Privacy Notice for Website Visitors
The following privacy notice applies to the use of our website and provides you, as a data subject under the terms of data protection legislation and as a user of this website, with information about how personal data is processed. We are committed to protecting your privacy and the security of information that can directly or indirectly be used to identify a natural person (hereinafter “Personal Data”).
Last update: May 2019.
Your Personal Data is controlled by:
Prominion OÜ (hereinafter “Prominion“)
Registry code: 10859769
Address: Mustamäe tee 16, 10617 Tallinn
Phone: +372 6999099
Prominion may update this Privacy Notice from time to time. Prominion will publish an up-to-date Privacy Notice on the website at all times indicating the latest amendments.
1. What Personal Data we collect
In the course of its business activities and providing the services, Prominion will need to process Personal Data. Without your Personal Data, we will not be able to provide you with the requested services. As a rule, the Personal Data that you provide directly or indirectly to Prominion when using our services and visiting our website are:
- Contact information (name, e-mail address, phone number and company name, message);
- The name of the web page accessed;
- The accessing computer’s IP address;
- The date and time of access;
- The amount of data transmitted;
- The browser type and version;
- The user’s operating system;
- The web page from which the user is visiting this website (referrer URL);
- Content and pages you accessed on our website.
2. Does this Privacy Notice apply to you?
This Privacy Notice applies to you if you are a customer of Prominion or if you contact Prominion, for instance, by visiting our website https://www.prominion.eu/
Our website is for a general audience and not aimed at children. In principle, we do not collect Personal Data from children under age 16. If you are under the age of 16 and you want to use our services, please rely on a parent or guardian to assist you.
If a child under the age of 16 may have disclosed Personal Data to us, the parent or guardian can contact us at firstname.lastname@example.org and we will remove Personal Data if required.
Cookies are small (text) files which are created and saved on your terminal device (e.g. smartphone, notebook, tablet, PC). Most cookies are known as “session cookies”, which are deleted once your visit has ended. However, on a case-by-case basis these cookies provide information that allows the user to be automatically recognized. Using what is known as a “cookie ID”, web pages and servers can be assigned to the specific Internet browser in which the cookie was saved.
We use the following types of cookies:
- Technically required (analytical) cookies for Google Analytics tracking the traffic on the website;
- Marketing cookies for channels used in marketing activities (Facebook, LinkedIn, Google Ads);
- Additional analytical cookies- in case requested for giving feedback on web experience by individual users (e.g. Hotjar, Google Optimize etc.).
Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.
4. Why does Prominion process Personal Data?
Personal Data shall be collected, used, stored or otherwise processed when necessary within the framework of responsible, efficient and effective business management of Prominion. Prominion processes Personal Data based on applicable legal ground(s). The legal ground is often intrinsically linked to the business purpose. This means, for example, that the performance of an agreement can be both a legal ground and a business purpose for Prominion. Therefore, we will first clarify the legal ground(s) on which Prominion processes your Personal Data and, subsequently, the business purpose(s) that we use your Personal Data for:
In general, Prominion processes your Personal Data based on one of the following legal grounds:
- The processing is necessary to perform an agreement between you and Prominion;
- The processing is necessary for us to comply with our legal obligations;
- The processing is necessary to protect your vital interests or of other individuals;
- The processing is necessary for the legitimate interests of Prominion, except where such interests are overridden by your interests or fundamental rights and freedoms;
- Where appropriate and required, we will ask for your consent.
Prominion shall only collect, use or otherwise process Personal Data if the processing falls within the scope of one (or more) of the legitimate business purposes listed below:
- Product development, research and improvement of Prominion products and/or services.
- Performing agreements. This includes responding to requests for (further) information, dispute resolution and preparing agreements.
- Relationship management and marketing for commercial activities. In general, Prominion processes Personal Data as necessary for the development and improvement of Prominion products and/or services, account management, client services and the performance of (targeted) marketing activities in order to establish a relationship with a client and/or maintaining as well as extending a relationship with a client, business partner or supplier and for performing analyses with respect to Personal Data for statistical and scientific purposes (e.g. deliver advertising, communications and content from us on our sites and those of third parties more specific to your interests).
- Business process execution and internal management.
- Personnel recruitment.
- Safety and security. Personal Data shall be included in the processing for activities such as those involving the protection of Prominion and customer, supplier or business partner assets and the authentication of customer, supplier or business partner status and access rights (e.g. provide a safe and secure services for online and offline transactions).
- Protecting the vital interests of individuals. This includes processing data when necessary to protect your vital interests or of other individuals (e.g. for urgent medical reasons).
- Compliance with legal obligations. This addresses the processing of Personal Data as necessary for compliance with laws, regulations and sector specific guidelines to which Prominion is subject.
5. Who has access to your Personal Data?
As a rule, Prominion shares your Personal Data with third parties in the following circumstances:
- With its affiliates, operating groups, subsidiaries and divisions, or with third parties if such is necessary for the purposes as listed above. If appropriate, Prominion will require third parties to conduct activities in a manner consistent with Prominion policies and guidelines in relation to data protection.
- With its employees if and to the extent necessary for the performance of their tasks. In such a case, access will be granted only if and to the extent necessary for the purposes described above and only if the employee is bound by confidentiality.
- If and when required to do so by law, court order, or other legal process, for example, with law enforcement agencies or other governmental agencies, to establish or exercise our legal rights or in connection with a corporate transaction, such as a divesture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.
6. How long will Prominion process your Personal Data?
We will retain your Personal Data no longer than necessary for the purpose(s) for which we process your Personal Data. After the retention period we will delete or anonymize your Personal Data, unless we need to retain certain of your Personal Data for another purpose. We will only do so if we have a legal ground to retain your Personal Data. We will also ensure that Personal Data are only accessible for that other purpose.
Please contact us using the contact details above if you have questions about specific retention periods.
7. What measures does Prominion take to protect your Personal Data?
Prominion has taken appropriate technical and organizational measures to protect your Personal Data against accidental or unlawful processing, including by ensuring that:
- Your Personal Data is protected against unauthorized access;
- Technical and organizational security measures are taken to protect data against accidental or deliberate manipulation, loss, destruction or unauthorized access by third parties. These security measures are continuously improved in line with technological developments.
- The confidentiality of your Personal Data is assured;
- The integrity and availability of your Personal Data will be maintained;
- Personnel is trained in information security requirements; and
- Actual or suspected data breaches are reported in accordance with applicable law.
8. Where does Prominion store or transfer your Personal Data?
The Personal Data is stored in SAP SE and Prominion cloud. We do not transfer the Personal Data unless required for compliance with legal obligations.
9. What rights can you exercise in relation to your Personal Data?
Based on the law applicable to the use of your Personal Data, you may have rights that you can exercise in relation to your Personal Data. Note that in some cases we are not required to fully comply with your request, as such rights may be conditional or because we have to balance your rights against our rights and obligations to process your Personal Data and to protect the rights and freedoms of others. A number of the rights you have in relation to your Personal Data, as applicable in the European Economic Area, are explained below:
Right of access
You are entitled to a copy of the Personal Data we hold about you and to learn details about how we use it. Your Personal Data will usually be provided to you digitally. We may require you to prove your identity before providing the requested information.
Right to rectification
We take reasonable steps to ensure that the information we hold about you is accurate and complete. However, if you believe this is not the case, you have the right to request that any incomplete or inaccurate Personal Data that we process about you is amended.
Right to erasure
You have the right to ask us to erase your Personal Data, for example where the Personal Data we collected is no longer necessary for the original purpose, where Personal Data has become obsolete or where you withdraw your consent. However, this will need to be balanced against other factors. For example, we may not be able comply with your request due to certain legal or regulatory obligations.
Right to restriction of processing
You are entitled to ask us to (temporarily) stop using your Personal Data, for example where you think that the Personal Data we hold about you may be inaccurate or where you think that we no longer need to use your Personal Data.
Right to data portability
You may have the right to ask that we transfer Personal Data that you have provided to us to a third party of your choice. This right can only be exercised when you have provided the Personal Data to us, and when we are processing that data by automated means on the basis of your consent or in order to perform our obligations under a contract with you.
Right to object
You have the right to object to processing which is based on our legitimate interests. In case of the processing of Personal Data for marketing purposes, you have the right to object at any time. When you ask us to stop using your Personal Data for marketing purposes, Prominion will immediately cease to use your Personal Data. For other purposes based on our legitimate interests, we will no longer process the Personal Data on that basis when you file an objection based on your grounds relating to your particular situation, unless we have a compelling legitimate ground for the processing. Note, however, that we may not be able to provide certain services or benefits if we are unable to process the necessary Personal Data for that purpose.
Rights relating to automated decision-making
You have the right not to be subjected to automated decision-making, including profiling, which produces legal effect for you or has a similar significant effect. If you have been subject to an automated decision and do not agree with the outcome, you can contact us using the details below and ask us to review the decision.
Right to withdraw consent
We may ask for your consent to process your Personal Data in specific cases. When we do this, you have the right to withdraw your consent at any time. Prominion will stop the further processing as soon as possible after the withdrawal of your consent. However, this does not affect the lawfulness of the processing before consent was withdrawn.
10. What if I have other questions or complaints?
Questions or complaints regarding the processing of your Personal Data can be directed to Prominion by using the contact information as provided at the top of this Privacy Notice.
You also have the right to submit a complaint with a supervisory authority.