Privacy Policy
Last Updated 25/07/2023
This privacy policy describes how your personal information is collected, stored, used and shared (‘processed’) processed when you use our ‘Services ’, for example when you:
● visit our website at (https://catering-systems.com); and
● engage with us in any other related way, including but not limited to sales, marketing or events.
Catering Systems OÜ is the controller of your personal data unless otherwise stated in this Notice. The terms ‘our’,‘we’,‘us’ refer to Catering Systems OÜ (reg. nr 16122432)
The terms ‘you’, ‘your’ refer to the data subject, meaning the visitor of our website or user of our services.
Questions or concerns? If you have any questions or concerns about your privacy rights, please contact us at [email protected].
1. PERSONAL INFORMATION WE PROCESS
We only process personal information you voluntarily disclose to us when you register on the Services, when you participate in activities on the Services, or otherwise when you contact us.
1.1. Personal information provided by you
The personal information we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we may collect are as follows:
● Contact details such as your name, phone number, e-mail address, and billing address.
● Profile information : such as username, passwords, language, contact preferences, authentication data.
● Communication and correspondence records: such as when you engage with us via chat or email.
● Payment information : such as the amount charged and credit/debit card details
All personal information you provide us must be true, complete, and accurate. You must notify us of any such changes to such personal information.
1.1.a. Sensitive information
We do not process sensitive information.
1.2. Information Automatically Collected
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.
We also collect information through cookies and similar technologies. The information we collect includes[9] but is not limited to:
● Log and Usage Data depending on how you interact with us, this data may include your IP address, device information, browser type, and settings and information about your activity in the Services (such as date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), and device event information (such as system activity, error reports, and hardware settings). Log and usage data is service-related, diagnostic, usage and performance information our servers automatically collect when you access or use our Services and which we record in log files.
● Device Data such as information about your computer, phone, tablet, or other device you can use to access the Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, internet service provider, and/or mobile carrier, operating system, and configuration information.
● Location Data such as GPS and other technologies to collect geolocation data that tells us your current location based on your IP address. We collect location data such as information about your device’s location, which can be precise or imprecise. How much information we collect depends on the type and settings of the device you use to access the Services. You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your location setting on your device. However, if you choose to opt out, you may not be able to use certain aspects of the Services.
2. HOW DO WE PROCESS YOUR PERSONAL INFORMATION?
We process your personal information so that we can provide, improve and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. Subject to your consent, we can also process your information for other purposes.
Depending on how you interact with our Services, we process your personal information for a variety of reasons, including[10] :
● To facilitate account creation and authentication and otherwise manage user accounts so you can create and log in to your account, as well as keep your account working in order.
● To deliver and facilitate delivery of services to the user in order to provide you with the requested service.
● To respond to inquiries/offer support to users we may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.
● To send administrative information to you such as details about our products and services, changes to our terms and policies.
● To fulfill and manage your orders, payments, returns, and exchanges made through the Services.
● To request feedback and to contact you about your use of our Services.
● To send you marketing and promotional communications if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time.
● To deliver targeted advertising to you that is tailored to your interests, location, and more.
● To identify usage trends about how you use our Services to better understand how they are being used so we can improve them.
● To determine the effectiveness of our marketing and promotional campaigns to provide marketing and promotional campaigns that are the most relevant to you.
● To save or protect an individual’s vital interest such as to prevent harm.
We may process all personal data about you for the establishment, exercise or defense of legal claims in case we need to defend against or give proof of claims for damages, or other claims submitted to us for investigation.
Please see additional purposes for which we process your personal data under legitimate interest and legal obligations (Clause 3 below).
3. LEGAL BASIS
We are allowed to use personal information as described above only if we have a proper reason to do so. We always make sure there is a valid reason for processing your personal data. As such, we may rely on the following legal bases to process your personal information:
● Performance of a contract (incl. provision of our services): personal information is generally processed in order to fulfill our contractual obligations to you, including providing you with our Services at your request prior to entering into a contract with you.
● Consent: we may process your personal information if you have given us permission to use your personal data for a specific purpose. You can withdraw your consent at any time (Clause 6 below).
● Legitimate interest: we may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, to analyze how our Services are used so we can improve them, to diagnose problems and/or prevent fraudulent activities, support our marketing activities, and understand how our users use our products and services so we can improve user experience. Depending on the particular circumstances, we may rely on alternative legal basis when it is more appropriate to do so. For example when it is necessary to comply with legal obligations such as processing data when law requires it, or when it is necessary to protect your vital interest, or those of others, in the event of an emergency or an imminent threat to life.
Where personal data is processed for a new purpose other than which the personal data are originally collected and the processing is not based on the data subject’s consent, we will carefully assess the permissibility of such new processing.
4. RECIPIENTS
We may share information in specific situations described in this section and/or with the following third parties.
Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents (‘third parties’) who perform services for us or on our behalf and require such information to perform those services. We have agreements in place with third parties, which are designated to safeguard your personal information. This means that they can process your personal information to the extent necessary for fulfilling their obligations towards us, and process your personal information under our instruction. They commit to ensure that they protect the data they hold and retain it for the period they are instructed to by us. The third parties we may share personal information with are:
● Google Analytics concerning log and usage data, device data and location data
● In some circumstances we are obliged to share information with external recipients. For example, under a court order or where we cooperate with data protection supervisory authority in handling complaints or investigations. We can also respond to requests, such as those from law enforcement authorities, when we have a good-faith belief that the response is required by law.
5. COOKIES
We may use cookies and similar tracking technologies to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice .
6. SECURITY AND ACCESS
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. Despite our safeguards and efforts to secure your information, no electronic transmission over the Internet can be guaranteed to be fully secure, therefore, we cannot promise or guarantee that hackers, cyber criminals or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal or modify your information. Although we do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
7. YOUR RIGHTS AND CONTROLS
We want you to stay in charge of your personal data. We provide you with website settings such as marketing opt-ins, and cookie consent controls.
7.1. Right of access
You can access your personal data and obtain a copy of your personal information. You can either access your personal data via our website or ask us for copies of personal information at ([email protected]).
There are some exemptions, such as balancing the rights of others, which means that you may not be able to receive all the information we process.
You can access and update your personal data via our website but also ask us to rectify information you think is inaccurate or ask us to complete the information you think is incomplete.
7.2. Right to erasure
You have a right to ask us to erase your personal information in certain circumstances.
7.3. Right to restriction of processing
You have a right to ask us to restrict the processing of your personal information in certain circumstances. This means that your data can only be used for certain things, such as legal claims or to exercise legal rights.
7.4. Right to object to processing
You have a right to object to processing if we are processing your information on the basis of legitimate interests. You may submit an objection to any decision we have made and ask us to review it.
7.5. Right to data portability
You have a right to ask that we transfer the information you gave us from one organization to another, or give it to you, in certain circumstances.
8. RETENTION
We will only keep your information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law. No purpose in this notice will require us keeping your personal information for longer than the time period in which you have an account with us .
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible, then we will only store your personal information and isolate it from any other processing until deletion is possible.
9. UPDATES TO THE NOTICE
We may update this notice from time to time. The updated version will be indicated by a revised date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this notice frequently to be informed of how we are protecting your information.
10. DISPUTE RESOLUTION
Disputes relating to the processing of your personal data are resolved through [email protected] at the first instance. Our supervisory authority is the (Andmekaitseinspektsioon, https://www.aki.ee/en). You have a right to lodge a complaint to the supervisory authority if you believe that we have processed your personal information unlawfully or have not complied with our legal obligations.
11. CONTACT
If you have any questions about this notice, or have any inquiries regarding the exercise of your right to request access to your personal information, change that information, or delete it, please contact us at [email protected].