The Estonian Leukaemia and Lymphoma Patients’ Society undertakes to protect the privacy of donators and users. Accordingly, we have prepared these Privacy Policy principles addressing the collection, use, disclosure, transmission and storage of personal data. Our activities are in accordance with the requirements of the relevant European Union legislation and the laws of the Republic of Estonia.
- General provisions
- Our Privacy Policy regulates the principles of the collection, processing and storage of personal data. Personal data are collected, processed and stored by the NGO Estonian Leukaemia and Lymphoma Patients’ Society, who is the controller of the personal data (hereinafter referred to as the controller) and whose registry code is 80225241.
- Personal data means any information about an identified or identifiable natural person (data subject). Processing means any operation done with personal data, e.g. collecting, storing, changing, using, viewing, deleting or destroying.
- The controller observes the principles relating to data processing provided by legislation and, among other things, processes personal data in a lawful, fair and secure manner. The controller is able to declare that personal data have been processed in accordance with the provisions of legislation.
- Collection, processing and storage of personal data
- The personal data collected, processed and stored by the controller have been collected electronically, mainly via the website and e-mail. The following personal data may be collected via various forms on the website:
- Name
- Personal identification code
- Year of birth
- Address
- Telephone
- Position
- Name of organisation/institution
- Registry code of organisation/institution
- Address of organisation/institution
- The purpose of processing personal data is the analysis of the collected personal data and the facilitation of use of the services offered by the Society. Furthermore, the collection of data enables us to offer users a more personalised and adapted website content.
- Personal data collected via donations. The processing of personal data is carried out for the performance of the contract and for securing its performance. Personal data can be collected in the following ways:
- When making a donation on the donation platform, personal data are stored. Required personal data may include name, e-mail address and personal identification code.
- When entering into a permanent donation contract and providing personal data that includes name, e-mail address and personal identification code.
- Purposes of processing personal data:
- With collected personal information, donations can be managed and enabled.
- The personal identification code is used to return the income tax to the donator.
- The data subject is liable for the accuracy, correctness and integrity of the data submitted by them. Submission of knowingly false data is regarded as a breach of the Privacy Policy. The data subject is required to immediately notify the controller of any changes in the data submitted.
- The controller is not liable for any damage or loss caused to the data subject or a third party as a result of the submission of false data by the data subject.
- In addition to the foregoing, the controller has the right to collect data about the client that are available in public registers.
- The legal basis for the processing of personal data is clauses (a), (b), (c) and (f) of Article 6(1) of the General Data Protection Regulation:
- (a) the data subject has given consent to the processing of their personal data for one or more specific purposes;
- (b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- (c) processing is necessary for compliance with a legal obligation to which the controller is subject;
- (f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
- Personal data are stored as long as is necessary for processing. Therefore, the data are deleted as soon as they are no longer needed for the purpose for which they were collected or when they are no longer relevant. Safety and confidentiality requirements of a higher level are always adhered to when handling personal data.
- The personal data collected, processed and stored by the controller have been collected electronically, mainly via the website and e-mail. The following personal data may be collected via various forms on the website:
- Rights of data subjects
- The data subject has the right to gain access to and examine their personal data.
- The data subject has the right to obtain information on the processing of their personal data.
- The data subject has the right to modify or rectify inaccurate data.
- If the controller processes the personal data of the data subject based on the consent granted by the latter, the data subject has the right to withdraw their consent at any time.
- To protect their rights, the data subject can file a complaint with the Data Protection Inspectorate.
- Final provisions
- These data protection terms and conditions have been prepared in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation),
- the Personal Data Protection Act of the Republic of Estonia and legislation of the Republic of Estonia and the European Union.
- The controller has the right to amend the data protection terms and conditions in part or in full, notifying the data subjects of the amendments via the website www.leukeemia.ee.
- Use of cookie
- The website managed by the Estonian Leukaemia and Lymphoma Patients’ Society may use cookies to improve the user experience on the website. A cookie is a small text file automatically saved by the web browser on a person’s device. Cookies are used to collect anonymous and generalised statistics regarding the number of visitors to the website and information about the manner of use of the website in order to make it even more user-friendly and convenient. By refusing cookies, the user can block them from being saved on their device. To do so, the respective settings of the web browser must be amended. Web pages may not work properly and some services may be unavailable if cookies are not allowed.