Privacy Policy

The protection of your privacy in the processing of personal data is an important concern to which we pay special attention in the context of our business processes. We handle personal data collected during visits to our websites, Apps and/or during using our mobile applications confidentially and entirely in accordance with legal regulations.

Herein, personal data is information about an identified or identifiable natural person and processing means any automated or manual operation performed on personal data (e.g. collection, recording, organization, structuring, storage, adaption, alteration, erasure, destruction, etc).

Comodule OÜ acts as data controller in respect to all users of Comodule applications and as principle processor of collected data. This means that we will determine the purposes and means for processing the personal data that is being collected from you. We only use data in ways relevant to carrying out our business and services.

Our services are not intended for children under the age of 16 years or any other age limit applicable in your jurisdiction and we do not knowingly collect data relating to children.

We process personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (the General Data Protection Regulation) (hereinafter referred to as GDPR) and other legal acts governing personal data protection and this Privacy Policy.

Collection and use of personal data

Personal data means any data that can be directly or indirectly associated with you as an individual, which are collected and processed by COMODULE OÜ in order to fulfil contracts with natural persons, to contact them, and perform obligations pursuant to law.

Personal data of ÄIKE customers can be collected in any of the following ways:

  • when you provide us your contact information (incl. your name, personal ID code, postal address, telephone number, e-mail address, the preferred method of communication) on our website or otherwise (e.g. in our stores);
  • when you use our website, data are collected through your account or through cookies;
  • when you make a purchase or place an order in our store or e-shop and store your personal contact information or purchasing preferences (in certain sections of the website www.rideaike.com may ask you to voluntarily provide your personal data and personal information. Such personal data may include your name, address, postal code, e-mail address, telephone number, and other data);
  • when you apply for hire-purchase.

 

Collection of other data

We also collect non-personal data, i.e. data that cannot be directly linked to a particular individual (gender, age, language preference, location). We may also collect data of general nature about how our customers interact with our e-shops and the website. These data are combined and used to provide customers information that is more useful for them, and to learn about which parts of the website, products, and services attract the most interest. In this Privacy Policy such combined data are regarded as non-personalised data.

 

Our summarized principles for processing personal data are as follows:

  • Collected personal data will be adequate, relevant and limited to above stated purposes
  • Collected personal data will be kept accurate and up to date
  • Personal data is processed fairly, lawfully and in a transparent manner
  • Personal data is processed only for limited, specified and lawful purposes
  • Unnecessary data will be deleted
  • Personal data is automatically removed from our database after user has deleted his/her mobile application account or has requested us to delete their account
  • Appropriate organizational and technical security will be ensured, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage
  • Personal data will be transferred to other countries with matching protection levels and entities ensuring matching protection levels to such data.

We process sensitive personal data only with the explicit and unambiguous consent from the user to whom the data relates, or when needed for the protection of life, health or freedom or to fulfill applicable laws and regulations or contractual obligations.

Other purposes for processing personal data are:

(a) securing compliance with the applicable legal, regulatory or professional requirements;

(b) for processing requests and communications from competent authorities;

(c)  user relationship administration, financial accounting, internal compliance and risk procedures, and client relationship purposes;

(d) utilization of systems and applications (hosted or internal) for information technology and information system services.

When you register for our services, you will, upon the logging in of your submitted contact details, indicate your consent to our collecting, processing and using this data and also the master personal data voluntarily provided by you in the context of the use of the available services, to the extent necessary for the provision of the contractually stipulated services. You also confirm that all the personal data provided to us is correct and up-to-date and you are taking an active obligation to update any item of personal data as soon as submitted data becomes incorrect, outdated or misleading.

Comodule retains and uses anonymous/aggregated data in order to develop and improve applications in line with users’ requirements. We reserve the right to evaluate the data on an anonymous basis, to publish it on the platform in the form of statistics and to otherwise use the data.

Cookies

We may use cookies on our websites. Please read more about the use of cookies in our cookie policy, which you can find in the footer of our website and in our App.

The purposes of processing of data collected by the use of cookies, are the following:

  • to operate, improve and optimize the performance and user experience of the website and its services,
  • perform customer and user analysis and segmentation in order to improve our understanding of our users, and provide better and tailored services to users, including you,
  • statistical purposes.

 

Use of your personal data in Comodule group

We may make available your personal data to another affiliate within Comodule group, that is data will move between different entities in different jurisdictions. This may be done due to division of business functions between different entities. All personal data protection and processing obligations as well as liability on Comodule are in that case extended to such other entities receiving and processing the personal data.

Disclosure, transfer and making available personal data to recipients

Our disclosure and transfer of your personal data to recipients (natural or legal persons, public authorities, agencies or another body, to which the personal data is disclosed) is kept to a minimum and is subject to the existence of an adequate level of data protection.

We may disclose or make personal data available to recipients under the following circumstances:

  • Recipients who carry out services on our behalf, such as e.g. hosting, cloud computing, payment service, online identification service, IT-support, marketing services, administrative services, training services or other data processing. Such recipients are only allowed to process the personal data in accordance with our instructions and the relationship will be governed by a written data processor agreement; or
  • To establish, exercise or defend our legal rights; or
  • If you have provided your prior consent to the disclosure of personal data to a recipient or
  • As set out in our cookie-policy

If the recipient of the personal data is located in a country outside the EU/EEA not ensuring an adequate level of data protection, we will only transfer your personal data to such recipient following execution of a written transfer agreement based on the EU Commissions Standard Contractual Clauses.

Automated individual decisions

We may use automated decision making based on your personal data. Automated decision making will only take place if the decision is:

  • necessary for entering into, or performance of a contract between you and Comodule;
  • authorized by Union or Member State law to which Comodule is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
  • based on your consent.

In case we use automated decision making, we will ensure that suitable security measures are implemented.

Special personal data will in no event be subject to automated decision making unless you have provided your explicit consent or the processing is necessary for reasons of substantial public interest, on the basis of applicable law.

Your consent

As stated above some of our processing activities will be based on your consent. In such case, you will have the right to withdraw your consent at any time.

Please note that the withdrawal of your consent will not affect the lawfulness of processing conducted prior to the withdrawal. Further, as a consequence of your withdrawal of your consent, we may not be able to satisfy your requests or provide you with our services.

Data security

In order to safeguard your personal data, Comodule has implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected, having regard to the state of art and the costs of their implementation.

Following the evaluation of the risk, Comodule has taken measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of personal data over a network, and against all other unlawful forms of processing.

Training

In order to ensure that we always comply with applicable data protection legislation and the requirements and to ensure that our employees are familiar with such regulation, we have established an internal privacy training and education program that our employees with permanent or regular access to personal data are obligated to complete.

Your rights

You have the right to request more information about our data collection processes and further processing of your personal data. In addition, you have the right to correct your personal data, if necessary.

We will delete or correct any information, which is inaccurate or out of date by reason of the time elapsed since it was collected or by reason of any other information in our possession.

If you provide us with a written request, we will also delete your personal data without undue delay, unless we have a legal basis to continue the processing, e.g. if the processing is necessary to establish, exercise or defeat a legal claim or necessary to the performance of a contract with you.

In order to make use of any of the rights mentioned above, please contact us in writing via .

With regard to such requests, kindly provide us with relevant information to take care of your request, including your full name, mobile telephone number and email address so that we can identify you. We will respond to your written data collection request as soon as possible and no later than within 10 (ten) working days.

If you disagree with our processing of your personal data please be informed that you can lodge a complaint with your local data protection agency.

Complaints

Should you have any complaints about the processing of personal data carried out by Comodule, please feel free to contact us via .

We will review and assess your complaint and if necessary we may contact you in order to obtain further information.

We strive at processing any complaint or objection within 10 (ten) working days. If it is not possible to make a decision within the given timeframe, we will inform you grounds for the delay and of the time (not exceeding 6 months from receipt) at which the decision can be expected to be provided.

At any time before, during or after the complaint process described above, you may also raise a complaint/file a case with Estonian Data Protection Inspectorate, located in Tallinn, 39 Tatari St., 10134  or online at www.aki.ee.

Links to other websites, etc.

Comodule websites and App may contain links to third-party websites operated by providers that are not associated with us. After you click the link, we no longer have any influence over the collection, storage, or processing of any personal data transmitted to third parties upon your clicking of the link (such as the IP address or URL of the page that contains the link), as we naturally do not have any control over the behavior of third parties. Therefore, Comodule cannot assume any responsibility for the processing of such personal data by third parties.

Changes to this privacy policy

We reserve the right to amend this Privacy Policy in the future due to changes in applicable legislation, the Terms and Conditions of Comodule services or in Comodule’ processes. We will inform you of any such amendments.

Comodule data protection officer

Comodule’s Data Protection Officer (DPO) will monitor internal compliance and ensure that the company processes personal data in compliance with GDPR and other applicable data protection laws.

You may contact the data protection officer of Comodule via dpo@comodule.com.

General contact information

If you have a request or a question regarding processing of your personal data or this Privacy Policy in general, please contact our Customer Support via .

Services

Google Tag Manager; Calendly widget; WordPress.com; WordPress Stats; Hotjar surveys; Facebook Authentication; Facebook Remarketing; Facebook Oauth; Facebook account access; Facebook Custom Audience; Facebook Audience Network; Facebook Lookalike Audience; Facebook lead ads; Amazon Web Services (AWS); WordPress.com Single Sign On; Hotjar Recruit User Testers; Google Analytics for Firebase; Facebook Analytics for Apps; Facebook Messenger Customer Chat; Hotjar Poll & Survey widgets; Hotjar Heat Maps & Recordings; Google Analytics with anonymized IP; Google Analytics Advertising Reporting Features; Hotjar Form Analysis & Conversion Funnels; Google Analytics Demographics and Interests reports; Facebook Ads conversion tracking (Facebook pixel); Reach; Google Ad Manager; Amazon Glacier; Amazon Appstore; Google Ad Manager Audience Extension; Google Optimize ; Simple Analytics; Amazon Mobile Ads; Amazon Omakase; Amazon Payments; Google Optimize 360; Amazon Simple Email Service; YouTube Analytics and Reporting API; Google Optimize ; Google Optimize 360; Facebook lead ads.