Privacy terms
The data controller is OÜ Kinnisvarabüroo Uus Maa (hereinafter LUXUM) (Maakri 19/1, Tallinn, 10145, reg kood: 10307231). The present data protection terms have been created with the purpose to protect the privacy of any former, current and future clients of LUXUM. Therefore, we shall list the principles of collection, use, storage, transfer and publishing of clients’ personal data that are in accordance with the legislation of the Republic of Estonia and the legislation of the European Union.
Principles of processing personal data
LUXUM processes any personal data submitted by a Client pursuant to the requirements established in the applicable law and always relies on the interests, rights and freedoms of the Client when processing any personal data.
The goal of LUXUM is responsible processing of personal data based on the best practice, making sure that the company is always ready to demonstrate the correspondence of personal data processing to the established purposes.
Any processes, instructions, operations and activities of LUXUM related to personal data processing are based on the following principles:
there are legal grounds for personal data processing, e.g. a consent;
Fairness
Processing of personal data is fair, first of all requiring that the client has sufficient information about how their personal data is processed;
Transparency
Processing of personal data is transparent for the Client;
Purposefulness
Personal data is collected precisely and clearly for certain lawful purposes and it is not subsequently processed in any manner contradictory to the purposes;
Personal data is relevant, important and limited to what is required considering the purpose of processing of such personal data. When processing personal data, LUXUM follows the principle of minimum processing and if personal data is not required or is no longer required for the purpose for which it was collected, the personal data shall be deleted;
Correctness
Personal data is correct and updated if so required, and all the reasonable measures applied to ensure that any personal data incorrect from the perspective of personal data processing are immediately deleted or corrected;
Limitation of storage
Personal data is stored in the way that they enable identification of a Client only until it is required for the purpose for which the personal data is processed. It means that if LUXUM wishes to store personal data longer than required for the purpose of collection, LUXUM shall anonymize the data in such a way that the Client can no longer be identified;
Reliability and confidentiality
Processing of personal data is carried out in a way that ensures proper security of the personal data, including protection from unauthorised or illegal processing and accidental loss, destruction or damage, using reasonable technical or organisational measures;
Data protection by design and by default
LUXUM ensures that all the systems used correspond to the required technical criteria. Suitable data protection measures are planned when updating or designing any information and data system (e.g. information systems and business processes are created based on the prerequisites of pseudonymisation and encryption).
When processing personal data, LUXUM aims to be always able to certify that the above principles are followed, and additional information on adherence to the principles may be obtained from a representative of LUXUM (info@luxum.ee).
Collection and use of personal data
Personal data means data that a person has provided voluntarily and confirmed by a written consent. Personal data may include name, phone number, e-mail, address and other information. We also receive basic information from state registers.
We only use personal data for the intended purpose, which is sending the newest market information, newsletters, monthly market overviews, the best offers and other information related to the operations of LUXUM to the clients.
LUXUM does not distribute, forward, change or use the personal data entrusted to us in any other way, except in the event that there is a relevant agreement with the client or if the need to publish the information is based on the legislation of the Republic of Estonia.
If you receive any of the above information from us without having submitted your information to us, please inform us at info@luxum.ee
A person can withdraw their consent at any time, informing us at info@luxum.ee
Basis and purpose of processing personal data
Consent-based data processing
We process the personal data of our clients based on their consent. Based on their consent, we send our clients our newsletter containing marketing offers and information.
Data processing for fulfilment of contracts
We process our clients’ data to provide them with service ordered pursuant to a contract. We also process personal data for the billing purpose for the service. We also process personal data to solve any claims resulting from service provision.
Fulfilment of legal obligations
Fulfilment of legal obligations is data processing that we are required to carry out for the reason that it is required from us as a service provider by law. The purposes are accounting, replying to the requests of governmental institutions, obligatory identification for anti-money-laundering purposes and notification of a supervisory authority of violations or suspected violations.
Collection and use of personal data when ordering expert appraisals
LUXUM issues expert appraisals pursuant to the code of good practices created by the Estonian Association of Appraisers. For appraisals, we collect the necessary information and the information required, including the data of the client and the people who were present at the inspection of property and who submitted source data.
LUXUM does not distribute, forward, change or use the personal data entrusted to us in any other way, except in the event that there is a relevant agreement with the client or if the need to publish the information is based on the legislation of the Republic of Estonia.
LUXUM presumes that when you order an expert appraisal from us, you have read and agreed to our policy of personal data protection.
Collection and use of non-personal data
Non-personal data means data that cannot be directly traced to one particular person (age, gender, place of residence).
The website of LUXUM uses cookies with the functions of collecting general statistics about the traffic on our website and making the use of our website quicker and more convenient for users. The information helps us to update our website and improve the accessibility of information for you. We do not monitor the behaviour and movement of individual people on our website.
A cookie is a text file sent and saved into the computer of a user by the websites they visit. A cookie is saved in the file folder of the user’s web browser. If the user has visited the website before, the web browser reads the cookie and sends the relevant information to the website or element that originally saved the cookie. Read more about cookies on website www.aki.ee/et/kupsised.
A web browser has a right to block the use of cookies. If you want to do that, you need to change the settings of your web browser.
Your rights
Pursuant to the General Data Protection Regulation, a data subject has the following rights:
- a right to examine the personal data maintained for the data subject;
- a right to prohibit processing (e.g. for the purpose of direct marketing);
- a right to data transfer;
- a right to submit a complaint to LUXUM, Data Protection Inspectorate or court about data processing by the data controller;
- a right to make objections to a personal data processing operation concerning the data subject;
- a right to update personal data;
- a right to be forgotten (deleting of data).
Storage term for personal data
We store the data of potential clients who have requested, for instance, price offers or information about our services but have not become our clients for 6 months.
We store the data of events related to our clients (consultations, general offers) for 1.5 years.
We store the data of contact persons and events (order, complaint, incident, debt notice) for 3 years. The term of deleting shall apply as of the termination of the contract.
We store data collected for the purpose of prevention of money laundering and terrorist financing for 5 years. The term of deleting shall apply as of the termination of the contract.
We store accounting data (including contracts, as of the termination thereof) for 7 years.
We store information on debts for 13 years, unless there is a valid debt collection procedure.
Indefinite terms for data storage apply when dealing with a fact of direct identification of a person and a contact person with valid authorisations and a contact person with connections.
Third parties other than LUXUM using your personal data
We may provide information about you to competent state institutions (e.g. security and investigation institutions, including the police, court, emergency service (112)), if we have the relevant obligation pursuant to the law. We may also provide information about you to the payment orders department of a court when you have outstanding payments.
General terms of and amendments to the data protection terms
When you provide your data to us and start using our website, you have studied our principles and terms and have given your consent to those. LUXUM reserves a right to change the general terms of data protection terms if so required.
For any questions in regard to the data protection terms, please contact us at info@luxum.ee.