Estonian Adventure Racing Team MT (branded ExpeditionEstonia) knows that our users highly value their privacy and protection of personal data. We take the protection of all data very seriously. Please take a moment to read our privacy statement.
What does our privacy statement cover?
The ExpeditionEstonia Privacy Notice covers the privacy practices of the websites and services we manage and the protection of the personal data of private users (hereinafter referred to as the User) in these environments.
This notice does not cover the rules and work organization of our customers or Service Providers.
Our users, customers and Service Providers have all agreed to the General Terms and Conditions established by ExpeditionEstonia, which stipulate how customers provide us with the personal data of their employees and how the Service Providers must handle the personal data necessary for us to provide the service.
The chief processor of personal data collected through the ExpeditionEstonia environment is Estonian Adventure Racing Team MTÜ (Estonian Commercial Register number 12698537), legally located at Lossi 6-2, Tallinn. Contact information firstname.lastname@example.org, phone +372 529 4233. Estonian Adventure Racing Team MTÜ forwards the personal data necessary for making payments to the authorized processor Maksekeskus AS.
Data that Users can provide to us in the ExpeditionEstonia environment
In our environment, the User can perform several activities without transferring personal data. For example, get acquainted with the point of sale account of the Service Providers and the services offered by them, the content and prices of the services offered by ExpeditionEstonia.
When registering a user ID, a profile is created for the user and a number of personal data is stored in the process. For example: User name, e-mail address, personal identification code, gender, telephone number, employer details. During the use of the ExpeditionEstonia environment, data on sports clubs, trainings, health services and sports events selected by the User and data entered by the User in the training diary, such as the sport played, training duration, training comments, are created.
Data that is recorded automatically
When using the ExpeditionEstonia environment, the User’s IP address and its approximate location, browser version, cookie data as well as the pages that Users visit in our environment are automatically registered.
What is the data collected for?
We do not sell or rent User Data to third parties. The data is collected in order for Users to use the health and sports services offered in the ExpeditionEstonia environment. Location data is collected so that Users can find the services closest to them as quickly as possible. Data on health services, sports clubs, trainings and participation in events selected through ExpeditionEstonia are collected for non-personalized data processing (analytics) and, if the User has given his / her consent, also for the transmission of personalized direct marketing messages.
Recipients of personal data
The recipient of the data is Estonian Adventure Racing Team MTÜ. Health and sports clubs and event organizers will be provided with the User’s personal data only to the extent necessary to identify the User and check the payment limits of his / her ExpeditionEstonia accounts in order to sell the desired service or product.
ExpeditionEstonia also uses third party software to improve its service. For example, users’ e-mail addresses with information if they have agreed to direct marketing communications will be forwarded to our partner Sendsmaily OÜ (smaily.com), through whose service we send out newsletters. Google Analytics (analytics.google.com) monitors user behavior on the website
They may also be forwarded to other Service Providers used by ExpeditionEstonia in the future. In any such case, ExpeditionEstonia shall make clear in advance that the privacy requirements of the respective service provider are in accordance with the requirements of the law and that the personal data of the Users would be stored and transmitted in a sufficiently secure manner.
Where is the User’s personal data stored and transmitted?
Personal data collected through the ExpeditionEstonia environment will not be transferred to countries outside the European Union or which do not have similar personal data protection laws in accordance with the European Union standard. The data is stored on servers located in a Member State of the European Union.
Public personal data
Other Users can search for the User by name in the search window and see if the User has an ExpeditionEstonia account and, if desired, can see the training data publicly added to the User’s account. The User has the opportunity to limit the visibility of their trainings by other Users under their account settings.
Cookies can also be turned off by each User in their web browser and cookies already stored can be deleted, but unfortunately in this case we cannot guarantee the correct operation of the ExpeditionEstonia environment.
How are Users’ personal data protected?
For security and privacy, the User ExpeditionEstonia account is password protected. Be careful not to share your password with third parties as a User or put an easy-to-guess password in your account or use the same password on many different web services.
Also, do not leave yourself as a User logged in to the ExpeditionEstonia account on foreign computers.
ExpeditionEstonia environment data requests are made in encrypted form. Within the company, we use reasonable technical and organizational solutions for moving personal data between employees and partners.
Although we work on a daily basis and strive to keep the personal data of all Users secure and transmitted, we remind you that the movement of information on the Internet is never 100% secure.
Our website contains links to other websites that may or may not be our partners. ExpeditionEstonia does not guarantee or be responsible for the protection of the personal data of the websites behind these links. If the User moves from one page to another, the User must first determine the privacy settings of these websites. The same goes for using social media login or social media sharing buttons / links.
Retention period of personal data
The data is stored as long as the User has an ExpeditionEstonia account. After deleting the ExpeditionEstonia account, the data of the User’s sports clubs, trainings, health services and participation in sports events will be made anonymous and used for analytical purposes. Deleted User data from backups and logs will be permanently lost no later than 1 year after deletion.
The history of purchases made by the user is preserved and can be accessed by the clubs from which the service was purchased and by the company whose sports compensation has been used, but this data is decoupled from the user account and other personal data.
Correction and deletion of data
The user may at any time request access to, correction and deletion of his data. The User also has the right to restrict the processing of data, withdraw consent or request transfer to another database. The User can perform the respective actions by logging in to his ExpeditionEstonia account or by writing to email@example.com.
It must be taken into account that it is no longer possible to use the ExpeditionEstonia environment when restricting, deleting or transferring access to data.
If ExpeditionEstonia deletes your User Account due to a breach of the terms of the user agreement, you have the right to request the deletion of your data by e-mail at firstname.lastname@example.org. ExpeditionEstonia analyzes each such claim separately and informs the user if and when his claim will be satisfied.
Personal data of children
ExpeditionEstonia services can also be used by minors. If you are a User under the age of 18, please consult with your parents before creating an account and do not share your personal information without parental consent. If you discover that your minor child has created an ExpeditionEstonia user account against your will, let us know at email@example.com
Personal data provided by ExpeditionEstonia to third parties
In our environment, employers can create ExpeditionEstonia user accounts for their employees. According to ExpeditionEstonia’s General Terms and Conditions, the creation of each account requires the consent of that employee. If you have received a letter from us that your employer or someone else has created an ExpeditionEstonia account for you and you are sure that you have not given such consent, please notify us immediately at firstname.lastname@example.org
ExpeditionEstonia organizes advertising campaigns from time to time, where we ask you to recommend your friends or colleagues who might like the ExpeditionEstonia service. During such campaigns, we ask Users for the name and email address of their friend / colleague. Such data will be retained in order to send an invitation to a User’s friend / colleague once to join ExpeditionEstonia and to monitor the success of the referral program and the archives to which such an invitation has been sent.
The user’s friend or colleague has the opportunity to request the deletion of such data by writing to email@example.com
Health and sports expenditure for employees
In order to use the support for health and sports expenses offered by the employer, the invoice for participation in the event must be submitted to the Stebby environment as a cost document.
Transmission of direct marketing communications
If the User has allowed notifications about health and sports clubs and events, the respective notifications will be forwarded by Estonian Adventure Racing Team MTÜ. To the organizers of health and sports clubs and events The personal data or contact details of the Users for the transmission of direct marketing messages shall be provided by the organizers of the events in accordance with the rights granted to them by the User.
Direct marketing notices may be provided in a personalized form based on the User’s age, gender, and data collected by ExpeditionEstonia about the User’s health and sports habits.
If the User does not wish to receive direct marketing notifications, he can unsubscribe by going to his ExpeditionEstonia settings page and setting whether and which direct marketing notifications are desired. Links to opt-out of newsletters and direct marketing communications are also included in any such letter sent.
Changes to the Privacy Notice
ExpeditionEstonia evolves, laws change, and life goes on. We may make changes to this privacy statement from time to time. We will notify Users of these changes on our website or by e-mail.
Data protection officers
The ExpeditionEstonia Data Protection Officer can be contacted by e-mail firstname.lastname@example.org
If, after communicating with our Data Protection Officer, the User feels that ExpeditionEstonia does not fulfill its obligation to protect personal data with due diligence and does not comply with this Privacy Notice, you can notify the Estonian Data Protection Inspectorate, located at Tallinn Väike-Ameerika 19, 10129, at www.aki.ee