One of the core values of LÜMICO is the responsibility and respect of an individual. LÜMICO OÜ is responsible to make sure that all the personal data of an individual is processed in an effective manner with the applicable data protection legislation in mind.
Any information, related directly or indirectly with a living person is termed as personal data. At LÜMICO OÜ, there are certain activities that require the collection of personal data. The collected data may include given name and surnames, addresses, postal codes, telephone numbers, personal IDs, e-mail addresses etc., hence referred to as “Personal Data”.
You visit LÜMICO OÜ’s website;
- You as a customers’ representative or a customer yourself, are provided with the service and is given information about our services & products as well as upcoming events
- You as a potential customer or a potential customer’s representative receives information from LÜMICO OÜ
- During your employment at LÜMICO OÜ
- You applied at LÜMICO OÜ for a job position
- During your time of employment at LÜMICO OÜ
- Once engaging with us on social media
- LÜMICO OÜ and you are in contact to take part in promotions, competitions and surveys.
- Fulfil and follow up contractual obligations
- Fulfil legal obligations.
| Why do we process your data? | What categories of personal data do we collect? | Legal ground |
| To deliver the content on our website in a correct way To fully optimize the content of our website along with its advertisements |
|
Legitimate interest |
| To fulfil and follow up contractual obligations, yours as well as ours |
|
Contractual obligation |
| To provide support and services |
|
Contractual obligation |
| Ensure the long-term viability of our website and information technology systems. In order to provide access to our IT systems (cargo tracking and booking) |
|
Legitimate interest |
| For legal and security reasons Provide law enforcement authorities with the required information for criminal prosecution in any case of a cyber-attack |
|
Legal obligation and in other cases (like the detection of fraud) we will rely on our legitimate reasons as a business to make use of your data |
| The company informs its business partners and customers timely by means of newsletters relating to enterprise offers |
|
Legitimate interest with an opt-out |
| In order to start a contract through the company’s website |
|
Consent |
| Posted comments made by the customers on the blogs of our website as well as to enable subscriptions driven from such comments |
|
Consent |
| The company carry out promotions, competitions and surveys |
|
Consent |
| Staff administration |
|
Contractual obligation |
| Safety under any emergency |
|
To protect your vital interest |
| To protect our company assets and employees |
|
Legitimate interest |
| Managing job applicants applications |
|
Until the job position has been appointed; Fulfilment of the agreement. After the job position has been appointed; Legitimate interest. Once the recruitment has been finalized, the collected personal data is filed in order to be used a for potential appeal of recruitment such as, for example, based upon the breaches of discrimination legislation. In the case when it is no longer possible to appeal the recruitment, the information is lost and destroyed if the concerned candidate did not consent to any further processing |
Your data is kept is stored with us as long as required to;
- Fulfil our contractual obligations towards you
- Fulfil the purpose as to which the data was collected in the first place
- Fulfil our legal obligations
Having the ability to control your personal data, we may assign the processing stated above to a supplier or a partner as set out in the section “Third party components”. Such processing will not be proceeded in any other purpose as to that stated above. Some suppliers and partners might have parts of their business in countries located outside EEA/EU (also referred to as Third countries). Any of your personal data is only given to such countries only if their standard of data protection is at a level to that of the EU countries or if the supplier has an enforceable instrument and legal bindings which guarantees the safety of your personal data.
You have the right to:
- Request the information about which of your personal data we process as well as request a copy of these:
- Have incorrect personal data corrected and under certain cases, have your personal data erased from our database
- Point out against the processing of your certain personal data and request your personal data processing to be limited.
- Have your personal data transferred over to a different controller
- Withdraw your consent to the protection of your personal data
In any case, if you are not 100% satisfied with our processing of your personal data, you may report our process to the Estonian Data Protection Authority, the authority in charge of supervising us. You may at any given time through the contact information below, info@lumico.ee obtain, erase or limit the processing of your collected personal data. However, please note that limiting your personal data or erasing from our servers may disable the company to provide you with the service.
Lümico has made use of effective organizational and technical measure in order to protect personal data against unauthorized access, abuse, loss, alternation, revealing and destruction. In order to make sure that the collected personal data is processed in a secure and confidential fashion, we ensure that the obligations set out under Article 32-36 of the GDPR are met. A detailed description of the applied security measure can be generated upon request. LÜMICO OÜ’s suppliers and employees are bound by confidentiality agreements and are obliged to follow the companies’ rules for IT security and information, this privacy policy, as well as other, policies and internal rules that regulate the processing of personal data.
LÜMICO OÜ websites use cookies. Via the use of cookies, LÜMICO OÜ has the ability to provide its website users better user-friendly services that would not possible without the effective use of cookies. If you wish to deactivate the setting of cookies in your web browser, you may have limit functionality on the website.LÜMICO OÜ websites use cookies. Via the use of cookies, LÜMICO OÜ has the ability to provide its website users better user-friendly services that would not possible without the effective use of cookies. If you wish to deactivate the setting of cookies in your web browser, you may have limit functionality on the website.
On this website, the controller has put in components of Facebook. The data protection guideline published by Facebook can be accessed at https://facebook.com/about/privacy/. It provides the essential information on the collection, processing and use of your personal data by Facebook.
- Google Analytics
On this website, LÜMICO OÜ has integrated the components of Google Analytics (along with the anonymizer function). Google analytics is a web analytics service. For the website analytics via the Google Analytics, the controller makes use of the application “_gat. _anonymizelp”. Via this application, the IP address of your internet shortened by Google and anonymised when accessing our website from a Contraction State to the Agreement on the European Economic Area or Member State of European Union. Further information over the applicable data protection provisions of Google can be accessed under http://www.google.com/analytics/terms/us.html and https://www.google.com/intl/en/policies/privacy/. You have the full right and responsibility to object over the collection of the generated data by the Google Analytics which is in relation to our website, as well as the processing of data via Google and have the possibility to prevent any such use. In order to do so, you have to download and install an add-on for your browser under https://tools.google.com/dlpage/gaoptout.
- Google +
On this website, the company has put in the Google+ button as a component. Via this button, Google receives the information that you have visited over our website if you are logged into your Google+ account during the time of call-up. This takes place regardless of whether you click or don’t click the Google+ button. More information on this can be found at https://developers.google.com/+/.
On this website, the company has put in the components for Instagram as well. Instagram will receive the information through the Instagram component that you have visited our website given that you are logged into Instagram at the time of visiting our website. This will take place regardless the user has clicked the Instagram button or not. More information on this can be found at https://www.instagram.com/about/legal/privacy/ and https://help.instagram.com/155833707900388.
This website also has an integrated LinkedIn component. LinkedIn receives information through the LinkedIn component that you have visited our website, provided that at the time of visiting our website, you were logged into your LinkedIn account. This occurs regardless you have to click the LinkedIn button or not. The applicable privacy policy can be accessed at https://www.linkedin.com/legal/privacy-policy. The cookie policy for LinkedIn can be found at https://www.linkedin.com/legal/cookie-policy.
The company has an integrated component for Twitter. Twitter will receive your information that you have visited our website provided that you were logged into your twitter account at the time you visited our website. This will take place regardless of the fact that you have clicked the Twitter button or not. The applicable data protection provisions of Twitter can be read at https://twitter.com/privacy?lang=en.
- YouTube
On this website, the company has a building component for YouTube. Both Google and YouTube will receive you the information via the YouTube component that you made a visit to our website. However, this will occur automatically if you are logged into your youtube once you visited our website. In order to access YouTube’s data protection provisions, please go to https://www.google.com/intl/en/policies/privacy/.
The company amends the right to this mentioned privacy policy as the company sees it fit The date for the latest amendments is mentioned at the end of this privacy policy. Therefore, you are recommended to read this policy on regular basis in order to update yourself from time to time. If this privacy policy is altered to a great degree as to when your company obtained the consent, the company will make sure to inform you of these changes in its privacy policy. In certain cases, you may obtain new consent to the processing of your personal data.
If you happen to have any question regarding the privacy policy or any other question regarding our data processing, feel free to get in touch with us:
LÜMICO OÜ
Mustamäe tee 5c
10616 Tallinn
Estonia
Phone: +372 646 0101
Email: info@lumico.ee
Website: lumico.ee
This privacy policy was adopted on 01.09.2018
Data controller – the entity that regulates the conditions, purposes and means of the personal data processing.
Data Subject – a natural person whose personal data is being processed by a processor or a controller.
Data Processor – the entity that regulates data on behalf of the data controller
Data Protection Officer – an expert in the field of data privacy who independently works in order to make sure that an entity is following the procedures and policies set by the GDPR (more info on this can be found here)
Processing – any operation performed on the personal data of the person, whether it is automated or not. Processing includes collection, recording, use etc.
Personal Data – Any information related to a person or ‘Data Subject’, that can be used to indirectly or directly identify the person.
Right to be forgotten – also termed as Data Erasure, it binds the data subject to have the data controller remove his or her data off the database, stop further distribution of the data as well as potentially make the third parties stop processing the data subjects’ data
Right to access – also termed as the subject access right, it allows the data subject to access the data and information that is accessible to the controller
Subject Access Right – also termed as Right to Access, it allows the data subject to access the data and information that is accessible to the controller