Privacy Policy

Last updated: January 30, 2025

General Information

This Privacy Policy explains how Tehnoloogika OÜ (registry code 16567890), operating under the brand Infopol.ee, processes personal data when providing compliance services through the website https://infopol.ee.

Tehnoloogika OÜ is the controller of personal data and ensures that all processing is carried out in accordance with the EU General Data Protection Regulation (GDPR) and applicable Estonian law.

Contact Details

Controller:Tehnoloogika OÜ
Registry:16567890
Business:Infopol.ee
Email:support@infopol.ee
Address:Paju 2, 50604, Tartu, Estonia
Phone:+372 58 866 888
Website:https://infopol.ee

Categories of Personal Data

We collect and process the following personal data:

Name and surname
Email address
Organization name and role
Login credentials and user account data
Quiz and test results related to compliance training
Communication records
Technical data (IP address, browser type, operating system, usage logs)

Purposes of Processing

We process personal data for the following purposes:

Providing and maintaining access to the Infopol.ee platform
Managing user accounts and authentication
Conducting compliance training, tests, and confirmations
Generating audit and compliance reports for organizations
Ensuring information security and preventing misuse
Meeting legal obligations and record-keeping requirements
Internal analysis and system improvement
Communication with clients and technical support

Legal Basis

Processing of personal data is based on:

Contractual necessity under Article 6(1)(b) GDPR – to provide our services
Legal obligations under Article 6(1)(c) GDPR – to comply with applicable laws
Legitimate interest under Article 6(1)(f) GDPR – to ensure platform security and improvement

Data Retention

Personal data is stored only as long as necessary for the purposes listed above or as required by law.

User account data is deleted within 90 days after termination of the service agreement or account closure unless legal requirements dictate longer retention.

Data Sharing

We may share personal data with trusted service providers who process data on our behalf:

Cloud infrastructure and hosting services
Communication and notification delivery systems
Technical monitoring and system maintenance services
Professional advisors and consultants

All service providers operate under written agreements and comply with GDPR requirements.

Data Transfers

We use cloud service providers that maintain GDPR compliance through standard contractual clauses and appropriate safeguards. Data processing may occur in multiple jurisdictions while maintaining full compliance with EU data protection requirements.

Data Subject Rights

You have the following rights under GDPR:

Right to access your data
Right to rectification of inaccurate or incomplete data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to object to processing based on legitimate interests
Right to data portability
Right to lodge a complaint with the Estonian Data Protection Inspectorate (www.aki.ee)

Requests can be sent to support@infopol.ee. We respond within one month as required by GDPR.

Security Measures

We apply appropriate technical and organizational security measures to protect personal data against unauthorized access, alteration, or destruction. Access to personal data is restricted to authorized personnel only.

Cookies and Analytics

The website uses cookies to improve usability and collect anonymous analytics. You can manage your cookie preferences through our cookie banner.

We use technical monitoring tools to understand website usage and performance. These tools are configured in compliance with GDPR, collect anonymous usage data, and do not identify individual users.

For more details, please see our Cookie Policy.

Policy Updates

We may update this Privacy Policy periodically. All updates will be published on our website with the "last updated" date.