Roomfifty OÜ, registered in Estonia under registry number: 16169445 and with legal address at Harju maakond, Tallinn,Kesklinna linnaosa, Türi tn 10c, 11313, Estonia (for the purposes of this document also referred to as “Company” or “we”), is the entity responsible for the processing of your personal data. As the data controller, we determine the purposes and means of the processing of your information.
If you have any questions, concerns, or requests regarding the processing of your personal data, please feel free to reach out to us at firstname.lastname@example.org
We are committed to ensuring that your privacy rights are respected and protected in compliance with applicable data protection laws.
CATEGORIES OF PROCESSED PERSONAL DATA
Account Usage Data:Information pertaining to your account usage, encompassing, for example, credentials, settings, login data, nickname, and activity logs.
Authentication and Identification Data:Information used for user authentication and identification, covering usernames, passwords, biometrics, and additional identity details.
Contact Information:Crucial communication details, including your name, email, phone number, and residence address.
Identity Data:Information related to your identity, such as date of birth, personal identification number, full name, and details from identification documents.
Legal Entity Data:Data related to the legal entity you represent, including its name, registration details, and relevant legal identifiers.
Order-related Information:Details linked to your orders, including order history and relevant data.
Payment Details:Data necessary for payment processing, including credit card details or other payment methods, bank account details, and current balance.
Transaction Data:Information associated with your transactions, including transaction history and related details.
Technical Information:Details about the device you use to access our platform, such as IP address, device type, and browser information.
Compliance Data:Data required for compliance with legal and regulatory obligations, encompassing Anti-Money Laundering, sanctions, tax-related data, etc.
Financial Information:Data related to your financial transactions and financial status.
User Support Data:Information generated during customer support interactions, contributing to issue resolution and service improvement.
Communication Details:Information exchanged during communication with us, covering submitted online communication forms, customer support inquiries and responses, records of incoming and outgoing calls, email conversation history, etc.
Marketing Preferences:Information related to your marketing preferences and participation in loyalty programs.
Video Surveillance Data:In specific physical locations, we may employ video surveillance, collecting video surveillance records and metadata.
Safeguarding your privacy is paramount to us. For any inquiries or concerns regarding the handling of your personal data, please feel free to contact us using the provided information.
PURPOSES AND LEGAL BASES FOR DATA PROCESSING
We process personal data with clear intentions and adhere to legal bases, emphasizing transparency and accountability. Here, we detail these purposes with the corresponding legal foundations:
Identity Verification and Authentication
Description: Verifying user identities and authenticating them, crucial for platform security and legal compliance, ensuring a secure environment. Legal Basis: Legal obligation, legitimate interests.
User Account Management
Description: Processing data to create and manage your user account, encompassing account credentials, preferences, and activity logs. Legal Basis: Contractual necessity.
Industry-Specific Legal Compliance
Description: Adhering to industry-specific legal and regulatory requirements, including Anti-Money Laundering, sanctions, and tax-related obligations. Legal Basis: Legal obligation, public task.
Agreement Execution and Service Delivery
Description: Essential data processing for entering into an agreement and delivering the requested services, meeting contractual obligations for a robust user experience. Legal Basis: Contractual necessity.
Order Fulfillment and Management
Description: Processing data for fulfilling and managing orders, ensuring smooth transactions with us. Legal Basis: Contractual necessity.
Description: Vital data processing for facilitating your purchases, subscriptions, and financial transactions, preventing fraud and ensuring transaction legitimacy. Legal Basis: Contractual necessity, legitimate interests.
Risk Management and Business Decisions
Description: Essential data processing for managing risks, making operational decisions, and ensuring overall safety and efficiency. Legal Basis: Contractual necessity, legal obligations, legitimate interests.
Communication and Customer Support
Description: Processing data to communicate important information, updates, and provide customer support, ensuring timely and relevant information. Legal Basis: Contractual necessity, legitimate interests.
Service Improvement and Development
Description: Processing data for continuous service enhancement, analyzing user feedback, performance metrics, and industry trends. Legal Basis: Legitimate interests.
Technical Issue Resolution:
Description: Data processing to troubleshoot technical issues, ensuring the reliability and smooth operation of our services. Legal Basis: Contractual necessity.
Fraud Prevention and Service Misuse:
Description: Crucial data processing to prevent fraud and misuse, implementing security measures and proactive monitoring for a secure user environment. Legal Basis: Legal obligation, legitimate interests.
Security Maintenance for Services and Assets:
Description: Processing data to maintain the overall security of services, information, and assets, safeguarding against unauthorized access and data breaches. Legal Basis: Contractual necessity, legal obligation, legitimate interests.
Marketing and Personalized Content Delivery:
Description: With your consent, processing data to provide personalized marketing materials and content, enhancing your user experience based on preferences. Legal Basis: Consent, legitimate interests.
Claims Addressing and Dispute Resolution:
Description: Essential data processing for addressing claims and resolving disputes, contributing to fair resolutions and positive customer relations. Legal Basis: Contractual necessity, legal obligation, legitimate interests. Understanding these data processing purposes and legal bases is integral to our commitment. For inquiries or further clarification, please contact us using the provided information.
MANDATORY AND OPTIONAL PROVISION OF INFORMATION
Certain details, marked as mandatory, are vital for the seamless functionality and accessibility of our services. Failure to provide this information may impact your ability to access key features such as account creation and transactions. On the other hand, certain information is optional, providing you control over what you choose to share. You can manage preferences for optional data through account settings or reach out to our support team at a later point. Importantly, the non-provision of optional information will not hinder your ability to access core services and functionality.
RECIPIENTS OF PERSONAL DATA
Rest assured, we do not sell or rent your personal data to third parties. However, to provide you with our services effectively, we may share your information with trusted partners involved in processes like payment processing or customer support. Furthermore, in cases where legal obligations arise, we may disclose your information to state authorities in accordance with the law. If you have any concerns or questions, feel free to reach out to us using the provided contact information.
SOURCES OF PERSONAL DATA
We collect and process your personal data through various methods, primarily:
Direct Interaction:Your data is gathered when you create an account, make purchases, or engage with us directly.
Third-Party Collaboration and Publicly Available Sources:Working with trusted third-party providers (e.g., payment processors), we may collect data during transactions and validate information from reputable public sources.
DATA STORAGE AND RETENTION
INTERNATIONAL DATA TRANSFERS
Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure that any such transfer fully complies with the applicable personal data protection laws (e.g., the GDPR), including putting appropriate safeguardsin place to protect your data.
DATA SUBJECT RIGHTS
In alignment with data protection laws, including the GDPR, you hold several rights concerning your personal information:
Access Rights:You have the right to request access to the data we hold about you and obtain a copy of it.
Rectification Rights:You can rectify inaccurate or incomplete data that we hold about you.
Erasure Rights:Under certain conditions, you can request the deletion of your personal data.
Rights to Restriction of Processing:In certain cases, you can limit the scope of processing of your data.
Rights to Object to Processing:You have the right to object to certain types of processing, including direct marketing.
Rights to Data Portability:You can request a copy of your data in a commonly used and machine-readable format for transfer to another controller.
Rights to Withdraw Consent:If we rely on your consent for processing, you can withdraw it at any time. Withdrawal does not affect the lawfulness of processing before consent withdrawal.
Please be aware that pre-conditions or legal obligations may impact the immediate exercise of these rights. Additionally, we may need to verify your identity before fulfilling your request to ensure the security of your data.
We do not employ automated decisions with legal consequences. However, we do utilize profiling to enrich your user experience. Profiling allows us to offer personalized content and recommendations tailored to your preferences and usage history. Our commitment to transparency ensures that you are informed about how this process enhances your interaction with our services. If you have any questions or seek further clarification, please feel free to contact us using the provided information. Your understanding and comfort with our practices are paramount to us.
SECURITY OF PERSONAL DATA
Ensuring the security of the personal data we process is paramount to us. We employ a comprehensive approach to safeguard your information, integrating technical and organizational measures to maintain its integrity and confidentiality.
To enhance the security of your personal data, we have implemented various measures, including:
Utilizing robust encryption protocols to safeguard your data during transmission and storage.
Enforcing strict access controls to prevent unauthorized access to personal information.
Providing regular training to our staff to keep them informed and vigilant regarding the latest security practices.
Partnering with reputable third parties that adhere to industry-relevant security standards, such as the Payment Card Industry Data Security Standard (PCI DSS) for payment processors, among other measures.
While we are dedicated to implementing robust security measures, it is important to recognize that safeguarding your personal information is a collaborative effort. We strongly recommend adhering to best practices in information security, such as:
Creating strong and unique passwords for your accounts.
Keeping your login credentials and passwords confidential.
Avoiding the use of public Wi-Fi networks for sensitive transactions.
Ensuring your device software is regularly updated.
Remaining vigilant against phishing attempts and other fraudulent activities.
By working together, we can uphold the security and privacy of your personal data. Should you have any questions or concerns regarding security measures, please feel free to contact us using the provided information.
LODGING A COMPLAIN AN RESOLVING DISPUTES
If you have concerns about the processing of your data, please contact us at email@example.com . You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate.