One of the core values of LÜMICO is the responsibility and respect of an individual. LÜMICO OÜ is responsible to make sure that all the personal data of an individual is processed in an effective manner with the applicable data protection legislation in mind.

Any information, related directly or indirectly with a living person is termed as personal data. At LÜMICO OÜ, there are certain activities that require the collection of personal data. The collected data may include given name and surnames, addresses, postal codes, telephone numbers, personal IDs, e-mail addresses etc., hence referred to as “Personal Data”.

You visit LÜMICO OÜ’s website;

  • You as a customers’ representative or a customer yourself, are provided with the service and is given information about our services & products as well as upcoming events
  • You as a potential customer or a potential customer’s representative receives information from LÜMICO OÜ
  • During your employment at LÜMICO OÜ
  • You applied at LÜMICO OÜ for a job position
  • During your time of employment at LÜMICO OÜ
  • Once engaging with us on social media
  • LÜMICO OÜ and you are in contact to take part in promotions, competitions and surveys.
  • Fulfil and follow up contractual obligations
  • Fulfil legal obligations.
Why do we process your data? What categories of personal data do we collect? Legal ground
To deliver the content on our website in a correct way   To fully optimize the content of our website along with its advertisements
  • Type of browser
  • IP addresses
  • The internet service provider
  • Sub-websites
  • Operating system
  • What time and date you visited the website
  • URL of the referring site
  • Any other similar information and/or data that might be used in order to attack our information technology systems
Legitimate interest
To fulfil and follow up contractual obligations, yours as well as ours
  • Contact information such as your email address and name
  • Organizational data which includes company name, its address, country and the contact number
  • If you happen to be a sole trader, we process financial data as well such as bank accounts, credit ratings and payments as well as contractual related data which is inclusive of order number, contract number and invoices
Contractual obligation
To provide support and services
  • Contact information (which includes name, phone number, email, address)
  • Organizational data such as the name of the company, country, company contact number and address
Contractual obligation
Ensure the long-term viability of our website and information technology systems. In order to provide access to our IT systems (cargo tracking and booking)
  • Contact information (which includes name, phone number, email, address)
  • User ID
  • The language used in your system
  • System logs of your usage
Legitimate interest
For legal and security reasons Provide law enforcement authorities with the required information for criminal prosecution in any case of a cyber-attack
  • Contact information (which includes name, phone number, email, address)
  • User ID
  • Logs of your usage of our systems
Legal obligation and in other cases (like the detection of fraud) we will rely on our legitimate reasons as a business to make use of your data
The company informs its business partners and customers timely by means of newsletters relating to enterprise offers
  • Contact information (which includes name, phone number, email, address)
  • Contact preferences
Legitimate interest with an opt-out
In order to start a contract through the company’s website
  • Contact information (which includes name, phone number, email, address)
Consent
Posted comments made by the customers on the blogs of our website as well as to enable subscriptions driven from such comments
  • Contact information (which includes name, phone number, email, address)
Consent
The company carry out promotions, competitions and surveys
  • Contact information (which includes name, phone number, email, address)
Consent
Staff administration
  • Contact information (which includes name, phone number, email, address)
  • Employment data (User ID, employment number, photos)
  • Financial information (taxes, salary, expenses, bank account numbers, time reports etc)
Contractual obligation
Safety under any emergency
  • Contact information (which includes name, phone number, email, address)
  • Next of kin
To protect your vital interest
To protect our company assets and employees
  • Access logs from entry systems and IT systems
  • IT-logs from applications and network services
  • Camera surveillance
  • Reports of a security incident
Legitimate interest
Managing job applicants applications
  • Contact information (which includes name, phone number, email, address, education, previous work experience)
  • The process to communicate effectively with the applicant and review the application
Until the job position has been appointed; Fulfilment of the agreement.   After the job position has been appointed; Legitimate interest. Once the recruitment has been finalized, the collected personal data is filed in order to be used a for potential appeal of recruitment such as, for example, based upon the breaches of discrimination legislation. In the case when it is no longer possible to appeal the recruitment, the information is lost and destroyed if the concerned candidate did not consent to any further processing

Your data is kept is stored with us as long as required to;

  • Fulfil our contractual obligations towards you
  • Fulfil the purpose as to which the data was collected in the first place
  • Fulfil our legal obligations

Having the ability to control your personal data, we may assign the processing stated above to a supplier or a partner as set out in the section “Third party components”. Such processing will not be proceeded in any other purpose as to that stated above. Some suppliers and partners might have parts of their business in countries located outside EEA/EU (also referred to as Third countries). Any of your personal data is only given to such countries only if their standard of data protection is at a level to that of the EU countries or if the supplier has an enforceable instrument and legal bindings which guarantees the safety of your personal data.

You have the right to:

  • Request the information about which of your personal data we process as well as request a copy of these:
  • Have incorrect personal data corrected and under certain cases, have your personal data erased from our database
  • Point out against the processing of your certain personal data and request your personal data processing to be limited.
  • Have your personal data transferred over to a different controller
  • Withdraw your consent to the protection of your personal data

In any case, if you are not 100% satisfied with our processing of your personal data, you may report our process to the Estonian Data Protection Authority, the authority in charge of supervising us. You may at any given time through the contact information below, info@lumico.ee obtain, erase or limit the processing of your collected personal data. However, please note that limiting your personal data or erasing from our servers may disable the company to provide you with the service.

Lümico has made use of effective organizational and technical measure in order to protect personal data against unauthorized access, abuse, loss, alternation, revealing and destruction. In order to make sure that the collected personal data is processed in a secure and confidential fashion, we ensure that the obligations set out under Article 32-36 of the GDPR are met. A detailed description of the applied security measure can be generated upon request. LÜMICO OÜ’s suppliers and employees are bound by confidentiality agreements and are obliged to follow the companies’ rules for IT security and information, this privacy policy, as well as other, policies and internal rules that regulate the processing of personal data.

LÜMICO OÜ websites use cookies. Via the use of cookies, LÜMICO OÜ has the ability to provide its website users better user-friendly services that would not possible without the effective use of cookies. If you wish to deactivate the setting of cookies in your web browser, you may have limit functionality on the website.LÜMICO OÜ websites use cookies. Via the use of cookies, LÜMICO OÜ has the ability to provide its website users better user-friendly services that would not possible without the effective use of cookies. If you wish to deactivate the setting of cookies in your web browser, you may have limit functionality on the website.

  1. Facebook

On this website, the controller has put in components of Facebook. The data protection guideline published by Facebook can be accessed at https://facebook.com/about/privacy/. It provides the essential information on the collection, processing and use of your personal data by Facebook.

  1. Google Analytics

On this website, LÜMICO OÜ has integrated the components of Google Analytics (along with the anonymizer function). Google analytics is a web analytics service. For the website analytics via the Google Analytics, the controller makes use of the application “_gat. _anonymizelp”. Via this application, the IP address of your internet shortened by Google and anonymised when accessing our website from a Contraction State to the Agreement on the European Economic Area or Member State of European Union. Further information over the applicable data protection provisions of Google can be accessed under  http://www.google.com/analytics/terms/us.html and https://www.google.com/intl/en/policies/privacy/. You have the full right and responsibility to object over the collection of the generated data by the Google Analytics which is in relation to our website, as well as the processing of data via Google and have the possibility to prevent any such use. In order to do so, you have to download and install an add-on for your browser under https://tools.google.com/dlpage/gaoptout.

  1. Google +

On this website, the company has put in the Google+ button as a component. Via this button, Google receives the information that you have visited over our website if you are logged into your Google+ account during the time of call-up. This takes place regardless of whether you click or don’t click the Google+ button. More information on this can be found at https://developers.google.com/+/.

  1. Instagram

On this website, the company has put in the components for Instagram as well. Instagram will receive the information through the Instagram component that you have visited our website given that you are logged into Instagram at the time of visiting our website. This will take place regardless the user has clicked the Instagram button or not. More information on this can be found at https://www.instagram.com/about/legal/privacy/ and https://help.instagram.com/155833707900388.

  1. LinkedIn

This website also has an integrated LinkedIn component. LinkedIn receives information through the LinkedIn component that you have visited our website, provided that at the time of visiting our website, you were logged into your LinkedIn account. This occurs regardless you have to click the LinkedIn button or not. The applicable privacy policy can be accessed at https://www.linkedin.com/legal/privacy-policy. The cookie policy for LinkedIn can be found at https://www.linkedin.com/legal/cookie-policy.

  1. Twitter

The company has an integrated component for Twitter. Twitter will receive your information that you have visited our website provided that you were logged into your twitter account at the time you visited our website. This will take place regardless of the fact that you have clicked the Twitter button or not. The applicable data protection provisions of Twitter can be read at https://twitter.com/privacy?lang=en.

  1. YouTube

On this website, the company has a building component for YouTube. Both Google and YouTube will receive you the information via the YouTube component that you made a visit to our website. However, this will occur automatically if you are logged into your youtube once you visited our website. In order to access YouTube’s data protection provisions, please go to https://www.google.com/intl/en/policies/privacy/.

The company amends the right to this mentioned privacy policy as the company sees it fit The date for the latest amendments is mentioned at the end of this privacy policy. Therefore, you are recommended to read this policy on regular basis in order to update yourself from time to time. If this privacy policy is altered to a great degree as to when your company obtained the consent, the company will make sure to inform you of these changes in its privacy policy. In certain cases, you may obtain new consent to the processing of your personal data.The company amends the right to this mentioned privacy policy as the company sees it fit The date for the latest amendments is mentioned at the end of this privacy policy. Therefore, you are recommended to read this policy on regular basis in order to update yourself from time to time. If this privacy policy is altered to a great degree as to when your company obtained the consent, the company will make sure to inform you of these changes in its privacy policy. In certain cases, you may obtain new consent to the processing of your personal data.

If you happen to have any question regarding the privacy policy or any other question regarding our data processing, feel free to get in touch with us:

LÜMICO OÜ
Mustamäe tee 5c
10616 Tallinn
Estonia
Phone: +372 646 0101
Email: info@lumico.ee
Website: lumico.ee

This privacy policy was adopted on 01.09.2018

Data controller – the entity that regulates the conditions, purposes and means of the personal data processing.

Data Subject – a natural person whose personal data is being processed by a processor or a controller.

Data Processor – the entity that regulates data on behalf of the data controller

Data Protection Officer – an expert in the field of data privacy who independently works in order to make sure that an entity is following the procedures and policies set by the GDPR (more info on this can be found here)

Processing – any operation performed on the personal data of the person, whether it is automated or not. Processing includes collection, recording, use etc.

Personal Data – Any information related to a person or ‘Data Subject’, that can be used to indirectly or directly identify the person.

Right to be forgotten – also termed as Data Erasure, it binds the data subject to have the data controller remove his or her data off the database, stop further distribution of the data as well as potentially make the third parties stop processing the data subjects’ data

Right to access – also termed as the subject access right, it allows the data subject to access the data and information that is accessible to the controller

Subject Access Right – also termed as Right to Access, it allows the data subject to access the data and information that is accessible to the controller