I General provisions
1.2. All personal data provided during communication with ICE will be used only for the mentioned purposes and to review messages and administer and manage the communication flows. ICE will not use personal data without express consent in any publications in such a way that would allow identifying the user.
II Principles of processing of personal data
III Security of personal data
3.1. Personal data will be processed under the requirements set out in the GDPR, Personal Data Protection Act of Estonia and other legal acts. While processing of personal data, ICE implements organisational and technical measures which ensure the protection of personal data from accidental or unlawful destruction, alteration, disclosure, and any other illegal processing.
IV Data subject’s rights
4.1. Right to withdraw the consent – if the personal data is processed by consent, the data subject has the right to withdraw consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
4.2. Right to access – right to request from ICE confirmation as to whether or not personal data are processed and access to the personal data concerning them.
4.3. Right to rectification – right to request from ICE the rectification of inaccurate data concerning them.
4.4. Right to erasure – right to request from ICE the erasure of data concerning them.
4.5. Right to restriction – right to request from ICE the restriction of processing of personal data where: – during the period required to verify the accuracy of personal data when claims concerning data accuracy were submitted; – in cases of unlawful collection, storage or use of personal data where the data subject decided not to request the erasure of data; – when ICE does not need personal data anymore, but the data subject needs them for the establishment, exercise or defense of legal claims; – during the period required to determine if ICE has an overriding lawful basis to continue processing personal data if the data subject exercises the right to object to the processing of personal data.
4.6. Right to data portability – right to receive the personal data processed on basis of a consent or agreement in a structured, commonly used, and machine-readable format and/or transmit that data to another data controller.
4.7. Right to object – right to object the processing of personal data by ICE.
5.1. A “Cookie” is a piece of information that is placed into the ICE website user’s computer. A cookie includes other technologies with similar purposes, such as tags and identifiers.
5.2.1. Necessary cookies enable core functionality such as security, network management and accessibility. User may disable necessary cookies by changing browser settings, but this may affect the website functionality. No longer necessary cookies are deleted after the session.
5.2.2. Analytics cookies help ICE improve the website by collecting and reporting information on how users use it. Analytics cookies are placed only by the consent of the user. Analytics cookies are maintained for 6 (six) months, after which they are deleted.
5.3. ICE does not use third-party cookies and cookies for marketing purposes.
5.4. The cookies collect information in a way that does not identify anyone.
5.5. More information about cookies, including how to see what cookies have been set, is available at www.aboutcookies.org.
6.1. The data subject has a right to file a complaint if they find that their rights as a data subject have been violated. The complaint must be sent to the data protection officer of ICE at firstname.lastname@example.org. ICE will respond as soon as possible, but no later than one month after receipt of the claim.
6.2. If the handling results are unsatisfactory to the user, they have a right to submit a claim to the supervisory authority, Andmekaitse Inspektsioon (Data Protection Inspectorate of Republic of Estonia), at email@example.com.