Client means a legal person using Unicount Services.
Personal Data means any information relating to an identified or identifiable natural person.
Controller means Estonian private limited company Unicount OÜ, registry code 14614272, address Veskiposti 2-1002, 10138 Tallinn.
Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data.
Services mean any service provided by Unicount.
Website means www.unicount.eu and www.app.unicount.eu
Unicount means Estonian private limited company Unicount OÜ, registry code 14614272, address Veskiposti 2-1002, 10138 Tallinn.
User means anyone visiting the Website
2. How and what kind of Personal Data is processed?
2.1. Although Unicount provides business services only to legal entities, there are different categories of Personal Data that Unicount collects about you. Some Personal Data is collected automatically while you visit the Website. Due to the nature of the Services Unicount provides, you are required by law to provide certain Personal Data for receiving the Services.
2.2. When you order Services you are required to provide certain Personal Data, such as your name, personal identification code, email address, telephone number, address and payment card number or other billing information, for ordering Services and making the payment for the ordered Services.
2.4. When you subscribe to the Unicount newsletter, you provide Unicount with your email address, and Unicount will occasionally send you emails about the Services and news related to the Services.
2.5. When you purchase the Services and enter into a contract with Unicount by Subscribing to any of the Services you are required to provide Unicount at least the following Personal Data:
– Your name;
– Your personal identification code;
– Your email address;
– Your telephone number;
– Your address;
– Your citizenship.
3. What are the purposes and legal basis for processing?
3.1. Your data is used for the following purposes:
3.1.1. Providing the Services
Your Personal Data is processed to provide you with the Services. As Services provided by Unicount are regulated by law, clients are also obligated to provide Unicount with certain Personal Data (listed in article 2.5.). Failure to provide Personal Data may result in not being able to order Services, Services being refused and/or Services being terminated.
3.1.2. Improving the Services
3.1.3. Providing Client support
Your Personal Data is processed to contact you for administrative purposes such as Client Support, billing matters and responding to your enquiries.
3.1.4. Marketing and keeping you informed about the Services and news
If you are interested in receiving offers, information and news regarding the Services, you may subscribe to the Unicount newsletter by providing Unicount with your email address and consent.
Unicount uses your email address provided upon subscription only for sending you the newsletter. You can unsubscribe from receiving the newsletter anytime or ask Unicount to delete your email address from the list of recipients at any time.
3.2 Unicount generally does not process Personal Data based on consent. However, occasionally your consent may be required (e.g. for processing information through certain cookies placed on the Website). Your Personal Data may also be processed as described in separate privacy notices provided to you at the time the relevant Personal Data is collected, or in another manner to which you consent.
3.3. Unicount can rely on legitimate interests for processing your Personal Data, provided those interests are not outweighed by your rights and interests. Legitimate interests pursued by Unicount are described above in the purposes of the processing. You can obtain additional information about such legitimate interests by sending us an email at firstname.lastname@example.org.
4. Categories of recipients of Personal Data and transfers to third countries
4.1. Unicount is not able to provide you with the Services without using third-party service providers. Therefore, your personal information may be disclosed to the third-party service providers used by Unicount. Unicount uses third-party service providers for the following services:
Accounting and legal service subcontractors
Estonian X-road services
Estonian Business RegisterCommercial Registry
Social media, advertising and analytics partners
Other services necessary for providing the service to clients based on the Terms of Service.
4.2. Third-party service providers are provided only with such information that is reasonably necessary for performing their services and selected service providers guarantee their compliance with the applicable data protection legislation. Third-party service providers are independent of Unicount and have their own privacy policies. Please contact us for further information by emailing email@example.com.
4.3. Unicount shall forward the personal data necessary for the execution of payments to the data processor AS Maksekeskus.
4.4. Third-party service providers located outside the EU are implementing GDPR requirements for Personal Data transfer outside the EU or processing Personal Data only in data centres in the EU.
4.5. Unicount may disclose your Personal Data to the relevant state authorities if so required by applicable law.
5. Tracking and cookies
5.1. Unicount uses technologies such as cookies on its Website to customize the content, analyze traffic to the Website and advertise the Services to the relevant target group.
Cookies are small text files that contain information about your interactions with the Website. Data collected through our cookies is impersonal and Unicount does not use this data to identify the individual using the Website.
5.2. Unicount uses the following categories of cookies:
5.2.1. Necessary cookies for making the Website usable by enabling basic functions like page navigation and access to secure areas of the Website. The Website cannot function properly without these cookies.
5.2.2. Preference cookies enable the Website to remember information that changes the way the Website behaves or looks, like the preferred language of the User or the region from which the User comes to the Website.
5.2.3. Statistic cookies help Unicount understand how users interact with the Website by collecting and reporting information anonymously.
5.2.4. Marketing cookies enable Unicount to show ads to relevant target groups in cooperation with advertising partners.
5.3. You may delete cookies at any time. The cookies are stored in a web browser and every browser has a slightly different procedure for deleting cookies.
The data collected by Facebook pixel can be used to show relevant ads to Unicount’s target groups. You can change the Ad settings under your personal Facebook account, should you wish to do so.
Information about how Facebook keeps information safe can be found here: https://www.facebook.com/business/news/facebooks-commitment-to-data-protection-and-privacy-in-compliance-with-the-gdpr.
Unicount uses Google services to analyze the usage of the Website and optimize the experience.
Google Analytics allows Unicount to track which pages are visited, and for how long and gives Unicount insights about where the Users come from.
The data collected by Google also allows Unicount to show relevant ads through AdWords.
Information about how Google keeps information safe can be found here: https://privacy.google.com/#.
Hotjar is a technology service that helps Unicount to better understand Website User experience (e.g. how much time Users spend on the Website, which links they choose to click, what they do and don’t like, etc.) and this enables Unicount to build and improve its Services with User feedback.
6. Storage periods
6.1. When Unicount processes Personal Data for complying with Money Laundering and Terrorist Financing Prevention Act, the data shall be kept for a period of five (5) years from the end of the contract for Services.
6.2. Unicount retains all information you submit to us for a reasonable period for backup, archiving, prevention of fraud, protecting Unicount’s legal interests or otherwise where Unicount has a legitimate reason for retention. All data other than those required by law shall be deleted 6 months after reception by Unicount.
7. Your rights
7.1. You have the following rights related to your Personal Data:
7.1.1 Right of access to your Personal Data
You have the right to obtain information regarding whether or not your Personal Data is being processed by Unicount and if it is, then to have access to your Personal Data and the following information
a) The purpose of the processing;
b) The categories of Personal Data concerned;
c) The recipient to whom your Personal Data has been or will be disclosed;
d) Where possible, the envisaged period for which the Personal Data will be stored, or if not possible, the criteria used to determine that period;
e) In case of your Personal Data is transferred to a third country you have the right to be informed of the appropriate safeguards set in place by Unicount.
7.1.2. Right to amend your Personal Data
You have the right to rectification of your inaccurate Personal Data processed by Unicount. This means the correction of incorrect Personal Data or completion of incomplete Personal Data, taking into account the purposes of the processing by Unicount.
7.1.3 Right to object
You have the right to object to the processing of your Personal Data if the processing of your Personal Data is based on legitimate interests, including profiling for direct marketing purposes.
7.1.4 Right to transfer your Personal Data
You have the right to receive your data, that you have provided to Unicount in a structured, commonly used format and machine-readable format and have the right to have this data transmitted directly to another service provider in cases where:
a)Unicount processes your Personal Data on your consent or on the basis of fulfilment of a contract and
b)processing is carried out by automated means.
7.1.5. Right to erasure of your Personal Data
You have the right to have your Personal Data deleted if:
a) Your Personal Data are no longer necessary to the purpose for which it was collected or otherwise processed:
d) Your Personal Data has been unlawfully processed;
e) Your Personal Data has to be erased for compliance with a legal obligation provided in the Republic of Estonia Law;
If your Personal Data has been made public by Unicount and there are grounds on which Unicount must erase your data, Unicount will take all reasonable steps to inform the data controller who is processing your data that you have requested the erasure of your data, taking into account of available technology and the cost of such action.
You do not have the right to the erasure of your Personal Data if the processing of your Personal Data is necessary:
a)for exercising the right of freedom of expression and information;
b)for compliance with a legal obligation which requires processing by the European Union or by the law of the Republic of Estonia or for the performance of a task carried out in the public interest;
c)for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes;
d)for the establishment, exercise or defence of legal claims.
7.1.6 Right to restrict processing of your Personal Data
You have the right to restrict the processing of your Personal Data if:
a)you have contested the accuracy of your Personal Data that is being processed by Unicount for a period enabling Unicount to verify the accuracy of your Personal Data;
b)your Personal Data has been processed unlawfully and you oppose to erasure of your Personal Data and request the restriction of the use of such data instead;
c)Unicount no longer needs your Personal Data for processing but is required to process such data by you for the establishment, exercise or defence of legal claims.
Unicount will inform you before lifting the restriction of the processing.
7.1.7. Right to withdraw consent
You have the right to withdraw your consent for the processing of your Personal Data at any time.
Withdrawal of consent does not make processing of your Personal Data before the withdrawal of consent unlawful.
In case of withdrawal of consent, Unicount will stop processing your data unless there is some other ground for lawful processing of your data by Unicount.
7.1.8. Automated processing
You have the right not to be subject to a decision based solely on automated processing, including profiling if such decision-making has legal effects or similarly significantly affects you.
7.1.9. Right to lodge a complaint
If you wish to exercise your rights or if you believe your right to privacy granted by applicable data protection laws has been breached, please contact us via email at firstname.lastname@example.org.
You also have the right to lodge a complaint with the Estonian data protection authority (Andmekaitse Inspektsioon www.aki.ee, Väike-Ameerika 19, 10129 Tallinn) if you think that Unicount’s processing of your Personal Data infringes on your rights.
Unicount will provide you with the requested information or will adopt the requested measure as soon as possible but no later than thirty (30) calendar days after your request has been lodged. If Unicount finds that your request is not lawful, Unicount will notify You as soon as possible but no later than thirty (30) calendar days after your request has been lodged.
If the fulfilment of your request is complicated Unicount has the right to extend before mentioned period to sixty (60) calendar days.
Unicount will fulfil your request free of charge. In case your requests are unreasonable or excessive, especially due to their repetitive nature, Unicount will charge you a reasonable fee for providing information or adopting the measure or refuse to provide you with the requested information or adoption of a measure.
8. Security of Personal Data
8.1. To protect your Personal Data Unicount takes reasonable precautions and follows the industry’s best practices to make sure your data is not lost, misused, accessed, disclosed, altered or destroyed.
8.2. Unicount has implemented several security features for keeping your data secure, including:
using SSL technology and the encryption of Personal Data;
using pseudonymisation where appropriate;
using secure servers, firewalls and passwords;
using trusted third-party service providers, including Privacy Shield-certified providers from third countries;
instructing natural persons who have access to your Personal Data to process the data according to instructions from the Controller, unless such processing is regulated by law.
8.3. Unicount has limited the number of persons who have access to your Personal Data to those directly involved in providing the Services.
8.4. In case of suspicion of the unauthorized use, disclosure, alteration or transfer of your data, please notify us immediately by email via email@example.com.
8.5. Where a Personal Data breach occurs, the Controller shall notify the supervisory authority and Clients within 72 hours after having become aware of such breach, unless the Personal Data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
10. Contact information
Last Update 09 December 2022