terms of use of personal data
Privacy Policy
Tallinna Kristlik Vabakogudus MTÜ
Website: avastajakogudus.ee
Tallinna Kristlik Vabakogudus MTÜ is a legal entity with registry code 80216263, legal address Udeselja 2-3, 11913 Tallinn (hereinafter “the church” or “we”).
In this privacy notice, the church is the responsible processor of your personal data, which processes personal data in accordance with what is stated in this document.
WHAT IS A PRIVACY NOTICE?
This privacy notice (hereinafter: “privacy notice”) applies in all cases when you have used or are using as a natural person (hereinafter: “you”) our services and the website avastajakogudus.ee or krist.ee (hereinafter: “website”) and the services offered through the website content, as well as if you have been interested in what the church offers and for this reason you provide us with your data (e.g. submitted a prayer request, registered for an event, subscribed to the newsletter, etc.).
The privacy notice applies to the processing of your personal data, and personal data is data directly or indirectly about you as a natural person (hereinafter: “data”).
The privacy notice informs you about the following:
- what data about you we collect and process;
- how we collect your data;
- for which purposes and legal bases we process your data;
- how we protect your data;
- how long we keep your data;
- who can process your data in addition to us;
- what rights you have in relation to the processing of your data and how to exercise these rights.
WHAT DOES THIS PRIVACY NOTICE NOT INCLUDE?
The privacy notice does not apply to the processing of your data by other companies when you use their services or websites, even if you use them through our website. The processing of data by these other companies is subject to the rules established by those companies.
HOW DO WE PROCESS DATA?
We process data in accordance with the Privacy Notice, the requirements of the General Regulation on Personal Data Protection in force in the European Union, and the Estonian legislation applicable to the church’s field of activity.
WHAT DATA DO WE PROCESS?
In order to provide services or sell products, we may ask you to provide us with, among other things, the following data:
- first and last name, name of representative and contact person in the case of a company or institution;
- date of birth/identity code;
- company registration code;
- residence/location (City, Country or address);
- contact information (phone number, e-mail address);
- language.
In addition, we store and process the following data in connection with the provision of services and the provision of the website:
- the aforementioned data;
- data necessary for logging in and electronic identification of the person (e.g. IP addresses, cookies);
- correspondence between us;
- information about the use of services offered by the church and participation in events;
- statistical demographic data (eg age, gender, occupation, city and country of residence);
- the data necessary to make your payment (e.g. payer’s name, payment amount, recipient’s name, list of payer’s IBANs, e-mail address, address, IP address, etc.);
- data related to orders (including pending orders).
In connection with the provision of the website, we collect and use the following data:
- data on the use of our website, its services and functionalities, and information collected with the help of cookies (e.g. from which page the website was accessed, etc.);
- data to personalize content and advertisements;
- data to provide social media features;
- data disclosed about the buyer in public databases or on the Internet (e.g. information about the buyer’s interests, e.g. Google Analytics data, data from Facebook, etc.).
In order to develop and provide services (e.g. to provide recordings of events, etc., and audio and video materials, etc. via the website), we store and process audio and video materials of events, etc., and the data entered in the participants’ feedback forms. Unless we have consent, we do not record the participants of these events in an identifiable manner.
WHEN AND HOW DO WE COLLECT YOUR DATA?
We offer various options through our website (e.g. participation in events, requests for prayer, etc.). Therefore, the information we collect about you depends on the specific services or e-channel you use and what data we need to process to offer them. We only collect data that is necessary to achieve the purposes defined below.
We collect your data mainly in the following ways:
- you provide us with data, for example, when you communicate with us;
- data related to you is created by us when you use our website and other e-channels, etc.;
- we create derived data based on your data, such as user profiles, analytical marketing data and conclusions based on automated;
- analytical decisions about your possible preferences and interests (e.g. Google Analytics);
- we receive your data from other sources, such as other service providers, publicly available registers, state institutions (e.g. population register), etc.
FOR WHAT PURPOSES AND LEGAL BASIS DO WE PROCESS DATA?
We process data for the following purposes and legal bases:
– On the legal basis of contract performance;
– for customer relationship management;
– to enable access to services and products, including via the website.
Our legitimate interest on a legal basis:
- to ensure content quality;
- for direct communication (e.g. if you have subscribed to the newsletter to send you information about events, etc. via e-mail) and for other marketing purposes (e.g. for marketing analysis to clarify your needs and preferences as a user, etc.);
Based on the obligation arising from the law:
- for accounting and transfer of data to state authorities that have the right to do so, etc.
ARE THERE OTHER PARTIES BESIDES US WHO MAY PROCESS YOUR DATA?
We may transfer your data to the extent permitted and/or required by personal data protection legislation and in accordance with the requirements of these legislation. This is only if there is a justified need for this and only to those data recipients who undertake to properly protect the data before us. If necessary, we can authorize our contractual partners to process your data on our behalf. Our partners may process data only for the purposes and within the limits of the authorizations specified in the written data protection agreement concluded with us, according to our instructions and to the extent necessary to fulfill their obligations arising from the agreement concluded between us. When we use our partners, we make sure that they act in accordance with the privacy notice.
We may also transfer your data to:
- in relation to electronic identification for identification service providers;
- in relation to your payments to us (our authorized payment service providers and data processors are Montonio Finance, https://montonio.com/legal/privacy-policy);
- to providers of legal, audit and other special services, etc.;
- on other grounds established or permitted by law.
You can request more detailed information about the transmission of your data and our authorized data processors (e.g. names and locations, etc.) by writing to us at info@krist.ee
WHAT DO WE DO TO PROTECT DATA AND ENSURE PRIVACY?
We ensure that all collected data is confidential and protected, and the church does not transfer, sell or disclose data to third parties without a legal basis (e.g. if we have your consent or if we are obliged or entitled to do so by law, etc.). We guarantee the correctness and security of the processed data.
The Website may contain links to third-party websites or services. Their websites and services have their own privacy policies. The church is not responsible for the privacy policies of third parties or the data processing related to the activity, and we recommend that you familiarize yourself with the privacy policies of each third party separately before you start using the website or service.
HOW DO WE ENSURE DATA SECURITY?
We apply the necessary IT technical, organizational and physical security measures to protect data from third parties and from unintentional or illegal deletion, modification, disclosure, transmission or other groundless or illegal processing.
Only certain authorized persons have access to change and process data. All data is treated as confidential information in our organization.
The church is not responsible for third-party access to devices under your control, the Internet, and their security.
HOW DO WE USE YOUR CONTACT DATA FOR MARKETING PURPOSES?
If we have received your contact information through the contact forms, we can send you information about our events or feedback by e-mail if you have provided us with your information.
HOW CAN I OPT OUT OF INFORMATION?
You have the right to contact the church at any time to notify your wish not to receive information from us. To stop receiving newsletters, there is a link to unsubscribe from similar emails (leave the community or unsubscribe) with each email.
WHAT ARE COOKIES AND HOW DO WE USE THEM?
In order for the website to function properly, the website stores small files – so-called cookies – on the user’s device (hereinafter referred to as the user).
A cookie is a small text file that the website stores on the user’s computer or mobile device when the website user visits the service provider’s website. This allows the website to remember the user’s actions and preferences (for example, username, language, text size and other similar display preferences) for a certain period of time. In this way, the user does not have to re-enter them every time he returns to the page or browses the pages.
The legal basis for the use of cookies is our legitimate interest in ensuring the technical functionalities and operation of the website according to the user’s preferences and choices.
Cookies are usually valid for a short period (day, week or month), in some cases they can be valid for up to a year.
We may use cookies and cookie-like tools to improve user experiences. Cookies may also be used by third parties whose services we use.
Cookies are used for several reasons:
- to personalize content and ads,
- to provide social media features and
- to analyze the use of web pages.
We may also provide information about how the website is used to our social media, advertising and analytics partners. The use of such cookies is not directly necessary for the website to function, but it ensures a better browsing experience. Cookies can either be deleted or blocked, but in this case not all functions of the website may work as intended. Cookies help us offer our services and products in a better and more personalized way.
HOW CAN I GET TO KNOW YOUR DATA IN DETAIL AND SUBMIT DATA REQUESTS?
You can get more detailed information about your data by asking questions at the e-mail address info@krist.ee
If the data has changed or is incorrect for any other reason, it must be reported to the e-mail address info@krist.ee.
We reserve the right to respond to such inquiries within 30 days of receipt.
WHAT ARE YOUR RIGHTS REGARDING PERSONAL DATA?
You have the following rights in relation to your data:
- The right to access your data;
- The right to correct personal data. If you have discovered incorrect data while looking at your data or your personal data has changed, you can always change them by contacting us.
- The right to be forgotten. In certain cases, you have the right to have your data deleted. This is primarily with regard to data processing based on consent and legitimate interest. This includes, for example, e-mail subscriptions and the like. Complete deletion of data is not possible if we also use data for other purposes, in connection with which data deletion is not permitted by law (e.g. contracts and invoices must be kept for 7 years based on the Accounting Act).
- The right to object. You have the right to object to the processing of data concerning you, which we do on the basis of legitimate interest. When submitting an objection, we will stop data processing if possible.
- The right to restrict data processing concerning you. You have the possibility to limit the processing of data by notifying us, in the following cases: to check the correctness of personal data, if you have contested their correctness; to record illegal data processing; you need data to prepare, present or defend a legal claim; you submit an objection to consider the legitimate interest and wish to restrict data processing until a decision is made.
- The right to appeal to us, the Data Protection Inspectorate or the court. You always have the right to contact the church if you want additional information on the use of your data and to the Data Protection Inspectorate or the court to protect your rights in relation to the processing of your data.
HOW LONG DO WE KEEP DATA?
We will store your data only as long as it is necessary to achieve the goals of data processing stated in the privacy notice or until the obligation imposed on us by law stipulates it (e.g. contracts and invoices must be kept for 7 years based on the Accounting Act).
For more detailed information about data retention periods, please contact us by e-mail at info@krist.ee.
HOW DO WE CHANGE THE PRIVACY NOTICE?
The church updates the current Privacy Terms if necessary. Changes may be caused by the development of services and operating practices, changes in legislation. We recommend that you regularly check the current terms and conditions on our website.
If you want a more detailed explanation about the processing of your data, please write to us at info@krist.ee. We will respond to your request as soon as possible, but within 30 days at the latest.