ITM TRADE OÜ (“we,” “us”) recognizes the importance of data protection and reassures you that protecting our customers’ personal data and privacy is of the utmost importance. We understand and value your rights to anonymity and control over how, why, and when your personal data is used. For this reason, we are taking all necessary measures to protect the personal data we process and ensure that its processing is always compliant with all legal requirements.
This Privacy Policy sets out the basis on which we will process the personal data collected from you during the recruitment process, contact request, and contract fulfillment. Before you provide us with your personal data, you should carefully read this Privacy Policy in full to understand our views and practices regarding processing personal data.
We do not knowingly process personal data of minors under the age of majority in the applicable jurisdiction. Please refrain from providing your personal data to us if you are under the age of majority in your region. Moreover, we do not provide any type of services to anybody on the sanction list. Therefore, if your name and/or company is on any sanction lists or you are affiliated with such bodies, you should not contact us.
This Privacy Policy can be modified to comply with new regulations, laws, and/or technological solutions. We reserve the right to modify this document at any time. Any changes we may make will be posted on this page, and the date of the most recent update will be indicated in the top left corner. We encourage you to revisit this Privacy Policy page to be informed of any changes to our practices, methods, and solutions regarding the processing of your personal data.
For the purposes of the General Data Protection Regulation (“GDPR”), the Data Controller is ITM TRADE OÜ, company number 11724356, with registered address Harjumaa, Tallinn, Maakri tn 19/1, 10145.
We collect personal data from a range of persons in the context of our business activities, including:
You make your personal data available to us knowingly and voluntarily, both online and offline, when you:
We may collect other types of information automatically from your device via cookies and other similar technologies as you interact with our website.
As part of the recruitment process, we collect and process some or all of the following information from you:
We rely on legitimate interest in recruitment of staff for our business as the lawful basis for processing this personal data.
During the recruitment process, we may also receive Sensitive Data which includes race, ethnicity, whether you have a disability and/or health issues. Providing, collecting and processing of such Sensitive Data can only be made with explicit consent from you as job applicant.
We may also search other databases that are publicly available, such as social media, for background checks in order to satisfy ourselves that there is nothing relevant to make you unsuitable for the role applied. Your consent will be requested for this processing.
The information collected during the recruitment process will be used to consider your application in respect to a role for which you have applied and other roles available and to communicate with you during the recruitment process.
To contact us, you will use either the phone number, email address, or contact form on our website. As part of this interaction, we will collect and process some or all of the following information:
Your consent is the lawful basis on which we process your personal data. We would like to point out that we do not share your personal data with any third parties for any purpose other than contacting you and providing pre-contractual or contractual services.
As part of the contract between us and the body with whom we entered into the contract (“Client”), we may process personal data of third parties on behalf of the Client if such processing is ordered by the Client. For the purposes of such processing, we act as a Data Processor and the Client will act as a Data Controller.
The legal basis for processing the personal data on behalf of the Client is a contract between us and the Client or other legal acts that are compliant with GDRP Art. 28. We will only process personal data on behalf of the Client according to documented instructions provided by the Client and all legal requirements.
During the contract's performance, we may process personal data related to the contacts of our Client’s employees and/or their representatives. The purpose of this data processing is our legitimate interest in making contact with the relevant employee. Such personal data can include, without limitation:
We use a surveillance system (“CCTV”) for the purpose of protecting persons, personal information, and any goods on our premises. Processing of the date received via CCTV is necessary for the purpose of legal interests according to Art. 6 (f) GDPR.
CCTV is used to protect our premises, personal information, and any goods from illegal acts, such as theft. Such purposes also apply to the safety of life, physical integrity, health, and property of employees and third parties legally located on the premises. We only collect image data and restrict recording to areas where we have assessed that this measure is needed to prevent any potential illegal act without focusing on excessively restricting any person’s privacy.
This data is only accessible by our competent and authorized employee in charge of security.
Our website contains links to social media sites, where we are represented with our own pages. When you interact with these links, your browser will establish a direct link with the third-party website, and the relevant service provider’s Privacy Policy will apply. We are not the original provider of these social media pages and only use them within the scope of the offered possibilities, meaning we do not have direct control over the processing of your personal data by the relevant service provider.
Please refer to the Privacy Policy of the social media you intend to visit via links on our website:
We take appropriate organizational and technical security measures to protect the data we process from intentional and accidental manipulation, loss, destruction, and unauthorized access by third parties. Our security measures constantly improve in line with technological development and any new legislation regarding data protection.
Our employees are fully aware of their legal obligations according to laws and are bound by confidentiality obligations. Our training program aims to raise awareness of employees of the latest developments and practices used for data protection.
Moreover, we have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to and will cooperate in mitigating the possible negative effects of the personal data breach.
We need to point out that transmission of information via the internet can have security gaps and cannot be completely secure. Even though we do our best to protect your personal data, we cannot guarantee the security of data transfer through any online means. Therefore, any transmission remains at your own risk.
We store the collected personal data on our secure servers within the European Union (“EU”).
The storage period can vary depending on the type of data, purpose of processing, and other factors. Specifically:
We will retain your personal data for as long as it is reasonably necessary to fulfill the purposes for which we collected it, including satisfying any legal requirements. We may retain your personal data for a longer period of time, for example, in the context of legal proceedings.
In general, your personal data will not be transferred to third parties.
The processing of personal data will take place exclusively within the EU. Should the need arise to transfer personal data to a country outside the EU for any legitimate and lawful reason, we will inform you before the data transfer and request your consent in writing for each such transfer. We will take all reasonable measures to protect your personal data during the transfer process to a country outside of the EU.
We may share your personal data with third-party service providers for the purposes of fulfilling the obligations indicated in the contract. Such personal data disclosure will only occur with the permission of the Client.
In certain circumstances, we are obligated to disclose and share your personal data with third parties, for example, in the context of legal proceedings.
As a data subject, you have the following legal rights in relation to your personal data under the GDRP:
You have the right to be aware of what data we process and to verify the lawfulness of the processing.
You have the right to correct, revise, update, or modify your personal data.
You have the right to request the complete erasure of your personal data collected by us in any way. However, we will retain the personal data required for the fulfillment of our legal obligations.
You have the right to revoke the consent you have given for the processing of your personal data at any time.
You have the right to object to the use of your personal data at any time.
You have the right to request your personal data in a structured, commonly used, and machine-readable format for further use. You also have the right to request the direct transfer of your personal data to another data controller.
GDPR also gives you the right to lodge a complaint with a supervisory authority in the EEA state where you normally live or work or where any alleged infringement of data protection laws may have occurred.
In order to exercise any of the abovementioned rights, you can contact us via email at legal@itm.ee.
Cookies are small bits of text created by your browser and stored on your device when you visit our website. They allow us to recognize that you already visited our website and to restore your preferred settings. We also use Cookies to statistically record the use of our website, evaluate which offers are more frequently reviewed, and make new offers according to these statistics.
Cookie files can contain bits of information, such as your preferred language, referrer links, and IP address. This information is considered confidential and will not be transferred to any third party. Furthermore, this information does not give us a direct knowledge of your identity.
This website uses Google Analytics, a web analytics service offered by Google Inc., that tracks and reports website traffic. Google Analytics collects information such as how often users visit this website, what pages they visit when they do so, and what other sites they used prior to coming to this site. We only use the information we get from Google Analytics to improve this site. Google Analytics only collects the IP address assigned to you on the date you visit this site rather than your name or other personal information. We do not combine the information collected through the use of Google Analytics with personal data collected by us. Your IP address will not be merged with any other data from Google.
In cases where you refuse the usage of Cookies on our website, Google Analytics will receive a non-cookies ping with limited information, including device type, conversion type, time of day, and browser type. This information is non-identifying and aggregated.
This website uses reCAPTCHA, a service offered by Google Inc., that protects this website from spam software and abuse by non-human visitors. A captcha service is a type of automatic test that is designed to ensure specific actions on the Internet are done by human beings and not bots. During the query, your IP address and other data required for this service are transmitted to Google. This information will be used for evaluation purposes, and your IP address will not be merged with other data from Google.
Our usage of data obtained from Cookies is restricted only to optimization of overall performance of the website and statistical analysis.
Most browsers accept cookies automatically, but you can change the settings of your preferred browser to erase all Cookies, prevent automatic acceptance of Cookies, or notify you when cookies are being used.
Please refer to the following documentation on cookies settings for your preferred browser:
Alternatively, you can manage your Cookie preferences on our website using the “Cookie Preferences” link in the footer of our website.
Generally, you can use our website without using Cookies. However, some features of the website that rely on Cookies will be unavailable. By using our website without rejecting some or all Cookies, you agree that we can place Cookies that have not been rejected on your device.
Our website uses following Cookies:
We use cookies to provide you with an excellent user experience. By clicking "Accept All", you consent to our use of cookies.