We recommend that visitors to our websites (www.eselcom.com) and Clients of Eselcom or its subsidiaries review this Privacy Policy before providing any personal data and/or filling out any electronic forms on the website. This policy outlines what personal information can be collected and used, and it addresses other important privacy matters.

Privacy Compliance Policy

Contents:

  • General Provisions
  • Data Collection
  • Data Usage
  • Rights Related to Personal Data Processing
  • Data Retention Period
  • Data Protection Officer
  • Information Security
  • Data Collection via Cookies
  • Profiling
  • Subscription to Free Newsletters
  • Links to Other Websites
  • Final Provisions

1. General Provisions

The purpose of this Policy is to:

  • Ensure that you understand what personal data we collect from you, the legal basis for collecting it, the reasons for collecting and using it, and to whom we may disclose it;
  • Explain how we use the personal data you provide to enhance your experience on the Eselcom website;
  • Clarify your rights and preferences regarding the personal data we collect and how we protect your privacy.

1) Eselcom OÜ, with its registered office at Mustamae tee 16/6, Business Centre «Marienthali», Tallinn, 10617, Estonia, and its subsidiaries adhere to personal privacy principles and properly protect personal data.

This Privacy Compliance Policy applies to all information collected or used by Eselcom or its subsidiaries, particularly concerning the services offered by the Company and its subsidiaries through websites available at www.eselcom.com (hereinafter referred to as the “Eselcom Online Service”).

2) If specific legal requirements regarding privacy compliance and personal data processing apply to a particular Eselcom Online Service, they are governed by a separate Privacy Policy located on the respective Eselcom Online Service website (hereinafter referred to as the “Local Privacy Policy of Eselcom”). The provisions of the Local Privacy Policy of Eselcom will override the provisions of this Privacy Compliance Policy only in areas where they do not comply with this Policy, and solely for the Eselcom Online Service where the Local Privacy Policy is published.

3) This Privacy Compliance Policy does not apply to third-party websites and services accessible through links provided on the aforementioned website.

4) For the purposes of this Policy, a Client refers to individuals visiting the Eselcom Online Service websites and/or using the services of Eselcom and its subsidiaries.

2. Data Collection

1) The data controller, i.e., the entity determining the purposes and means of processing personal data, in accordance with the European Parliament and Council Regulation (EU) 2016/679 of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”), for personal data of clients, potential clients, and other individuals using the website https://www.eselcom.com, is Eselcom OÜ, with its registered office at Mustamae tee 16/6, Business Centre «Marienthali», Tallinn, 10617, Estonia (hereinafter – “Eselcom”).

2) We process your personal data because it is necessary to fulfill a contract concluded through the website https://www.eselcom.com, i.e., to provide a service (in accordance with Article 6, Paragraph 1, Letter b GDPR). Additionally, we process personal data for the following purposes:

  • Registration of the User in the order system and providing user support, including product offers and order fulfillment (Article 6, Paragraph 1, Letter b GDPR);
  • Possible contact and responding to messages regarding issues/questions submitted via forms (Article 6, Paragraph 1, Letter a GDPR);
  • Contacting and responding to inquiries about our products submitted via forms (Article 6, Paragraph 1, Letter a GDPR);
  • Handling complaints and claims (Article 6, Paragraph 1, Letter c GDPR);
  • Compensation related to concluded insurance contracts (Article 6, Paragraph 1, Letter f GDPR), where the legitimate purpose is the right to compensation;
  • Archival purposes (Article 6, Paragraph 1, Letter c GDPR);
  • Statistical purposes (Article 6, Paragraph 1, Letter f GDPR), where the legitimate purpose is to possess information about the statistics of our activities to improve them;
  • Ensuring compliance with our legal obligations, including combating money laundering and terrorism financing, as well as countering support for aggression against Ukraine (Article 6, Paragraph 1, Letter c GDPR).

Furthermore, we may process data for marketing purposes, i.e., to promote our products and services. If we do this without using electronic means of communication, the legal basis for such activity is Article 6, Paragraph 1, Letter f GDPR, where the legitimate purpose is conducting marketing activities. However, if we use electronic means of communication, such as email or phone, we process data only based on your consent (Article 6, Paragraph 1, Letter a GDPR).

3) Personal data of the Company’s clients are processed and protected in accordance with applicable data protection laws, including GDPR and the Personal Data Protection Act.

The Company does not transfer, sell, or provide collected personal data to other individuals or entities, except to fulfill obligations arising from legal regulations or with the consent of the data subject. The Company may transfer personal data to other processors under the conditions outlined in applicable laws.

4) When registering on the website through the registration form, the Client provides their first and last name, residential address, email address, contact phone number, country, city, postal code, and language. Providing this information is voluntary, with the first and last name and residential address being necessary to conclude a sales contract with the Company.

5) During registration, the Client sets a username and password to protect their account on the website. The Client must protect the username and password from unauthorized use.

3. Data Usage

1) Personal data may be transferred to other processors who process data on our behalf, including:

  • Organizations providing postal or courier services;
  • Banks and payment intermediaries (depending on the payment method selected by the Client) – for returning unclaimed funds;
  • Payment intermediaries (if the Client chooses such a payment method) – for processing payments;
  • Government authorities or other entities authorized under legal regulations to fulfill obligations imposed on us (tax authorities, law enforcement agencies, etc.);
  • Entities managing our teleinformation systems (hosting companies, IT service providers);
  • Entities providing legal assistance, accounting, tax, debt collection, or consulting services.

2) Data collected through direct contact with the Company via the website is used solely for correspondence with the Client and responding to their inquiries.

4. Rights Related to Personal Data Processing

1) You have the right to access your data, as well as the right to correct, delete, restrict processing, transfer data, object to processing, and withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal (if processing is based on consent).

Additionally, if you believe that our processing of your data violates GDPR, you have the right to lodge a complaint with the data protection supervisory authority.

5. Data Retention Period

Your personal data will be stored until the end of the contract term (service provision) and after its termination:

  • Data contained in contracts – until the statute of limitations for claims arising from the contract expires (a maximum of 10 years from the date of contract completion);
  • For purposes arising from legal provisions, including obligations to retain accounting documents, issue invoices, etc.;
  • Documents related to warranties and claims will be stored for 1 year after the warranty period or claim resolution;
  • Data submitted via contact forms – for the statute of limitations period for potential claims (a maximum of 3 years).

Data for marketing purposes:

  • If data is processed based on consent – until consent is withdrawn or marketing activities are completed;
  • If data is processed based on Eselcom’s legitimate interest – until an objection is raised or marketing activities are completed.

6. Data Protection Officer

1) For questions related to data protection, you can contact the Data Protection Officer via email at dpo@eselcom.com or in writing at our registered office:

Marcin Gadzki
Eselcom OÜ
Mustamae tee 16/6
Business Centre «Marienthali»
Tallinn, 10617, Estonia

7. Information Security

1) The Company and its subsidiaries implement appropriate security measures to protect data from unauthorized access, alteration, disclosure, or destruction. These measures include technical solutions such as proper encryption of data transmitted over the Internet, strict control of physical access to computers and storage media where personal data is recorded, and the implementation and enforcement of appropriate storage procedures and personal data handling rules. All individuals processing personal data for the Eselcom Online Service have the necessary authorizations issued by the data controller and regularly receive data protection training.

2) The Company creates backups and may use other similar measures to prevent accidental damage or destruction of Clients’ personal data.

3) Credit card or electronic payment is supported by services such as PayPal and PayU. These services are responsible for the data provided in their forms, which are also protected by appropriate technical solutions.

8. Data Collection via Cookies

1) Some areas of the Eselcom Online Service may use cookies, which are small text files sent to the Client’s computer hard drive that identify them in a way that allows information about their website visits to be collected and their settings, such as login language, to be stored. Cookies do not process or store personal data. The same applies to individuals visiting the Eselcom Online Service who are not registered.

2) Cookies are used to tailor website content to the preferences of Eselcom site users. They are also used to create anonymous statistics that help understand how users interact with the websites, allowing us to improve their structure and content without personally identifying users. Cookies also enable the analysis of which parts of the websites are most interesting to users.

Cookies may be used during remarketing. This involves displaying graphic or text-based advertisements based on previously saved user settings to individuals who have previously visited the site.

When advertising online, Eselcom may use remarketing with tools like Google Ads/Google Analytics. Eselcom’s online advertisements are displayed by third-party providers. Eselcom and external providers, including Google, use cookies to display ads based on the recipient’s previous visits to the Eselcom website.

As part of our marketing activities, we use enhanced conversion technologies offered by Google Ads to understand the effectiveness of our advertising campaigns by analyzing user actions on our website after clicking on a Google ad. To this end, we may send anonymous information, such as email addresses, to Google, which are converted into a secure format (hashed) before transmission. This allows for conversion tracking without disclosing or storing any personal user data. These data are processed solely to evaluate the effectiveness of our advertising campaigns, optimize future campaigns, and better understand conversion paths on our website. Data processing is based on user consent, which can be withdrawn at any time. We commit to taking appropriate security measures to protect your personal data. All data sent to Google are anonymized through hashing.

We use Google Analytics advertising features. This means that visit information is collected and combined with information from Google user accounts that are signed in. It is used to create aggregated, anonymous user behavior statistics across different devices. You can opt out of Google Analytics advertising features by not consenting to the use of analytics cookies or by visiting https://tools.google.com/dlpage/gaoptout/. You can also manage this data at https://myactivity.google.com/myactivity.

As part of our marketing activities, Eselcom conducts profiling, which involves automatically evaluating which products or services may interest you by using information about the content you view and your purchase history. This ensures that advertisements for products or services displayed within your online services are better tailored to your needs. For this purpose, Eselcom uses automated marketing tools like user.com.

3) Cookies can be disabled at any time in your web browser settings, but this may hinder the use of the Eselcom Online Service.

By default, the software used to view websites allows cookies to be placed on the end device. However, settings can be changed to block the automatic processing of cookies or to notify you each time a cookie is sent to your device. Information about the possibilities and methods for handling cookies is available in the software (web browser) settings.

However, please note that restricting the use of cookies may negatively impact some functionalities available on the website.

To learn more about the cookies used by Eselcom and how to manage their settings, click here.

9. Profiling

Your personal data will be processed automatically (including profiling), but this will not have any legal consequences for you or significantly affect your situation in a similar manner.

10. Subscription to Free Newsletters

1) A newsletter is a free service that involves informing Clients who have expressed a desire to be added to the subscriber list about the Company’s and its subsidiaries’ offers, events, and other information related to their commercial activities by periodically sending selected content in electronic form via email.

2) Subscription to the newsletter is done by selecting the appropriate field on the Eselcom Online Service homepage indicating consent to receive the free newsletter (“subscribe”) and providing an email address or by selecting the appropriate field in the registration form – this field is not mandatory. The data obtained in this manner are added to the mailing list.

3) Clients who decide to be on the subscriber list agree to receive marketing materials sent electronically in accordance with Article 8, Paragraph 1 of the Act of July 18, 2002, “On Providing Services in Electronic Form” (Legislative Bulletin No. 144, Item 1204, 2002) in the form of a newsletter.

4) Data of Clients registered for newsletter access are used exclusively to send the Client new newsletters.

5) Clients can opt out of receiving the newsletter at any time by selecting the appropriate field on the Eselcom Online Service homepage indicating disagreement to receive the free newsletter (“unsubscribe”).

11. Links to Other Websites

The Eselcom Online Service may contain links to other websites provided for the convenience and information of the Client. The Company is not responsible for the information and privacy policies implemented on those sites. The Client should be aware of the separation of these sites from the Eselcom Online Service and independently verify the privacy policy of any website visited via a link.

12. Final Provisions

1) The Company may make changes to this Privacy Policy at any time. Each time a new Privacy Policy is published on the Eselcom Online Service, it becomes binding and applies to all data collected in connection with the Client’s activities on the Eselcom service after the updated version of the Privacy Compliance Policy is posted on the respective Eselcom Online Service website.

2) If you have any questions regarding the Privacy Compliance Policy, please contact the Data Protection Officer via email at dpo@eselcom.com or in writing at:

Marcin Gadzki
Eselcom OÜ
Mustamae tee 16/6
Business Centre «Marienthali»
Tallinn, 10617, Estonia