GENERAL PROVISIONS

1.1 These Principles of Processing Client Data (hereinafter “Privacy Policy”) describe how We processes Your data. Specific details on the processing of Your data might be also described in Client agreements with You or in other documents related to the Services.

1.2 This Data Policy shall apply if You enter into Client agreement with us, use the Services provided by us, submit a Request to us, gave Your consent to process Your Data or visit our Website.

1.3 We shall have the right to amend the Data Policy unilaterally at any time, based on applicable legislation. We shall inform You of the amendment of the Data Policy via our website www.magrat.eu.

DEFINITIONS

Client (You) refers to any natural or legal person or representative of the legal or natural person, who uses, has used or expressed a wish to use our services or submit a Request to us or visit our website.

Data refers to any information about Client and other person who has contacted us, the data about the Client’s representative, including data collected from public databases and public channels.

Data Controller (us) Magrat OÜ, register code 11730730, address Jõe tn 3-305, Tallinn, 12015, Estonia

Data Processor refers to anyone who processes Client data on behalf of the data Controller.

Recipient refers to a natural or legal person, public authority, agency or another body, to which the personal data are disclosed.

Processing (Client Data) means any operation executed with Your Data, including the collection, recording, organisation, storing, alteration, publication, grant of access to, making enquiries and statements, use, transmission, deletion, etc. of Your Data.

Services refers to any services, provided by us to You via any channel.

Client agreement legal relationships between You and us entered into in order to perform any Services to You.

Request means any request from You to us in order to get conclusion, enter into agreement, amendment, termination or cancellation of Service. GDPR Regulation EU nr 2016/679 of the European Parlament and of the council of 27 April 2016 n the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)

GENERAL PRINCIPLES OF PROCESSING DATA

3.1. We process Your Data under the terms and conditions of this Privacy Policy and in accordance with the procedure laid down in the legislation, including the GDPR, Estonian Personal Data Protection Act, Money Laundering and Terrorist Financing Prevention Act, this Privacy Policy and agreements entered into with You

3.2. We ensure, within the framework of data protection legislation, the confidentiality of client data and implements appropriate technical and organisational measures to safeguard Your Data from unauthorized access, unlawful disclosure, accidental loss, modification, destruction or any other unlawful processing.

3.4. We will take all steps reasonably necessary to ensure that Your Data is treated securely and in accordance with this Privacy Policy and no transfer of Your personal information will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

WHAT DATA DO WE COLLECT?

4.1. The categories of Your Data to be Processed shall be as follows:

Personal data: name, personal identification code or date of birth, signature.

Contact data: address, phone number, e-mail address.

Financial data: bank account, transactions, liabilities, online payments and money transfers.
Data about the contracts entered into with You transactions and agreements, including data about agreements entered into, amended or terminated, data about the performance of agreements, data about violations of the contract, notices, service fees, enquiries and complaints, submitted Requests.
Data connected with money laundering, terrorist financing or organised crime country of birth, country of residence, data of identity document and copy of identity document, e-resident of Estonia, the source of funds, assets, the origin of assets, data about member of the management board, power of attorney and authority to represent the Client, place of work, position, work, data about beneficial owners, data about belonging to a politically exposed person, data about belonging to a local politically exposed person, data about family member of the, politically exposed person or of the local politically exposed, person (name, surname, date of birth, personal code, place of residence or seat, position, institution).

Data concerning communication: requests, data related to communication via any channel, including communication by phone, e-mail, messages and other manners of communication.
Other Data data obtained while performing obligations arising from the law, including data arising from the enquiries made by investigative bodies, notaries, tax authorities, bailiffs courts and other state institutions.

HOW DO WE PROCESS YOUR DATA?

5.1. We process Your Data in order to perform Services to You or establish a Client relationship with You, also to respond on You Request or perform the due diligence obligations arising from law.

5.2. We process Your Personal data and your Contact Data in order to conclude a Client agreement with You and this data is statutory to enter into a Client agreement. If You fail to provide such data, we cannot perform Services to You.

5.3. We process Your Personal Data, Contact Data, Financial Data, Data concerning communication, other Data and Data about the Contacts with You, execute and terminate a Client agreement, as well as protect our interest in the court arising from a Client agreement.

5.4. We process Data connected with money laundering, terrorist financing or organised crime in order to check and verify Your identity and to keep Your data updated and correct, to prevent, discover, investigate and report money laundering, terrorist financing and also to comply with rules and regulations related to money laundering, accounting and tax information.

5.5. We process Data about Your name and e-mail on the basis of Your consent in order to send You information about our services and direct marketing messages. The consent will contain information on that specific processing activity. You can withdraw Your consent at any time by e-mail office@magrat.eu and We will stop process Your Data given on the base of consent.

DO WE USE “COOKIES”?

6.1. Yes. We use cookies whenever You visit Our Website. The cookies used are listed in our cookie policy available on website www.magrat.eu .

6.2. You can choose to have Your computer warn You each time a cookie is being sent, or You can choose to turn off all cookies.

THIRD PARTY DISCLOSURES

7.1. We do not trade, sell, or otherwise transfer to other parties Your Data unless Your give use consent to transfer such Data.

7.2. We disclose Data to Recipients such as:

– website hosting partners and other parties who assist us in operating our Website;

– payment services providers;

– partners, who provide us with accountant services in order to prepare the invoices;

– financial and legal consultants, auditors or any other data processors of the Data Controller;

– data related to violation of a Client agreement to debt collectors in order to collect the debt.

7.3. We may also release Your information to public authorities and state institution, such as law enforcement agencies, bailiffs, notaries, tax authorities, supervisory authorities, Police and Financial Intelligence Unit when We believe release is appropriate to comply with the law or protect ours or others’ rights, property, or safety.

7.4. We will not disclose more Data than necessary for the purpose of disclosure and with respect to regulatory legislation and data protection legislation.

RETENTION OF YOUR DATA

8.1. We will retain Your Data only for as long as is necessary for the purposes set out in this Privacy Policy or as required by regulatory legislation or data protection legislation.

8.2. We retain Your data processed for the performance of a Client contract seven years as of the end of our Client agreement. We retain your data related to money laundering, terrorist financing or organised crime five years as of the date of termination of the business relationship.

8.3. We will retain and use Your information to the extent necessary to comply with our legal obligations, for example, if We are required to retain Your data to comply with applicable laws, resolve disputes, and enforce our agreements and policies.

YOUR DATA PROTECTION RIGHTS

9.1. The Client who is a private person has the following rights regarding data protection:

9.1.1. to apply for the correction of incorrect or incomplete Your Data;

9.1.2. to obtain information on whether we process Your Data and examine Your Data and

receive a copy thereof;

9.1.3. to provide objections to the Processing of Data if the use of the Data is based on legitimate interest;

9.1.4. to apply for the deletion of Data, for example if You have withdrawn Your consent. The aforementioned right shall not apply if the Client Data that are asked to be deleted are also Processed on other legal grounds;

9.1.5. to restrict processing the Data, for example at the time when We assess whether You have the right to the deletion of Your data;

9.1.6. to withdraw Your consent for Processing the Data if the Processing takes place on the basis of consent. In such an event the withdrawal of the consent shall not affect the legality of the Processing that took place before the consent was withdrawn;

9.1.7. to file complaints about the use of the Data with the Estonian Data Protection Inspectorate (www.aki.ee ) if You find that Processing Your Data infringes Your rights and interests.

CONTACT DETAILS

10.1. You can contact us with any requests to exercise data subject rights and complaints regarding the processing of client data by e-mail: office@magrat.eu or by post: Jõe tn 3-305, Tallinn, 12015, Estonia

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
caosLocalGa	1 month	This cookie is used to determine whether the browser accepts cookies. It expires when we close the browser.
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
wp-wpml_current_language	1 day	Stores the current language

Cookie	Duration	Description
_gat	1 minute	This cookies is installed by Google Universal Analytics to throttle the request rate to limit the colllection of data on high traffic sites.
_ym_d	1 year	This domain of this cookie is owned by Yandex.Matrica. This cookie is used to store the date of the users first site session.
_ym_isad	20 hours	This domain of this cookie is owned by Yandex.Matrica. This cookie is used to collect information about the user like his characteristics, behaviour on page and targeted actions.
_ym_uid	1 year	This cookie is by Yandex.Metrica. This cookie is used to set a unique ID to the visitor and to collect information about how visitor use the website. Thus it help to track the user and the collected informationn is used to improve the site.
_ym_visorc	30 minutes	Allows Session Replay to function correctly
_ym_wasSynced	never	This cookie is set by the provider Yandex Metrica. This cookie is used for collecting information about the user interaction with the website. This tracked information is used for optimizing the website.
caosLocalGa_gid	1 day	This cookie is used to count how many people use the website in a day.
i	10 years	Used for identifying site users
sync_cookie_csrf	10 minutes	This cookie is set by the Yandex metrica. This cookie is used to monitor the connection with the website and third party Data Management Platforms. The cookie also collects information on the user behaviour on the website which is used for optimizing the website.
sync_cookie_ok	1 day	This cookie is set by the provider WebVisor. This cookie is used for marketing purposes.
yabs-sid	session	These are cookies used by Yandex Matrica script belonging to the company Yandex. This cookies are used to measure and analyse the traffic of the website by giving information about how the users use the website.
yandexuid	1 year	This cookie is used to identify the users. This cookie collects information about how visitors use the website. This information is used for internal analysis and site optimization.
ymex	1 year	This cookie is set by yandex. This cookie is used to collect information about the user behaviour on the website. This information is used for website analysis and for website optimisation.
yuidss	1 year	Used for identifying site users