LEGAL AND PRIVACY STATEMENT
These data protection conditions have been prepared with the aim of protecting the privacy of former, current, and future customers of UPMEDICAL OÜ. Based on this, we outline the principles regarding the collection, use, publication, transmission, and storage of Customer Data. The activities of UPMEDICAL OÜ are following all relevant activities and the relevant legislation of the European Union and the laws of the Republic of Estonia, including REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND COUNCIL. UPMEDICAL OÜ implements all precautions (including administrative, technical, and physical measures) to protect collected personal data. Only authorized persons have access to change and process data.
The website of UPMEDICAL OÜ uses the SSL certificate, which is a security certificate for a web application, with the help of which data is protected with up to 256-bit encryption. This certificate encrypts information moving on the public Internet and ensures its confidentiality.
1. DATA CONTROLLER
UPMEDICAL OÜ
Business ID / Reg. Code: 16042130
Seedri tn 6, 80010, Pärnu linn, Pärnu maakond, Estonia
2. CONTACT REGARDING REGISTERS
support@upmedical.eu
tel. +372 51966203
3. NAMES OF REGISTERS
UPMEDICAL OÜ’s corporate customer, invoicing, and marketing registers.
4. PURPOSE AND GROUNDS FOR PROCESSING PERSONAL DATA
The registers are used to maintain the data of contact persons of UPMEDICAL OÜ’s existing and potential client companies.
The personal data may be processed for the following purposes:
Managing customer relationships and customer care, and managing, carrying out, developing, and monitoring related communications and marketing.
Processing of customer feedback, customer satisfaction data, and complaints.
Processing of inquiries and offer requests.
Analyzing, statistical work, grouping, and reporting of the customer relationship, and other purposes related to the development of the customer relationship and UPMEDICAL OÜ’s business.
Analyzing website visitor volumes and behavior, and facilitating the sharing of content on social media (cookies).
The customer data in the customer register may also be utilized for profiling in the analysis of service demand and customer behavior.
The data processing tasks may be outsourced to service providers outside UPMEDICAL OÜ following data protection legislation and its restrictions.
WHAT ARE “COOKIES”?
A cookie is a small text file that the web server sends to the user’s web browser and that is stored on the hard drive of the user’s computer.
The cookies themselves do not read information from the user’s computer or send it to internet sites.
PURPOSE OF COOKIES
Websites and e-shops use cookies to offer users a more personalized user experience and more convenient navigation on the website. For example, cookies allow the website to remember the user’s preferences (language selection) or skip each time you log in to the website. Generally, cookies are used to collect statistical data by tracking user preferences when visiting web pages. It does not pose a direct threat to the user. Website operators are obliged to provide clear and understandable information on the website about the type of cookies their website uses and for what purpose. In this way, the user can decide for himself whether to enable or disable cookies.
How does upmedical.eu use cookies?
As a result of visiting this website, your browser may save cookies from the following categories:
Analytics
upmedical.eu uses the widely used Google Analytics software and uses it to measure website traffic. With the help of the obtained data, we can better understand the behavior of visitors on the page and make it more convenient to use. The mentioned software uses several cookies, with the help of which we can find out whether the visitors of the website have been there before. If such cookies are present on your computer, your web browser will notify us; however, if you don’t already have them, we’ll provide them for your web browser. In this way, we can know the number of our users and how often they visit our page. These cookies are used for statistical purposes only and cannot be used to identify individual users. The visitors’ data is not transmitted to Google. The main cookie used by Google Analytics is “with __”.
Technical cookies
Technical cookies are necessary so that the user can navigate the website at all and use the functions of the website. Without these cookies, the website cannot function properly.
Limiting the use of cookies or opting out completely
It is usually possible to configure the web browser to stop using cookies or to stop accepting cookies from a specific website. All modern web browsers allow changing settings related to cookies. Usually, such settings are in the settings or preferences menu of the web browser. The following links may help you understand these settings; in other cases, you should use your web browser’s help option for more information.
Internet Explorer: http://support.microsoft.com/kb/278835 and https://support.microsoft.com/et-ee/help/17442/windows-internet-explorer-delete-manage-cookies
Chrome: https://support.google.com/chrome/answer/95647?hl=en
Opera: http://help.opera.com/opera/Windows/2393/en/controlPages.html#manageCookies
Safari: http://support.apple.com/kb/PH5042
iOS: https://support.apple.com/et-ee/HT201265
5. DATA CONTENT OF REGISTERS
The customer, invoicing, and marketing registers may be used to store data such as the following:
Client company’s name and contact information (delivery and invoicing address, email address, phone number) and the company’s contact person’s name and contact information (email address and phone number).
Customer’s consent, direct marketing permissions, and prohibitions.
Data on the customer relationship, such as the customer’s order data and data on meetings and other contact with UPMEDICAL OÜ’s customer care and company employees.
Customer’s purchase history and transaction data, and data on online behavior on UPMEDICAL OÜ´s website and online shop.
Participant data (email address, phone number, address, date of birth, and allergy information) entered by the customer for events organized by UPMEDICAL OÜ.
6. REGULAR DATA SOURCES
Personal data is primarily received from the client company, the contact person themselves, the company’s website, and business information systems.
7. REGULAR DATA SHARING AND TRANSFER OF INFORMATION OUTSIDE THE EUROPEAN UNION OR EUROPEAN ECONOMIC AREA
Personal data will not be transferred outside the European Union or the European Economic Area. However, personal data may be shared with UPMEDICAL OÜ’s subcontractors and partners. Any personal data will be anonymized before they are sent to UPMEDICAL OÜ’s subcontractors and partners.
8. DESCRIPTION OF REGISTER PROTECTION PRINCIPLES
Any data on physical media will be kept in locked storage that only separately authorized personnel can access. Digital material can only be accessed by designated personnel with a personal user ID and password. There are different levels of access rights, and each user is granted access rights that are sufficient for their tasks but as limited as possible.
9. RIGHTS RELATED TO PROCESSING OF PERSONAL DATA
A person who is the subject of the customer, invoicing, or marketing register has the right to inspect the personal data on them in the register. The person also has the right to request the deletion or correction of erroneous, unnecessary, incomplete, or outdated data in the register. The aforementioned requests should be directed in writing to UPMEDICAL OÜ’s contact e-mail.
A person who is the subject of the customer, invoicing, or marketing register also has the right to prohibit UPMEDICAL OÜ processing personal data on them for direct marketing by following instructions on the electronic marketing messages.
10. DELETION AND STORAGE PERIOD OF PERSONAL DATA
UPMEDICAL OÜ deletes the personal data of customers from the registers when there are no longer commercial justifications to process the data, or when the subject of the register exercises their statutory right to demand UPMEDICAL OÜ to delete all data on them. However, personal data will not be deleted if the law demands otherwise, or if the contact person is responsible for the safe use of the products they have ordered.