Entity Technologies OÜ, registry code 11673038, located at Teguri 55, Tartu, 50107, Estonia (here in after "We") operates the Buildocs platform at https://www.buildocs.ee/, which provides users with a web-based solution that simplifies the documentation of construction work and enables get a clear overview of the company's finances.
We confirm that we will comply with the requirements of General Data Protection Regulation 2016/679 when processing all data.
For the purposes of this Privacy Statement, the following terms shall have the following meanings:
“You” means the legal or natural person who uses our Platform and has agreed to the Platform and the terms and conditions of the service offered there.
"Data Subject" means an identified or directly or indirectly identifiable natural person whose personal data you transmit to the Platform when you use the software.
"Personal Data" means any information about the Data Subject or you that you publish on the Platform.
“Processing” shall mean any automated or non-automated operation, or set of operations, carried out with Personal Data or sets of Personal Data, such as collecting, documenting, organizing, structuring, storing, adapting and modifying, making, reading, using, transmitting, disseminating or otherwise making available combining or merging, limiting, deleting or destroying.
"Personal Data Violation" means a breach of security that results in the accidental or unlawful destruction, loss, alteration or unauthorized disclosure of, or access to, Personal Data that is transmitted, stored or otherwise processed.
"Service" is the software service provided to you through the Buildocs platform.
“Terms” means the General Terms of the Buildocs Service, which govern your use of the Buildocs Platform, Software and the Service.
Our activities as Controller of Personal Data
Personal Information Collected About You
We collect and process Personal Data about you that you voluntarily disclose to us on the Platform. You understand that the disclosure of Personal Information to us is voluntary, but failure to disclose it will prevent you from using the Buildocs platform and the Service provided there.
In order for you to use the Service, we collect and process the following personal information about you: name, email address, personal identification code, details of the legal entity you represent and its activities (company name, registry code, country of residence, billing contact information, country tax number), any other information that you choose to disclose on the Platform about you or your affiliated company.
Purpose and legal basis for the collection of personal data
We process your Personal Data on the following bases: in order to provide you with a platform service, including access to the platform; Detect and investigate any violation of the Platform, including fraud, and any personal marketing messages that we or a third party have a legitimate interest in; Subject to your consent to us, to comply with such legal obligation.
In particular, if you do not wish to receive personal marketing messages from us, you may prohibit us from using your Personal Data for any prior purpose by notifying us in writing at firstname.lastname@example.org.
Transmission and storage of personal data
We may transfer your Personal Data to third parties, such as an auditor, legal counsel or any other person who provides the service to us. We may also pass on your information to other companies within our group. We have made every effort to ensure the confidentiality and security of the Personal Data mentioned above.
Third parties to whom we transmit Your Personal Data may be located outside the European Economic Area, which has other personal data protection regulations in place and for which the European Commission has not taken a decision on adequacy. In these countries, personal data (including protection against misuse, unauthorized access, disclosure, alteration or destruction) may not be afforded the same level of protection as in the European Union. When transmitting personal data outside the European Economic Area, we undertake to ensure that appropriate security measures are in place. If you would like to be informed about applicable security measures, please let us know.
When transmitting personal data to the United States, we verify that the third party receiving the data is certified under the terms and conditions set forth in the EU-US Data Exchange Agreement between the US Department of Commerce and the European Union. For more information on the EU-US Data Exchange Agreement, visit the US Department of Commerce's website at www.privacyshield.gov.
We take the necessary organizational, physical and IT security measures to protect Personal Data published on the Platform against any misuse, unauthorized access, disclosure, alteration or destruction. Platform servers and systems are protected against unauthorized access by firewalls, passwords, other technical means, and organizational means. Access to personal data shall only be granted if it is necessary for the processing of the data. All processors of personal data are bound by a confidentiality agreement. Our employees' access to personal data is based on a role-based user management process, where each employee is only given access to their tasks and work.
We will retain your Personal Data for as long as it is legally required or permitted, but not longer than is reasonably necessary for us to achieve the purposes for which the Personal Data was collected or processed, including, but not limited to, retention of Personal Data until any claims expire.
We take reasonable steps to ensure that the Personal Data is reliable and accurate.
Your rights when collecting Personal Data
With respect to the collection of Personal Data, you have the right to:
◦ request access to the Personal Data collected about you and request a copy of the Personal Data;
◦ request the correction, update or removal of your Personal Data;
◦ demand restrictions on the processing, collection and use of Personal Data in cases provided by law;
◦ approach the Data Protection Inspectorate in case of violation of your rights.
A cookie is, in essence, a text file that is stored on your computer, smartphone or other device. A cookie is a small text file placed in your device to collect useful information and to remember you.
We use session-based cookies on the platform, which will disappear when you leave the platform or close your browser. We use session-based cookies to provide certain features of the platform (such as logging in).
More information on using cookies and how to disable cookies can be found at www.allaboutcookies.org.
Our activities as Authorized Processor of Personal Data
In order to provide you with the Service, We may need to process Personal Data of the Data Subjects on your behalf, but only to the extent and to the extent necessary to perform the tasks assigned to you. The Service we provide to you is described in more detail in our Terms of Service.
For the purposes of these Privacy Terms, we determine the terms and conditions of the processing of Personal Data of the Data Subject to ensure that the processing of the Personal Data complies with the conditions set forth in data protection law, while ensuring that the rights of the Data Subject are protected.
We confirm that we will not process the Data Subject's Personal Data transferred to us for any purpose (including for business or personal purposes) other than to provide you with the Service.
Under these Terms, we undertake to ensure that all of our employees or third parties that we use to provide the Service to you comply with the requirements of data protection laws, including confidentiality. In doing so, you will be notified immediately if We fail to ensure such consistency for any reason.
In addition, we will inform you immediately of the following:
In addition, we will inform you immediately of the following:
◦ Binding requests by law enforcement authorities for the disclosure of personal data, with the exception of a prohibition on the disclosure of requests, such as those stemming from criminal law, aimed at protecting the confidentiality of a law enforcement investigation;
◦ Cases of accidental or unauthorized access;
◦ Requests by the data subject.
Transmission of personal data
The inclusion of new Recipients of Personal Data is only possible with your prior consent. When we transfer personal data to a third party, we enter into a similar agreement with the third party to ensure the correct processing of the Personal Data. If a third party processing Personal Data fails to comply with the requirements of data protection law or the agreement entered into with us, we will be responsible to you for compliance with the requirements and obligations set forth in the data protection law.
Applicable security measures
We confirm that we have taken all appropriate technical and organizational measures to ensure that the processing complies with the requirements of data protection legislation and that the rights of data subjects are protected. We do our best to prevent accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to data.
To ensure this, we have applied the measures set out in this Privacy Statement.
Upon request, we shall make available to you within a reasonable time all information necessary to demonstrate the implementation of appropriate technical and organizational measures. Among other things, we allow you to organize the audits necessary to verify the implementation of these measures. The costs of the above obligations, including the costs of conducting the audit, shall be borne by you and We shall have the right to claim any direct or indirect costs incurred by you in discharging those obligations.
Personal Data Violation
In the event of a personal data breach, we undertake to notify you without undue delay and to cooperate fully with you. In particular, we undertake to report a personal data breach as follows:
◦ Describe the nature of the personal data breach and, if possible, the approximate number of data subjects and the types and approximate number of relevant personal data records;
Ame We will provide the name and contact details of the contact person providing additional information;
◦ Describe the possible consequences of a personal data breach;
◦ Describe the measures that we have taken or intend to take to address a personal data breach, including mitigating the potentially harmful effects of the breach where appropriate;
◦ Describe the possible measures we can take to mitigate the possible adverse effects of the Personal Data breach.
We will not be liable for any loss or damage suffered by you in complying with the Terms and Conditions resulting from your wrongful conduct in the processing of Personal Data.
If you have any questions regarding the processing of your personal data, please contact us at email@example.com.
The necessary cookies are essential for the proper functioning of the website. Only cookies that provide basic website security and security features fall into this category. These cookies do not store personal information.