Privacy notice from Handelshaus OÜ
Date of commencement: 25th May 2018
This privacy notice explains in detail the types of personal data we may collect about you when you interact with us, how we store and handle that data and your rights associated with it.
When you use our website and/or our services, Handelshaus OÜ is the data controller of your personal data and adheres to the EU General Data Protection Regulation 2016/679 (hereafter referred to as “GDPR”) and the laws of the Estonian Republic.
Our Privacy Manager’s contacts are:
e-mail: [email protected]
This Privacy Notice supersedes all previous notices or guidance issued prior to the commencement date as stated above.
How we collect your personal information
You may give us your identity, contacts, business details and other personal information by corresponding with us via email, messenger services, phone or by completing our forms.
This includes personal data you provide when you:
- meet our company representatives
- use our website
- communicate with us by email, phone or messenger apps
- complete our questionnaire or other forms or agreements
- use other electronic means to identify yourself
- are being introduced to us by your agent, tax adviser, attorney or other intermediary
- subscribe to our newsletter or services
- pay for our services
We may also collect profile information and insight from publicly available sources or third parties (such as risk management solutions organisations), when we are conducting background checks on you as a part of our due diligence obligations.
What personal information do we collect?
We may collect the following information about you:
- your title, first name, last name; your biographical data, such as date of birth, tax identification number, passport/ID numbers, your nationality, domicile, citizenship and your public key (for e-residents of Estonia)
- contact information such as your residential and business addresses, phone numbers, email addresses, and your communication app accounts (such as Skype, Whatsapp etc.)
- your reasons for using our services, including business and development plans
Due diligence data
- information required to understand whether you represent a risk of money laundering, terrorism financing or being a politically-exposed person
- time, date and location of your service purchase transaction
- services you order from us or through us
- delivery address (if applicable)
- bank account or payment account details (if you use payment service providers other than banks. For example, we may save in our records the name of a PayPal account we receive your payment from).
- your internet protocol (IP) address
- information about from where you visited our website and which site you subsequently visited
- browser type and version
- time zone and location
- operating system and platform of the device you used to visit our website
Marketing & Communications data
- information about whether you have opened our newsletter email, when and how many times
- your preferences for receiving newsletter emails from us
How and why do we use your personal data?
- to respond to your queries, prepare our service contracts, proposals, etc. and to enable our services, which require us knowing your personal information
- we may share some of this information in order to deliver our services to you. For example, we may share information with our legal advisors, accountants and risk management companies. For more about information sharing, please see below.
- to manage our business and monitor our own performance, for example analysing our client database when developing new services.
- to protect our business and your account from fraud and other illegal activities. For example we may ask you to verify your identity.
- to offer you new products and services.
Who do we share your personal information with?
In certain cases your personal information may be disclosed to 3rd parties:
- we have a legal obligation to comply with anti-money laundering and terrorism finance laws
- we are obliged to disclose personal information to competent authorities, law enforcement agencies as well as our regulators if necessary and in accordance with the laws of Estonia
- we may disclose your information to our auditors
- we disclose certain information to 3rd parties who conduct background checks on you as a part of our due diligence procedure
- our data storage service provider
- our advisors or partners, in case we need to obtain legal or accounting advice in relation to services we render to you, or outsource part of the service
How can you subscribe or unsubscribe from direct marketing?
With your permission, from time to time we may send you regulatory updates, our proposals, reviews of new products, invitations to business events and other information, which we believe may be of interest to you.
There are several ways you can stop direct marketing communications from HandelsHaus:
- click the “unsubscribe” link in any direct marketing communication email you receive from us.
- email us at [email protected], asking us to unsubscribe you.
- write to:
Office 5, 7 Pikk street,
Please note that you may continue to receive direct marketing communication from us for a short period of time after unsubscribing while our systems are being updated with your new preferences.
What are your rights over your personal information?
Under the GDPR you have the following rights:
- To request and obtain a copy of information we hold about you
- To request that we erase data we hold about you
- To ask us to cease to process your personal data
- To request that we stop sending you our marketing materials and promotions
- To request that we correct the data we hold on you
Where can you find out more information on the topic of data protection?
How can you contact our Privacy Manager?
If you want to exercise any of your rights, or simply want to obtain more information about your data, please contact:
Office 5, 7 Pikk street,
By e-mail: [email protected]
How to complain
How to withdraw your consent
If you have previously given us your consent to process your personal information and would like to withdraw it, then please write to:
Office 5, 7 Pikk street,
In certain cases we will retain your personal information lawfully in accordance with the legislation of Estonia.
We adhere to the anti-money laundering regulations and we are obliged to retain your personal details for 5 years from the date of termination of our relationship, unless we are ordered by a court or other competent authority to retain your data for a longer period.
We also store your personal details for 5 years from the termination of our contractual or other relations in case any claims arise out the services we have rendered you.