1) Introduction
This is a description of how your personal data is collected, used and deleted while you visit our website https://easyref.eu/ and/or download and use our mobile app Easyref by registering your account.
The controller of your personal data on Easyref Platform is legal entity Easyref OÜ, registry code 16489405, Tallinn, Estonia (“Easyref”, “we”, “us”).
The businesses that you as their customer referring to are separate data controllers which means that Easyref is not responsible and does not control the personal data processing between you and your service provider. Any requests or questions regarding this should be addressed to your service provider.

2) How we get the personal information?
The personal information we process is provided to us directly by you in order to register yourself as our Platform User and using our services. The data you insert during the subscription is required to provide the service,
In addition, we may also collect your personal data indirectly. When visiting our website, we and our service providers, may collect certain data using tracking technologies like cookies, web beacons and similar technologies. Use of web cookies are described on our website in cookie banner.
Indirectly collected data may fall under the terms of third-party privacy policies while they act as an independent data controllers. Please read those separately.

3) What kind of data is processed and why?

4) Sharing your personal data
Any data you provide will not be publicly displayed or shared to other Users. Easyref employees and business partners have access to personal data to the extent necessary for the performance of their work duties.
We use third party processors to help provide our service.

Why and with whom we share your personal data?

International transfers
We use service providers that keep your data in European Union but if we choose to change that and use service providers that also process the data outside the EU, we will ensure that the transfer of your personal data is carried out in accordance with applicable privacy laws and, in particular, that appropriate contractual, technical, and organisational measures are in place.

5) Ensuring the security of personal data
We have taken necessary technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss or alteration and against the unauthorized disclosure, abuse or other processing in violation of applicable law.

6) Retention and deletion of personal data
The storage period of personal data depends on whether we have legal obligations to store data (i.e accounting regulations), contractual obligations, legitimate interest to provide best services or your explicit consent.

7) Your rights and preferences
Under data protection law, you have rights including:

1. Right to be informed and to access. You may get information regarding your personal data processed by us.
2. Right to data portability. You have the right to receive your personal data from us in a structured, commonly used and machine-readable format and to independently transmit those data to a third party.
3. Right to erasure. You have the right to have personal data we process about you erased from our systems if the personal data are no longer necessary for the related purposes.
4. Right to object and restrict. You have the right to object to the processing of your personal data and restrict it in certain cases.
5. Right to rectification. You have the right to make corrections to your personal data.
6. Right to withdraw consent. When you have given us consent to process your personal data, you may withdraw said consent at any time.

To exercise any of the abovementioned rights, please contact hey@easyref.eu. We will respond to your requests within 30 days.

8) Other important information
Newsletter and direct marketing campaigns
With your explicit consent, we may send you our newsletter and marketing offers. You may opt out of these messages. Please note that email marketing messages, if used, include an opt-out mechanism within the message itself (e.g. an unsubscribe link in the emails we send to you). Clicking on the link in an email will opt you out of further messages. You may also opt-out on your account settings in case this option is available. We may also use social media tools to market our products and services. As social media and web analytics providers act as separate data controllers, there might be consent or opt-out requirements also on their side (Google Ads, Facebook Ads, LinkedIn).
Dispute resolution
If you have questions or concerns about our use of your personal information, please feel free to contact us at hey@easyref.eu. You may also lodge a complaint to the supervisory authority, the Estonian Data Protection Inspectorate , info@aki.ee