Privacy Policy

Privacy Policy

We know that in this digital age, your privacy is important. This Privacy Policy reflects our commitment to protect personal data and the choices we offer you regarding how your data is used. We welcome you to read more about how we keep your information safe, as well as how you can exercise your rights. In addition, our Privacy policy covers our treatment of data that may be personal to you.

  • We will review, update, and amend these policies from time to time consistent with our business needs and technology. We encourage you to check back periodically for new updates or changes. Your continued use of the service makes up your acceptance of any change to this Privacy Policy. We are the data controller of your information. We handle and process all data on behalf of our customers
  • You may likewise decide not to give us “discretionary” Personal Data; however please remember that without it, we will most likely be unable to provide you with the full scope of our administrations or with the best client experience when utilizing our Services.
  • This Privacy Policy (“Privacy Policy”) describes how Cresto Balt OÜ will gather, use, and maintain your Personal Information on the vortexbalt.ee. It will also explain your legal rights with respect to that information.
  • By using the vortexbalt website or services, you confirm that you have read and understand this Privacy Policy, and our Terms (together referred to herein as the “Agreement”). The Agreement governs the use of vortexbalt.ee. Cresto Balt OÜ will collect, use, and maintain information consistent with the Agreement.

We recommend that you read this Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Policy, then you can click on the relevant link below to jump to that section.

What private data do we collect from the people who visit our website?

When enlisting on our site or buying Products, as suitable, you could be approached to type in your name, email, postage information, payment information, or different subtleties to assist you with your experience.
When you create an account and use the Services, including through a third-party platform, we collect any data you provide directly, including:

  • Account Data: To use certain features, you need to create a user account. When you create or update your account, we collect and store the data you provide, like your email address, password, name, date of birth, gender and your delivery address (“Account Data”).
  • Personal Data: Personal Data is information that can be used to identify you specifically, including your name, zip code, mailing address, email address, telephone number, or demographic information like your age, gender, or hometown. You consent to give us this information by providing it to us voluntarily on our website. Your decision to disclose this data is entirely voluntary. You are under no obligation to provide this information, but your refusal may prevent you from accessing certain benefits from our website.
  • Financial Data: Financial data is related to your payment methods, such as credit card or bank transfer details. We collect financial data to allow you to purchase, order, return or exchange products from our website. We store limited financial data. Most financial data is transferred to our payment processor, PayPal, and you should review these processors’ Privacy Policy to determine how they use, disclose, and protect your financial data.
  • Contact information. An Authorized User is required to provide some contact information (e.g., an email address) when making an account on the Services.

Do Not Track

Currently, various browsers — such as Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user’s browser DNT preference setting. Cresto Balt OÜ does not currently commit to responding to browsers’ DNT signals with respect to the Company’s Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. Cresto Balt OÜ takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

How do we use your details?

We may utilize the data we procure from you when you enlist, make a buy, join our bulletin, respond to an examination or promoting correspondence, peruse the site, or utilize specific other site includes in the following ways:

  • Create your account; and
  • Deliver any products or services purchased by you to you; and
  • Correspond with you; and
  • Compile anonymous statistical data for our own use or for a third party’s use; and
  • Assist law enforcement as necessary; and
  • Prevent fraudulent activity on our website or mobile app; and
  • Analyze trends to improve our website and offerings.
  • To fulfill or meet the reason you provided the information (e.g., to help provide our Site services to you).
  • To personalize and develop our site and the services we provide you and improve our offerings.
  • To provide certain features or functionality of the services on the site.
  • For marketing and promotions.
  • To create, maintain, customize, and secure your account with us.
  • To provide you with support, to communicate with you and respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your experience and to deliver content and product and services relevant to your interests.
  • To help maintain the safety, security, and integrity of our site, services, databases, and other technology assets and business.
  • For testing, research, analysis, and product development, including to develop and improve our site and services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • To prevent illegal activity, fraud, and abuse.
  • Where we must play out the agreement we are going to go into or have gone into with you
  • To help our site that will be ready to serve you better.
  • To allow us to brought administration you up in furnishing a response to your client assistance demands.
  • To procure rankings and audits of items
  • To catch up after correspondence with (live talk, email, or telephone requests)
  • To furnish you with the data, items, and administrations that you demand from the site.

When we share personal information

Once your personal information is collected, as detailed above, we may share it with third parties for various reasons, among them email delivery, data hosting, analytics, payment processing and content streaming. These services may collect browsing data that includes IP addresses, referring pages, and users’ movements as they navigate the Website. Other third parties help us with our marketing efforts including sending and analyzing our marketing efforts by measuring whether recipients have opened an email and clicked on any content within it.
When we share your personal information with a third party, we require that third party to protect the information consistent with this Statement and limit its use of the information to performing the services they provide to us. For example, when we share personal information with payment processors or presenters of web seminars, its use is limited to providing that service.

Do we use cookies?

Yes. Cookies are small documents a site or its provider exchanges to your computer’s hard drive through your browser (if you allow) that permit the site’s or service provider’s systems to identify your internet browser and capture please remember certain information. For example, we use cookies to help us keep in mind and process the things in your shopping cart software. Also, they are used to help us understand your requirements based on prior or current site activity, which permits us to offer you improved upon services. We also use cookies to help us put together aggregate data about site traffic and site conversation so that people may offer better site experience and tools in the foreseeable future.

We use cookies to:

  • Understand and save user’s tastes for future views or visits of our site.
  • Keep an eye on advertisements.
  • Compile aggregate data about site traffic and site connections to provide better site activities and tools in the foreseeable future.
  • We might also use third-party services that monitor these details on our behalf.

You can choose that your personal computer warns you whenever a cookie has been directed, or you can select to turn off all cookies carefully. You can perform that through your web browser settings. Since the internet browser is just a little different, check out your browser’s Help Menu to learn the way in which to change your cookies.
If you change cookies off, many of the features that produce your site experience better might not exactly function properly. It will not impact the user’s experience, which builds your site experience better and might not function properly.

Types of Cookies we use

Mandatory Cookies

required cookie empowers you to explore the website and utilize its features, for example, getting to get secure areas of the site and using services at our website. If you have decided to recognize yourself to the website, the company may put on your program treats containing an encoded, one-of-a-kind identifier. These cookies permit the company to extraordinarily recognize you when you are signed into the Web site and Services and to deal with your online exchanges and demands.

Focus or Targeting cookies

Site may in some cases use cookie conveyed by outsiders to show you promotions for Website items and administrations that we think may intrigue you on any gadgets you may utilize and to follow the exhibition of Company notices. For instance, in these cases, cookie recall data, for example, which programs have visited the Company’s Web locales. The data gave to outsiders does exclude individual data, yet this data might be re-related with individual data after the company gets it. If the website is utilizing one of its own treat related items on our own website, at that point a cookie identified with promotions may show up on our Web webpage under the website or one of our associated organization’s names.

Performance Cookies

Performance Cookies permit the Company’s Web destinations and Services to recollect data you have entered or decisions you make, (for example, your username, language, or your area) and give upgraded, closer-to-home highlights. These Cookies additionally empower you to improve your utilization of vortexbalt.ee Web site and Services after signing in. These Cookies can likewise be utilized to recall transforms you have made to message size, text styles and different pieces of website pages that you can change.
 Performance Cookies may likewise be utilized to improve how the Company’s Website and Services work and perform, to upgrade and redo your associations with the company, and to assist us with furnishing you with more pertinent messages, including promoting interchanges. These Cookies gather data about how Visitors utilize our Web destinations and Services, including which pages guests go to frequently and if they get blunder messages from specific pages.  Cresto Balt OÜ and its outsider accomplices may likewise use HTML5 nearby capacity or Flash Cookies for these reasons. Streak Cookies and HTML neighborhood stockpiling is unique in relation to program Cookies due to the measure of, sort of, and how information is put away.  Cresto Balt OÜ likewise utilizes Flash Cookies, to store your inclinations or show content depending on what you see on our Website and Services to customize your visit.

Google Analytics

We use Google Analytics to investigate the utilization of our site of users and visitors. Google Analytics assembles data about site use through cookies. The data assembled identifying with our site is utilized to make reports about the utilization of our site.

Name of cookieExpiry periodPurposeCompany
_gaPersistent – 2 yearsAnalyticsGoogle Analytics, Google LLC
_ga_JMDY11H0YJPersistent – 2 yearsAnalyticsGoogle Analytics, Google LLC
_gatPersistent – 2 yearsAnalyticsGoogle Analytics, Google LLC
_gidPersistent – 1 dayAnalyticsGoogle Analytics, Google LLC
_sp_root_domain_test_* (x 1535)Session cookieAnalyticsvortexbalt.ee
gaVisitorTypeLongPersistent – 2 yearsAnalyticsGoogle Analytics, Google LLC
gaVisitorTypeShortPersistent – 30 minutesAnalyticsGoogle Analytics, Google LLC

General Use

  • Understand client’s desires for future perspectives or visits of our site.
  • Collect and Compile total data about site traffic their sources e.g. (Gadgets, Country, page sessions) and site associations to give better site exercises and apparatuses within a reasonable timeframe.
  • You have the choice to accept or reject cookies for the website and at whatever point a cookie has been coordinated, or you can choose to deliberately kill all cookies. You can play out that through your internet browser settings if you are using chrome, you can go the setting of the chrome and select the domain and change the setting of the cookies to your desire.
  • On the off chance that you change cookies off, some of the features that produce your site experience better may not actually work appropriately. It won’t affect the client’s experience that delivers your site experience better and may not actually work appropriately.

GDPR-Customer data processing appendix:

Customer Data” means any personal data that OCI processes on behalf of Customer via the Services, as more particularly described in this DPA.
Data Protection Laws” means all data protection laws and regulations applicable to a party’s processing of Customer Data under the Agreement, including, where applicable, EU Data Protection Law and Non-EU Data Protection Laws.

GDPR-EU data protection law 

EU Data Protection Law” means all data protection laws and regulations applicable to Europe, including (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) (“GDPR“); (ii) Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector; (iii) applicable national implementations of (i) and (ii); and (iv) in respect of the United Kingdom (“UK“) any applicable national legislation that replaces or converts in domestic law the GDPR or any other law relating to data and privacy as a consequence of the UK leaving the European Union.
Europe” means, for the purposes of this DPA, the European Union, the European Economic Area and/or their member states, Switzerland, and the United Kingdom.
Non-EU Data Protection Laws” means the California Consumer Privacy Act (“CCPA”); the Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”); and the Brazilian General Data Protection Law (“LGPD “), Federal Law no. 13,709/2018.
SCCs” means the standard contractual clauses for processors as approved by the European Commission or Swiss Federal Data Protection Authority (as applicable), which shall be applied only to transfers of Customer Data from the European Union.
Sensitive Data” means (a) social security number, passport number, driver’s license number, or similar identifier (or any portion thereof); (b) credit or debit card number (other than the truncated (last four digits) of a credit or debit card); (c) employment, financial, genetic, biometric or health information; (d) racial, ethnic, political or religious affiliation, trade union membership, or information about sexual life or sexual orientation; (e) account passwords; or (f) other information that falls within the definition of “special categories of data” under applicable Data Protection Laws.
Services Data” means any data relating to the Customer’s use, support and/or operation of the Services, including information relating to volumes, activity logs, frequencies, bounce rates or other information regarding emails and other communications Customer generates and sends using the Services.

  • Parties’ roles: If EU Data Protection Law or the LGPD applies to either party’s processing of Customer Data, the parties acknowledge and agree that concerning the processing of Customer Data, Customer is the controller and is a processor acting on behalf of Customer, as further described in Annex A (Details of Data Processing) of this DPA.
  • Purpose limitation: Cresto Balt OÜ shall process Customer Data only following Customer’s documented lawful instructions as outlined in this DPA, as necessary to comply with applicable law, or as otherwise agreed in writing (“Permitted Purposes”). The parties agree that the agreement sets out the Customer’s complete and final instructions to Cresto Balt OÜ concerning the processing of Customer Data, and processing outside the scope of these instructions (if any) shall require a prior written agreement between the parties.
  • Prohibited data. Customer will not provide (or cause to be provided) any Sensitive Data to OCI for processing under the Agreement, and OCI will have no liability whatsoever for Sensitive Data, whether in connection with a Security Incident or otherwise. For the avoidance of doubt, this DPA will not apply to Sensitive Data.
  • Customer compliance: Customer represents and warrants that (i) it has complied, and will continue to comply, with all applicable laws, including Data Protection Laws, in respect of its processing of Customer Data and any processing instructions it issues to Cresto Balt OÜ; and (ii) it has provided, and will continue to provide, all notice and has obtained, and will continue to obtain, all consents and rights necessary under Data Protection Laws for Cresto Balt OÜ to process Customer Data for the purposes described in the agreement. Customer shall have sole responsibility for the accuracy, quality, and legality of Customer Data and how Customer acquired Customer data. Without prejudice to the generality of the foregoing, Customer agrees that it shall be responsible for complying with all laws (including Data Protection Laws) applicable to any emails or other content created, sent, or managed through the service, including those relating to obtaining consents (where required) to send emails, the content of the emails and its email deployment practices.
  • The lawfulness of Customer’s instructions: Customer will ensure that United Kingdom processing of the Customer Data by Customer’s instructions will not cause Cresto Balt OÜ to violate any applicable law, regulation, or rule, including, without limitation, Data Protection Laws. Cresto Balt OÜ shall promptly notify Customer in writing unless prohibited from doing so under EU Data Protection Laws if it becomes aware or believes that any data processing instruction from Customer violates the GDPR or any UK implementation of the GDPR.

Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data.

You may have the following rights:

  1. Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  2. Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  3. Request deletion of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  4. Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  5. Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
    1. If you want us to establish the data’s accuracy.
    2. Where our use of the data is unlawful, but you do not want us to erase it.
    3. Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
    4. You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
  6. Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  7. Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you.

How do we protect your details?

  • We have implemented industry-accepted administrative, physical, and technology-based security measures to protect against loss, misuse, unauthorized access, and alteration of personal information in our systems. We ensure that any employee, contractor, corporation, organization, or vendor who has access to personal information in our systems is subject to legal and professional obligations to safeguard that personal information.
  • We do not use vulnerability scanning and/or scanning to PCI specifications.
  • We use regular Malware Scanning.
  • Your individual information is comprised behind secured systems and is merely accessible by a restricted number of folks who’ve special access privileges to such systems and must keep the information confidential carefully. Furthermore, all very sensitive/credit information you resource is encrypted via Secure Socket Layer (SSL) technology.
  • We implement several security measures whenever a user gets into, submits, or accesses their information to keep up the protection of your individual information.
  • While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or form of electronic storage is 100 percent secure. Therefore, we cannot guarantee its absolute security.
  • Cresto Balt OÜ prohibits unauthorized access or use of personal information stored on our servers. Such access is a violation of law, and we will fully investigate and press charges against any party that has illegally accessed information within our systems.

Limitation of liability

  • Some jurisdictions do not allow the limitation or exclusion of liability for incidental or consequential damages so some of the above limitations may not apply to you.
  • We make no legal representation that the website or products are appropriate or available for use in locations outside EU. You may access the website from outside EU at your own risk and initiative and must bear all responsibility for compliance with any applicable foreign laws.

Indemnification

  • Upon visiting this website you agree release, indemnify, defend and hold harmless Cresto Balt OÜ and any of its contractors, agents, employees, officers, directors, shareholders, affiliates and assigns from all liabilities, claims, damages, costs and expenses, including reasonable attorneys’ fees and expenses, of third parties relating to or arising out of your use of the website content; your use of the products; your violation of any provision of these terms; any unauthorized information or data you supplied to us. You will have sole responsibility to defend us against any claim, but you must receive our prior written consent regarding any related settlement.

Governing Law and Jurisdiction

  • This website originates from Estonia. The laws of Estonia. without regard to its conflict of law principles will govern these terms to the contrary. You, hereby agree that all disputes arising out of or in connection with these terms shall be submitted to the exclusive jurisdiction of Estonia. By using this website, you consent to the jurisdiction and venue of such courts in connection with any action, suit, proceeding, or claim arising under or by reason of these terms. You hereby waive any right to trial by jury arising out of these terms.

Changes to this privacy notice

We reserve the right to alter this privacy notice at any time. Such alterations will be posted on our website. You can also obtain an up-to-date copy of our privacy notice by contacting us.

Contacting us

If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may do so via the contact us or email us at info@vortexbalt.com


Cresto Balt OÜ
Tallinn, Estonia
 
This document was last updated on January 29, 2022