Privacy Policy
We process personal data in accordance with the EU General Data Protection Regulation (GDPR, EU 2016/679) and the laws of the Republic of Estonia. We do not process sensitive personal data as defined in the GDPR Regulation. Our privacy policy explains how and why we collect and process personal information.
What personal information do we collect?
Your personal information will not be collected when you read the blog. You have the opportunity to voluntarily submit personal information by entering your comments in the post comments or joining the mailing list:
- name
- email address
Comments can also be added without providing personal information.
Why do we collect and process personal data?
We collect and process personal data for the following purposes:
- to send automatic email notifications when a new comment is added to a post
- to send automatic e-mail notifications when a new post is added to the blog
Collection and sharing of personal information using the e-shop
Forest Steel OÜ, which manages the Foreststeel.ee online store, collects the Customer’s contact information (first and last name, telephone, e-mail) and purchase history in order to fulfill the order and for later smoother customer communication and to compile better offers.
None of the data collected in the customer communication and / or purchasing process is subject to disclosure to third parties, except to the minimum possible extent to the logistics partner fulfilling the order. All Customer data is protected by Estonian data protection legislation.
Webshop and Forest Steel OÜ do not collect or process customers’ bank data, as the foreststeel.ee environment uses Montonio, a secure payment solution with bank links, to collect payments, which guarantees the confidentiality of the Customer’s fiscal data.
Forest Steel OÜ is the chief processor of personal data and the company forwards the personal data necessary for making payments to the authorized processor Montonio Finance OÜ.
Foreststeel.ee announcements
Foreststeel.ee notifications can only be received by subscribers to the newsletter. If the recipient is no longer interested in receiving notifications, they can unsubscribe at any time by clicking on the text link “I want to unsubscribe from the newsletter” in the e-mail.
Foreststeel.ee only sends relevant messages from which the recipient is expected to benefit. Foreststeel.ee does not sell, rent or in any other way allow third parties to use the contact details (e-mail, telephone number) of those who have subscribed to the newsletter.
Collection and use of other data
Foreststeel.ee collects and analyzes general information about website traffic, time spent on the page, session duration, etc. for statistical purposes. These statistics allow us to improve the functionality and design of the website and provide better user-friendliness. However, the information collected in this context is not traceable to the individual and preserves the privacy of the website visitor.
This data is used for marketing and customer service purposes and may be provided to third parties for data processing and development purposes, while maintaining the anonymity of the visitor.
By using the Foreststeel.ee services, the Client confirms that he has read our privacy policy and agrees to its terms.
Cookies
This website sends small files (“cookies”) to your computers and mobile devices that are necessary for this website to function and to collect anonymous web analytics. We use them as follows:
- We collect and analyze anonymous web statistics about how users navigate the website. We do this using Google Analytics software, which treats data anonymously and does not collect or process personal information.
To whom is the data transmitted?
We treat your personal information as confidential and will not pass it on to other individuals or companies.
Transfer of personal data outside the EU
We do not transfer your personal data outside the European Union or the European Economic Area (EEA).
Data security
We work to protect your information from unauthorized access or from unauthorized modification, disclosure or infringement.
To ensure data security, we do the following:
- We treat all personal data as confidential.
- We only use encrypted services using SSL.
- We restrict access to personal data to those employees and contractors who need the information to process it and who are subject to strict contractual confidentiality obligations and who may be penalized or terminated if they fail to comply with those obligations.
- We store personal data primarily in digital form and not on paper to ensure more secure access control.
- The personal data repository is protected by the necessary IT technical and organizational protection measures.
Although we use strict security rules for personal information that has entered our environment, it should be noted that the Internet is never completely secure and we cannot guarantee the secure transmission of the data you send to us. The security of data transmission is always at your own risk.
What rights do you have and how can you exercise your rights?
If you have given your consent to the collection, processing and use of your personal data in a certain way, you can withdraw this consent at any time in the future.
In accordance with applicable data protection law, you have the right to:
- Request access to your personal information.
- Request the correction of your personal data.
- Request the deletion of your personal data.
- Request a restriction on the processing of your personal data.
- Request the transfer of your personal data.
- Request the withdrawal of your consent to the processing of your personal data.
- Oppose automated decision making (including profiling).
The application must uniquely identify you. To exercise your rights and submit your request, please contact us as described in the “Contact Us” section.
Please note that you can only request the deletion of your personal data, the restriction of processing, etc., if this is in accordance with the legal basis and data protection legislation.
In the event of a complaint, you have the right to lodge a complaint with the competent data protection authority. We work with the relevant regulatory authorities, including local data protection authorities, to resolve complaints about the transfer of personal data.
How long do we keep your personal information?
Your personal data will be kept for as long as it is necessary to provide you with the services you want. If personal data has not been used for 3 consecutive years, we will delete your personal data or make your personal data anonymous, unless mandatory retention requirements apply.
Non-personal data collected will be stored indefinitely.
Privacy Policy Terms and Changes
By using this website, you have read and agree to these terms and conditions.
Our privacy policy may change from time to time. We will not reduce your rights under this Privacy Policy without your express consent. We will post a notice of any changes to this Privacy Policy on this page, and we will post a more detailed notice in the event of major changes.
Contact us
If you have any concerns or questions regarding this Privacy Policy, please contact: