Valid as of 12 June 2020

1. Who we are

The owner and operator of this website address at: https://helge.app, its subdomains and smartphone apps available via Apple App Store and Google Play is Helge Kool MTÜ (“Helge Kool”) with the registered address at Kaarna 27a, Tallinn, Estonia 10620 under the registry code 80114427. The e-mail address of Helge Kool MTÜ is [email protected] and the phone number is: +372 5060 160.

The data controller, in regard to personal data collected on https://helge.app and its related applications and services (“Services”) is Helge Kool. In this Privacy Declaration, the pronouns “we”, “us”, “our”, etc. refer to Helge Kool. The pronouns “you”, “your(s)” etc. refer to the users of our Services.

2. Scope of Applicability

In this Privacy Notice, we explain how we collect, use and manage the personal data that we receive from users of the Services and under which circumstances we are permitted to pass this personal data to third parties. Personal data means data which can be assigned unambiguously to a particular person, either on its own or in connection with other data.

The Services may contain links to other services. The information practices or the content of such other services is governed by the privacy notices of such other services.

3. How, When and Why We Collect Personal Data?

We may collect, store and use the following kinds of personal information:

  • Information about your computer and about your visits to and use of Services (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and services navigation paths);
  • Information that you provide to us when registering with our Services (including your name and email address);
  • Information that you provide to us when using our Services, or that is generated in the course of the use of those Services (including questionnaire answers and comments, and information about the timing, frequency and pattern of service use);
  • Personal information gathered through live chat on the Services;
  • Any other personal information that you choose to send to us.

The lawful bases we rely on for processing personal data are:

  • Contract, in order to process personal data if you register to use our Services;
  • Legal obligation to process personal data arising out of law and regulation (Equal Treatment Act § 25);
  • Consent, in order to receive our newsletter and to gather personal data through the use of cookies (except for strictly necessary cookies). You may revoke your consent at any time.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Google Analytics

Google Analytics is a free software tool created by Google that helps digital professionals monitor and analyze website traffic. It collects data by placing a cookie on a user’s browser when they visit your site, thereby providing insights such as how many users you have, where they are from, and which pages they click on.

4. How do we Use the Personal Data Supplied by You?

Personal information gathered by us through our Services will be used for the purposes specified in this notice or on the relevant pages of the Services. We may use your personal information to:

  • Enable your use of the Services;
  • Analyse your questionnaire responses and create reports for you, your team and for your employer based on those responses;
  • Send you non-marketing commercial communications;
  • Send you marketing communications relating to our business if you have specifically agreed to this, by email or similar technology;
  • Provide third parties with statistical information about our users (those third parties will not be able to identify any individual user from that information);
  • Keep our Services secure and prevent fraud;
  • Verify compliance with the terms and conditions governing the use of our Services.

We may use anonymized data based on personal information that you provide to us for the purposes of research and analysis.

5. Disclosing Personal Information

We may disclose your personal information to any of our employees, officers, insurers or professional advisers insofar as reasonably necessary for the purposes set out in this notice. We may share personal data with our contracted service providers in order to have them to provide services on our behalf or to ensure the quality of the information provided. We do not share, sell, rent or trade any personal data with third parties for their promotional purposes.

If you complete a questionnaire in the course of using our Services, we will not disclose your questionnaire responses to your employer or to any third party. We will only disclose reports based on those responses.

Personal information that we collect is stored on our web servers. We use cloud-based web services provided by Google Cloud Platform.

Our services may be integrated with third-party services. Details of such integrations are set out on our Services from time to time. If you choose to enable the integration of your account on our Services with any third-party service, then that may entail the supply of personal information to the third-party services provider. By enabling any such integration, you agree to the supply of that personal information to the relevant third party. Such third parties will act as data controllers in their own right in respect of any personal data supplied in this way.

We may disclose your personal information:

  • To the extent that we are required to do so by law;
  • In connection with any ongoing or prospective legal proceedings;
  • In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention);
  • To the purchaser of any business or asset that we are selling.

6. International Data Transfer

Information that we collect may be stored and processed in and transferred between any of the EEA countries in which we operate in order to enable us to use the information in accordance with this notice. Our principal web servers are located within the European Economic Area. Some personal data may be sent to third parties located in the United States, but such entities are covered with the Privacy Shield (eg. Intercom).

7. How long we retain your data

Personal information that we process for any purpose or purposes shall not be kept longer than it is necessary for that purpose or those purposes. If you delete your account on our Services, then shortly thereafter we will cease to store your information on our live web servers. We retain back-ups of our live database for a period of up to 1 year, after which they are permanently erased. We will retain documents (including electronic documents) containing personal data:

  • To the extent that we are required to do so by law;
  • If we believe that the documents may be relevant to any ongoing or prospective legal proceedings;
  • In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).

If a person is no longer using the services the personal data (including the questionnaires and reports), shall be retained for a year according to the need of use.

If there is a dispute arising out of the employment relationship, then the time-limit for retaining personal data (including reports and questionnaires) is four months as of the time the employee became or should have become aware of the violation of his or her rights and requested the deletion of the personal data.

Comments

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

8. Security of Personal Information

We will take reasonable technical and organizational precautions to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure (password- and firewall-protected) servers. Information sent to our web server from your browser, or from your browser to our web server, will be protected by encryption technology.

You are solely responsible for protecting your passwords and limiting access to your computer and smartphone.

9. What rights you have over your data

Please contact us using the contact details given under section 1, if you:

  • Wish to access, confirm, correct, amend, update, supplement, anonymise, block or restrict the use of or delete your personal data;
  • Object to the use of your personal data by us;
  • Have questions regarding the processing of your personal data; or
  • Wish to permit your personal data to be transferred by us to another person or company.

Not all the data subject rights are fully enforceable, so we shall give you notice as soon as possible of the status of your request. You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond. If the request(s) if unfounded or excessive, we may charge a reasonable fee or refuse to act. In case you want to file a complaint, the supervisory authority is Estonian Data Protection Inspectorate (https://www.aki.ee/).

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

10. Contact information

If you have any questions in connection with this Privacy Declaration, or if you wish to exercise the rights detailed herein, please contact the following e-mail address: [email protected]

11. Amendments

We may update this Privacy Declaration from time to time by publishing a new version here on our website.


12. Cookie Declaration

Cookies on the Website

The owner and operator of this website address at: https://helge.app, its subdomains and smartphone apps available via Apple App Store and Google Play is Helge Kool MTÜ (“Helge Kool”) with the registered address at Kaarna 27-5, Tallinn, Estonia 10620 under the registry code 12828862. The e-mail address of Helge Kool MTÜ is [email protected] and the phone number is: +372 504 0260.

What Is a Cookie?

A cookie is a small text file that is sent from the corresponding web server when a user accesses Website and stored temporarily on the user’s hard disk. If this server is called up again by the same user, the user’s browser sends the previously received cookie back to the server. The server can evaluate the information obtained via this process in various ways. There are two different types of cookies. The first is session cookies, which are saved only for the length of a single visitor session. This means that the cookies are immediately and automatically deleted when the Website in question is closed by the visitor/user. In contrast, temporary/permanent cookies are stored for an extended period of time or indefinitely on the user’s hardware.

How Do We Set Cookies?

We use both session cookies and temporary/permanent cookies to render its services. When a user visits a service, cookies are sent to the user’s browser and stored on the user’s hard disk. These cookies help us make our service safer, more user-friendly and more effective. The cookies do not contain identifying data or any personal information about the user, which means that we cannot identify the person with the information obtained from the cookies. The information obtained is used exclusively to generate statistics on the use of our service, thereby allowing us to tailor it as effectively as possible to your needs. The session cookies are automatically deleted from a customer’s hard disk when their browser session ends. However, we also use cookies that remain on the user’s hard disk permanently. These cookies are required to recognize when a user returns to the Website, which visitor is returning and which settings and entries this visitor requires. These cookies remain on the hard disk and delete themselves once the specified period has expired.

How Can Cookies Be Managed in the Browser?

The “Help” function on most Internet browsers provides information on how to adjust your cookie settings. By doing so, you can prevent your browser from accepting new cookies, receive a notification from your browser whenever a new cookie is set or disable cookies completely. Please note that if you choose to disable cookies, some features of the Website may no longer be accessible. Please note also that deleting the cookies set in your browser will also delete the settings related to the processing of your information by us or third parties; thus, if you delete the cookies stored in your browser, you will need to re-apply your desired settings for the processing of your information by us or third parties. Deleting all cookies may also result in the deletion of opt-out cookies with regard to certain data processing operations. You may withdraw your consent for the use of cookies already used on the Website at any time by contacting us.

5. Individual Statistics and Tracking Services

The following is an explanation of the statistics and tracking services used on this site. All of these services use cookies.

Google Analytics: This Website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). You can prevent Google from collecting and processing data related to your use of the Website (including your IP address) by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

You can prevent data from being collected by Google Analytics by clicking on the following link. This will set an opt-out cookie that prevents the collection of your data on future visits to this Website: Disable Google Analytics.

Hotjar: To improve user experience on our Website, we use the software Hotjar (www.hotjar.com). Through the use of Hotjar, we can measure and evaluate user behavior (mouse movements, clicks, scroll height, etc.) on the pages of our Website. In order to collect data, Hotjar sets cookies on users’ devices and can collect user data such as browser information, operating system, time spent on the site, etc. You can find out more about Hotjar’s data processing here.

Intercom: This Website uses Intercom, a customer communication service from the United States of America. You can prevent the collection of the cookie-generated data pertaining to your use of the Website (including your IP address) and the processing of this data by Intercom by following this link and opting out: https://www.intercom.com/terms-and-policies#terms.

Auth0: This Website uses Auth0, a single sign-on service from the United States of America. You can prevent the collection of the cookie-generated data pertaining to your use of the Website (including your IP address) and the processing of this data by Auth0 by writing to Auth0 Inc. at [email protected] and opting out. Please find more information on Auth0’s privacy policy here: https://auth0.com/privacy.

Amendments to the Cookie Declaration

We reserve the right to amend our Cookie notice as necessary. The amended version of the Cookie notice will always be published on our Website. Please check the relevant page regularly. Subject to applicable legislation, any changes will come into force as soon as the amended Cookie notice is published. If we have already collected data about you and/or are subject to a statutory duty to provide information, we will also inform you about any significant changes to our Cookie notice and ask you for your consent.