to provide mandatory information may limit your access to some features. Optional information can be managed via account settings. Distinctive marking will be added to inform you whenever provision of personal data is mandatory.
 
7. RECIPIENTS OF PERSONAL DATA
 
We share your personal data with trusted partners for the provision of our services, such as payment processors and customer support providers. Additionally, we may disclose your data to state authorities if required by law.
 
8. DATA RETENTION
 
We retain data for as long as it is necessary to meet the purposes for which it was collected or as mandated by law. Different types of data have different retention periods based on their nature and the applicable legal requirements. For example, information related to complying with legal obligations (such as anti-money laundering (AML), sanctions, tax, accounting, and similar regulations) is usually retained for 5 years, with the possibility of extending the term if necessary. In other cases, data pertinent to potential legal claims may be retained until the expiration of the statutory limitation period, which usually is no longer than 10 years. Once the required retention period has passed, we either delete or anonymize your data to ensure your privacy.
 
9. INTERNATIONAL DATA TRANSFERS
 
Your personal data may be transferred and processed outside the European Union (EU) and the European Economic Area (EEA). When such transfers occur, we ensure compliance with data protection laws, including the General Data Protection Regulation (the GDPR), through appropriate safeguards such as Standard Contractual Clauses (SCC) or similar mechanisms allowed by applicable laws.
 
10. SECURITY MEASURES
 
We prioritize the safety and security of your data by employing measures such as encryption, access controls, and regular staff training. Encryption protects your data during transmission and storage, while access controls ensure only authorized personnel can access it.
 
You can also help protect your data by:
(a) Using strong, unique passwords and changing them regularly.
(b) Being cautious when sharing personal information online or via email.
(c) Enabling two-factor authentication (2FA) for added security.
(d) Keeping your software and devices updated to guard against vulnerabilities.
 
Together, we can ensure your data remains secure. If you have any concerns or questions, please contact us.
 
11. DATA SUBJECT RIGHTS
 
You have the following rights regarding your personal data:
(a) Access: Request access to your data and obtain a copy.
(b) Rectification: Correct inaccurate or incomplete data.
(c) Erasure: Request the deletion of your data under certain conditions.
(d) Restriction: Limit the processing of your data in certain cases.
(e) Objection: Object to certain types of processing, such as direct marketing.
(f) Portability: Receive your data in a commonly used and machine-readable format and transfer it to another controller.
(g) Withdrawal of Consent: Withdraw your consent at any time.
 
To exercise these rights, please contact us as described in this document. Please note that these rights are not absolute and may be subject to legal conditions and limitations. To protect your privacy and security, we may need to verify your identity before processing your request. We are committed to addressing your concerns and ensuring your rights are respected. 
 
12. AUTOMATED DECISIONS AND PROFILING
 
We do not make automated decisions with legal effects. Profiling may be used to provide personalized content and recommendations.
 
13. LODGING A COMPLAINT
 
If you have concerns about our data processing activities, please contact us. We are committed to resolve any issues as fast and effective as possible. You also have the right to lodge a complaint with the supervisory authority, which in case of Estonia is the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).
 
14. USER-GENERATED AND UPLOADED CONTENT
 
When using our services, you have the option to upload various types of information to your user account. Here are some key points to consider:
 
(a) User Discretion: You decide what information to share with us. Please be cautious and consider the sensitivity of the data you upload.
(b) Sensitive Data: If you upload sensitive data (e.g., health information), do so responsibly and be aware of its nature.
(c) Relevance: To protect your privacy, only share information that is relevant to your interaction with our services. Avoid providing unnecessary details.
(d) Disclaimer: We strive to protect your data, but the responsibility for what you choose to disclose ultimately lies with you. Be mindful of your privacy and security.
 
By using our services and uploading data, you acknowledge and agree to these considerations.
 
15. CHANGES TO THE PRIVACY POLICY
 
We may update this Privacy Policy to reflect changes in our practices. The updated version will be published on our website. Please revisit this page regularly to stay up-to-date. In case of any significant changes, we may notify you separately using the contact details at our disposal or through other relevant and appropriate communication channels.
 
16. CONTACT INFORMATION
 
For further information or assistance, please contact us at hello@bakeboss.online.
1