Personal data processing at MYPRINT
The aim of this document is to inform clients about SIA “Parrot Telpa” (MYPRINT) updated Personal Data Processing principles, as well as to inform about natural persons’ rights and option to gain information about your Personal Data Processing at MYPRINT.
GDPR - Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on free movement of such data; going into effect on May 25, 2018.
Personal Data – any information that directly or indirectly allows to identify a natural person.
Data Subject – directly or indirectly identifiable natural person.
Processing – any operation with Personal Data (including collecting, saving, storing, exchanging, giving access, requesting, handing over etc.)
These Principles describe how MYPRINT Processes Personal Data. Detailed Personal Data Processing description may be found in contracts or in the website: www.myprint.ee;
Within valid laws and regulations MYPRINT provides Personal Data confidentiality and implements all technical and organizational measures to protect Personal Data from unsanctioned access, illegal Processing or making public, modifying or destroying;
While Processing Personal Data MYPRINT can use Processors, in this case concluding an agreement to provide that Personal Data is processed in accordance with the specified MYPRINT goal and with specified MYPRINT measures, within valid laws and regulations;
The cookies are stored in clients’ computers or mobile devices and if needed may be deleted.
Aims and basis of Personal Data Processing
MYPRINT processes clients’ Personal Data:
in the website https://myprint.ee during the registration process - to identify clients who want to use MYPRINT services or receive MYPRINT news via e-mail;
during the processing of the order - to communicate about the production and shipping of the ordered item;
during the process of personnel administration – to provide employment relationship and social guarantees;
during the recruitment process – to evaluate candidate’s suitability for the position.
Handing over Personal Data to other recipients
MYPRINT can hand over Personal Data to legal government bodies (such as law enforcement institutions);
MYPRINT can hand over Personal Data to Processors, concluding an agreement to provide that Personal Data is processed in accordance with the specified MYPRINT goal and with specified MYPRINT measures, within valid laws and regulations;
Storage mode and duration
The system (project editors) works with photo thumbnails.
Access to image thumbnails is secured with a 32-character random alphanumeric key (Photo ID).
The chance for an unauthorized person to guess this key is negligible.
The key can only be accessed by successfully opening the project.
Such protection is sufficient to psecure this type of data.
MYPRINT stores Personal Data only for as long as it is necessary to reach the goal of data gathering:
the client’s registration data are deleted if the client hasn’t made an order in two years’ time and has marked in the profile that he doesn’t want to receive MYPRINT news via e-mail;
when processing the orders, data storage period is linked with the requirements of mutual payment accountancy (Act on Accounting) and limitation period of the appeal;
when administrating personnel, Personal Data storage is defined by the requirements of the labor law;
Personal Data gained during the recruitment process are deleted after the candidate has been acknowledged as unsuited for the vacancy, unless the candidate has given the permission to evaluate his candidacy for other MYPRNT vacancies.
Personal Data at MYPRINT are classified as “restricted information” and thus are processed (accessed, stored, transmitted etc.) by using appropriate confidentiality, integrity and accessibility measures.
Personal Data storage duration is defined
MYPRINT stores clients’ data for as long as it is necessary to achieve the specific goal. If the Data Subject cancels the approval to process his Personal Data, then the storage duration of these data is defined by the Act on Accounting and the Code of Administrative offence.
The rights of Data Subject
Regarding the Processing of Personal Data persons’ rights are:
to demand correction of one’s Personal Data, if they are improper, incomplete or incorrect;
to object to one’s Personal Data Processing or to cancel the approval of one’s Personal Data Processing, if it is based on legitimate interests or person’s prior agreement;
to require deletion of one’s Personal Data, if the Processing of these data is based on agreement and the person has canceled this agreement. These rights are not valid, if Personal Data which are being asked to delete, are Processed based on other legal justification, such as contract or responsibility arising from corresponding laws and regulations;
to receive information on whether one’s data are being processed, and if they are, to review them if the legislation allows it;
to receive one’s Personal Data which have been handed in and are being processed based on agreement in written or any common electronic form, and to hand these Data to other service provider, if possible;
to lodge a complaint to Data Protection Agency (www.dvi.gov.ee), if the client believes that according to laws and regulations MYPRINT data procession breaches his rights;
To implement these rights, Data Subject has to send his request in an electronically signed e-mail letter to firstname.lastname@example.org or to come in person, identifying himself with an identity document, and hand in the request in written form;
By cancelling his agreement to process one’s Personal Data in the webpage https://myprint.ee, the Data Subject can no more receive services presented to registered users.
Client can contact MYPRINT in relation to questions about data processing agreement cancellation, Personal Data claiming, Data Subject rights and lodging complaints;
MYPRINT contact information is available on the webpage www.myprint.ee.