Privacy Policy and Processing of Personal Data

The responsible employee of the website is:

Cantec OÜ 14281020

Estonia, Tallinn, Mehaanika 12, 10616

Protection of personal data

Personal data is data that Cantec OÜ collects in order to provide a service, identify a person, contact a person to provide a service, resolve questions or send advertising content.

Cantec OÜ does not process sensitive personal data as defined in Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation or GDPR or EU Regulation 2016/679).

Cantec OÜ undertakes to protect the personal data of customers and users and their privacy. The activities of Cantec OÜ on the Internet are in accordance with all relevant activities and the relevant legislation of the European Union and the laws of the Republic of Estonia, including Regulation (EU) 2016/679 of the European Parliament and of the Council. Cantec OÜ takes all precautionary measures (incl. Administrative, technical and physical measures) to protect the collected personal data. Only authorized persons have access to change and process the data.


All personal data obtained in the course of visiting the websites of Cantec OÜ will be treated as confidential information.

The following are the principles of Cantec OÜ’s privacy policy regarding the collection, processing, use, publication, transmission, modification, forgetting and deletion of personal data.

The above principles do not apply to the processing of data of legal entities and other companies / institutions, and do not cover the processing of personal data on the websites / service environments to which our websites / service environments refer (external links).

The person representing the company (as the customer of the service) is not a natural person, it is an authorized representative of a legal person whose processing of personal data is not regulated by Regulation (EU) 2016/679 of the European Parliament and of the Council.

What data is collected?
When visiting websites, non-personalized technical data about the visitor is collected.
The specifications are limited to the Internet address (IP address) of the computer or computer network used, the software version of the computer’s web browser and operating system, the time (time, date, year) and location of the visit. IP addresses are not associated with personally identifiable information.
Data is collected on website visits and stays in order to improve websites and service environments and make them more convenient for visitors.
We use the automated Google Analytics tool to collect the above data. If you do not wish to provide this information about yourself, you can opt out of the collection of your data by Google Analytics at any time, as described here.
In the case of natural persons, the data to be collected are, if necessary, the personal identification code to identify uniqueness, the name, e-mail address, mobile phone, city and country of location for communication.
To process the data of legal entities, we collect the registration number, VAT number, name, country, address, e-mail addresses for contacting and sending an invoice, the names of the contact persons representing the company and their e-mail addresses and contact telephone numbers.
In the case of marketing messages sent to e-mails, we may collect information about your communications, such as whether you opened the e-mail, which links you click on, what devices you use for it, and their technical characteristics. This information is stored in the history of each contact.

Being in the contact database of Cantec OÜ, we can process your name and e-mail address or mobile phone number for marketing purposes also in social media and internet advertising (Facebook, Instagram, Google). For these purposes, we will process your personal data for 5 years from the date you add your contact to the contact database. Cantec OÜ has a legitimate interest (GDPR Art 6 (1) (f)) in sending marketing communications to its contacts in order to maintain a business relationship with them.

The personal data processed by the customers of Cantec OÜ uploaded to the environment of Cantec OÜ within the framework of the service is protected by the confidentiality requirement, which applies to the signing of the service agreement by the customer. The services of Cantec OÜ can be used only after accepting the contract. Acceptance of the agreement is checked by software, in its absence, acceptance is requested.

For the purposes of processing personal data listed in this subsection, the data will be accessed by Cantec OÜ employees who use all security measures in their work concerning the processing of your data.

Consent to the collection of personal data related to and related to the service is given by the subscriber at the time of ordering the service. By ordering the service, the consent is considered to have been given with the corresponding time stamp.

How long is the data collected stored?

Non-personalized technical data collected by websites and service environments will be retained indefinitely.

Personal data related to personalized inquiries and / or transactions is stored for up to 7 years after the last interaction with the service provider due to the obligation to prove transactions in the Accounting Act. An interaction is considered to be, among other things, responding to direct marketing by viewing or clicking on a link.

To whom can the data collected be passed on?

Personal data processed by Cantec OÜ may be transferred without the consent of the person only to an institution or person who has a direct right arising from law (for example, a court or pre-trial proceeding) and a justified need.

The personal data processed by the customers within the service of Cantec OÜ is treated as confidential and the right to process, release or transmit this data is the sole responsibility of the data owner (customer).

At the request of the client of Cantec OÜ, Cantec OÜ provides technical assistance in data processing, but the ownership and responsibility of the data does not change.

What rights does the person have to the data collected?

The right to inspect, correct and terminate the processing of your data.

By default, personal data will not be published unless confirmed (participation in trainings / seminars / conferences).

If personal information is not editable, accessible, disclosed on a website or in the service environment, we should provide us with a request to obtain or correct the information in a personally identifiable manner. If possible, the data will be issued or corrected within 7 working days.

If you want to opt out of direct marketing offers for all or some of the topics, you can do so immediately via the link in the footer of each marketing email you send. The change will take effect immediately.

If there is (no longer) a legal basis for processing, disclosing or giving access to personal data, the termination or deletion of the use of the data, the termination of the disclosure of the data or the granting of access to the data may be requested. To that end, an application should be made in a manner that enables identification.

The application shall not be granted if:

it may prejudice the rights and freedoms of another person,
it may impede the provision or non-provision of the service,
this may hamper the work of law enforcement agencies,
it is not technically necessary and / or possible.
the identity of the applicant is not legally bound by the data.
the identity of the applicant cannot be identified.


For example:

– You can’t delete an email address if you no longer want to receive direct marketing offers. In order to fulfill the requirement, you only need to have an email address to compare with – so that no email is sent.

– It is not possible to delete all data from the CRM unless more contact is recommended. In order to fulfill the requirement, there must still be enough data to compare – so that no contact is made.

Privacy Policy Terms and Changes

By using the websites of Cantec OÜ, you have read and agreed to these principles and conditions. We reserve the right to change the general terms and conditions of the privacy policy, if necessary, by notifying all parties involved.