This privacy notice explains how we, Snicco OÜ (registration code 16868172, located at Harju maakond, Tallinn, Kesklinna linnaosa, Pärnu mnt 139c, 11317), process personal data in our business as per the General Data Protection Regulation (GDPR) and other relevant data protection and privacy laws applicable to our business.
Your Data Protection Rights
- Access and rectification: you may request a copy of the information we process about you and ask us to rectify any incorrect data.
- Erasure or restriction: in some circumstances, you may ask us to delete or restrict our processing of your data, but we cannot delete any data we are legally required to process.
- Object to processing: in some circumstances, you may ask us to stop processing your data.
- Data portability: in some circumstances, you may ask us to transfer your data to you or another organization.
- Also, if you’re unhappy about how we process your data, you have a right to complain to a national data authority. We hope, however, that you will contact us first so that we can try to resolve the matter for you in a satisfactory way.
Please get in touch with us if you have any questions about how we handle your data or want to exercise one of your rights. You are entitled to a reply within 30 days.
How we get your personal data
We typically process personal data on potential or existing customers, website visitors and vendors and collaboration partners.
We may process personal data when you:
- Contact/communicate with us online (email, video calls, social media, etc.) or on the phone
- Use our services/software (CommandUI)
- Deliver products/services to or enter into a collaboration with us
- Fill out contact forms: When you submit a contact form on our website, we may collect your name, email address, and any other information you provide.
- Sign up for newsletters or marketing communication: When you subscribe to our newsletter or other marketing communications, we collect your email address to send you updates and information about our products and services.
It is voluntary to provide us with personal data, but we cannot provide you with our services if you choose not to.
We do not rent, buy or sell personal data from or to others, use automated decisions or profiling in the processing of your personal data, or process any special category data as per the GDPR Article 9.
Purpose, lawful basis and retention periods
We only process your personal data when we have a purpose and a lawful basis for doing so. Under the GDPR Article 6-1, the lawful bases we rely on are:
- Your consent
- We have a contractual obligation (contract)
- We have a legal obligation
- We have a legitimate interest
As a rule, we do not process personal data for longer than necessary to fulfill the purpose for processing.
We will only retain data for as long as we are required to as per applicable legal obligations such as accounting, tax, labor laws or any other relevant rules and regulations.
Details on the processing of your personal data
This section describes when and how we process your data, for what purposes and our legal grounds to do so (lawful bases). We also specify the retention periods for the processing.
We process personal data when:
You communicate with us
Regardless of your relationship with us, as a potential or existing customer, vendor or other, we process your personal data whenever you communicate with us. This could be when you contact us through email, phone (call, text message) or social media. Depending on where and how you contact us, this may include your name, contact details, IP address and other information you choose to send to us. We use a customer support system to manage personal data on potential and existing customers.
The purpose is to be able to respond to your inquiries and, on some occasions, to keep records in case of complaints or legal claims. The lawful basis is f), where our legitimate interest is to respond to your inquiries and, on some occasions, keep records in case of complaints or legal claims.
We typically keep this type of personal data for up to two years, or six years if we have a legal obligation in accordance with accounting and bookkeeping rules.
You Subscribe to Snicco OÜ Services/Software (Become a Customer)
When you purchase software or services from us, we collect the personal data you provide during the purchase process. This may include your email address, billing address, payment details, and, where applicable, VAT number and company details.
The purpose of this processing is to fulfill our obligation to deliver the services you have purchased and manage the customer relationship. The lawful bases for this processing are:
- b) Contract: to deliver the products or services you have purchased.
- c) Legal obligation: related to accounting, tax, and other business laws we must abide by.
We process the data for as long as you are a customer and retain it for at least 7 years, as required by law for accounting and bookkeeping purposes.
You receive marketing as an existing customer
If we have an existing customer relationship with you, we may send you emails containing a promotional element. The personal data we process is your name and email address. The purpose is to provide you with news and offers related to your subscription. The lawful basis is f), where our legitimate interest is to offer our relevant products and services. The lawful basis could also be a), where you have given us your consent to such marketing.
You can opt out of marketing emails at any time by clicking the unsubscribe link in any such email. We process the data for as long as we have a customer relationship with you or if the processing is based on your consent until you withdraw it. When you ask us not to send you any promotional materials, your account will be flagged as “unsubscribed from marketing” in our internal database, and you won’t receive any further marketing emails from us. We are still required to process data for accountancy, tax and other business purposes if you are our customer.
You receive marketing after giving consent
If you have given us your explicit consent to receive marketing communications, we may use your personal data, such as your name and email address, to send you promotional materials and updates about our products, services, or special offers.
The lawful basis is a), where you have given us your consent to such marketing.
You can opt out of marketing emails at any time by clicking the unsubscribe link in any such email. We process the data for as long as we have a customer relationship with you or if the processing is based on your consent until you withdraw it. When you ask us not to send you any promotional materials, your account will be flagged as “unsubscribed from marketing” in our internal database, and you won’t receive any further marketing emails from us. We are still required to process data for accountancy, tax and other business purposes if you are our customer.
You Respond to Our Surveys or Fill Out Forms
We sometimes send surveys to our customers to improve our products and services. Additionally, we may collect personal data when you fill out forms on our website, such as feedback forms, inquiries or waitlist forms.
Responding to our surveys and filling out forms is completely voluntary. We process personal data such as your name, contact details, and any other information you choose to share with us in forms. If a survey or form is anonymous, no personal data is processed.
The purpose is to gather your feedback and information to continuously improve our products, services, and customer support. The lawful basis for this processing is a) consent
You supply services to or collaborate with us
When you enter into an agreement with us either as a vendor, partner or data processor, we process personal data such as your name, contact details and correspondence. The purpose is to enter into this agreement and communicate with you before, during and after our formal business relationship.
The lawful bases are b) contract, c) legal obligation related to accounting, tax and other business laws we are required to abide by, and f) where our legitimate interests are to be able to communicate with you before, during and after our formal business relationship (described under the paragraph “You communicate with us” above). We store personal data for as long as we have a formal business relationship and then for up to 7 years after, in accordance with our legal obligations for accounting, tax and other business purposes.
You use our website (commandui.com)
When you use our website, we briefly process your IP address and user agent, which are considered personal data under the GDPR. Our web server stores access logs, including IP addresses and user agents, for up to 14 days. This data is collected for purposes such as ensuring the security and proper functioning of our website. Additionally, we use CloudFlare to help protect and optimize our site, which may also collect similar information as part of their security and performance services.
The purposes for this processing are:
- a) to protect our website against cyberattacks and ensure it operates efficiently.
- b) to analyze our website traffic to optimize and run our business effectively.
The lawful basis for this processing is f), where our legitimate interests are to protect our business and optimize our website effectively.
We do not use tracking cookies or similar tracking technologies on our website, and we do not collect any personal data that would trigger the consent requirement under the ePrivacy Directive (Directive 2009/136/EC).
Whom We Share Your Personal Data With
To run our business efficiently and securely, we sometimes will have to share your personal data with other (trusted) parties, such as:
- Data processors: providers of various services that process your personal data on our behalf
- Our accountant
- Professional advisors from other industries, such as law and finance
- IT support, when necessary
- Public authorities: when we are obliged to report to them
We use data processors for:
- Email, calendar, and digital meetings
- Accounting/bookkeeping
- This website, including online payments providers
- Transactional emails to customers
- Support ticket system
We don’t publish further details (like names) of our data processors to protect our business. If you’d like to know more about our processing and with whom we share your personal data, please get in touch with us. We practice data minimization, so we will only use data suppliers to process your personal data when required (e.g. Stripe for payment processing).
Transfer of personal data outside the EU/EEA
In some cases, your personal data will be transferred to a “third country”, i.e. outside the EU/EEA. For example, where we use data processors to manage email services. We only use data processors we trust that are well known, reputable, and have a data processing agreement/addendum.
If you have any concerns or questions, please get in touch with us.
Accessing and Correcting your Personal Data
You have a right to access your personal data and request a correction if you believe it is inaccurate. If you have submitted Personal Information and would like to have access to it, or if you would like to have it corrected, please get in touch with us using the contact information provided below.
How to Contact Us
If you have any questions regarding this privacy policy or to access your information, please email: [email protected]