Privacy Policy

This Privacy Policy (hereinafter, Policy) was designed by GATE TO BALTICS OÜ (registry code 14294695), address Narva mnt 7, Tallinn, 10117, , Estonia (hereinafter, Company) for the website www.gatetobaltics.com, operated by the Company, as well as for the relationship between the Company and natural and legal persons the Company provides, has provided in the past or will provide services to (hereinafter, Client). Client shall mean the private person, legal entity, shareholders, officers and beneficiary owners of the legal entity.

For privacy related matters and concerns the Company may be contacted at info@gatetobaltics.com.

The Company operates the website in order to describe the services it offers to its Clients, in order to publish informative material related to the legal and business field, and in order to facilitate contact with its Clients. In establishing and maintaining relationships with its Clients and Company will process certain personal data, necessary for the establishment of and maintaining of relationships with the Clients as well as for compliance with legal obligations imposed on the Company as a provider of legal and consultancy services. The Company acts as the data controller in its processing of personal data.

The Company uses third party services for the management of appointments. For the management of appointments the Company uses the platform and technology developed and provided by Acuity Scheduling. In cases when the Client’spersonal data is processed by the aforementioned service, the Privacy Policy and the Data Processing Addendum of Squarespace, Inc. applies along with this Policy. The Privacy Policy of Squarespace, Inc. can be found here (https://www.squarespace.com/privacy) and the Data Processing Addendum can be found here (https://www.squarespace.com/dpa/).

In processing of personal data of the Company’s Clients, the Company, its officers and employees adhere to best practices and principles of legally compliant data processing. The Company processes the personal data of its Clients and other data subjects who have provided personal data to the Company in a fair and transparent manner, limits the amount of personal data collected to what is required, limits the processing of personal data to that which is necessary to achieve the purpose of processing, and takes precautions and implements necessary security measures to ensure that personal data is safe and its integrity is preserved.

1. BASIS FOR PROCESSING

Agreement for the provision of services– the Company and the Client (the parties) conclude a contract which governs the relationship between the parties. According to the contract the Company provides legal and consultancy services to the Client. During the provision of those services the Company shall collect information necessary for the conclusion and performance of the contract, including but not limited to information relating to the officers and associated persons of the Client.

Consent– pursuant to the aforementioned contract, the Client gives consent to the Company for the processing of personal data relating to the officers and associated persons of the Client. Additionally, when a natural person establishes contact with the Company through the contact form available on the website and provides the Company with his or her full name and e-mail address, the natural person consents to the Company using this information to respond to his or her inquiry.

Legal obligation– the personal data pertaining to the officers and associated persons of the Client is necessary for compliance by the Company with legal obligations, particularly but not only legislation concerning the prevention of money laundering and terrorist financing. 

2. TYPES OF PERSONAL DATA PROCESSED

In order to provide services and to comply with AML/KYC (anti-money laundering/know your customer) principles the Company collects and processes certain information relating to the Client and its officers and shareholders. 

The information collected is:

-      Full names of the Client’s shareholders and officers

-      Full name if a natural person establishes contact with the Company through the contact form available on the Company’s website

-      Date and place of birth of the Client’s shareholders and officers

-      Nationality of the Client’s shareholders and officers

-      Residential address of the Client’s shareholders and officers

-      Information pertaining to the professional activities of the Client’s shareholders and officers

-      Information pertaining to past criminal, or other, convictions of the Client’s shareholders and officers

-      Contact details, including the telephone number and e-mail address, of the Client’s shareholders and officers

-      E-mail address if a natural person establishes contact with the Company through the contact form available on the Company’s website

-      Politically exposed status of the Client’s shareholders and officers

Persons possessing a politically exposed status are those persons that are performing or have performed in the past any prominent public functions, including but not limited to holding public office, acting as elected representatives, or holding leadership positions in political parties, or those persons related or closely associated with persons fulfilling the aforementioned criteria. 

Other types of personal data may be processed by the Company in order to comply with legal obligations, including but not limited to, orders and requests from regulatory authorities and other governmental entities. 

3. THE PURPOSE OF PROCESSING

Personal data relating to officers, shareholders, beneficiary owners and other associated persons of the Client is processed by the Company in order to provide legal and consultancy services to the Client according to the contract concluded between the Company and the Client and in order to ensure compliance with legal obligations.

The full names, date and place of birth, nationality, residential address, information pertaining to past criminal, or other, convictions, information pertaining to the professional activity and contact details of the Client’s beneficial owners, shareholders and officers are processed in order to provide services to the Client according to the contract concluded between the Company and the Client, particularly but not solely, in order to provide incorporation services to the Client.

Contact details of the Client’s beneficial owners, shareholders and officers are processed in order for the Company to communicate with the Client’s shareholders and officers.

Information concerning politically exposed person status of the Client’s beneficial owners, shareholders and officers is processed for the purpose of compliance by the Company with legal obligations, including but not limited to, legislation relating to anti-money laundering and the prevention of terrorism financing.

The full name and e-mail address provided by a natural person when establishing contact with the Company through the contact form available on the Company’s website is processed in order to respond to his or her inquiry, including but not limited to, scheduling of appointments.

4. RECIPIENTS OF PERSONAL DATA PROVIDED TO THE COMPANY

The Company shall not provide access, in any form, to personal data provided to the Company by the Client to any third party unless instructed or authorized to do so by the Client, or unless this is necessary to comply with a legal obligation or order or request by a regulatory body.

Personal data concerning the Client’s shareholders and officers shall be transmitted to persons fulfilling functions of a public character, including but not limited to notaries public and the Financial Intelligence Unit.

5. SECURITY OF PERSONAL DATA 

The Company treats personal data with utmost care and ensures that access to the data entrusted to the Company is provided only to the officers and employees of the Company in the course of their professional activities.

6. STORAGE

Personal data entrusted to the Company shall be stored by the Company throughout the duration of the provision of services by the Company to the Client and throughout the duration of the professional relationship between the Company and the Client.

 Some personal data may be stored for periods longer than the aforementioned periods when required so by law, particularly but not only, legislation concerning the prevention of money laundering and terrorist financing.

7. RIGHTS OF THE DATA SUBJECT

 Pursuant to the GDPR, data subjects personal data of whom is processed by the Company possess certain rights relating to their data and the processing of their data.

Data subject has the right to withdraw consent given to the Company for the processing of his or her data, unless where such processing is necessary for the performance of a contract between the data subject and the Company or for compliance by the Company with a legal obligation.

Data subject has the right to be informed about what personal data concerning him or her is processed, for what purposes such data is processed, for what periods of time such data is processed.

Data subject has the right to instruct the Company to provide the data subject with a copy in machine-readable format of the personal data pertaining to him or her and processed by the Company.

Data subject has the right to instruct the Company to correct inaccurate our outdated personal data.

 Data subject has the right to instruct the Company to delete personal data pertaining to him or her. Such instruction may be refused by the Company on the grounds of an on-going professional relationship between the data subject and the Company or on the grounds of legal obligation imposed on the Company. In such cases, the Company shall inform the data subject of the grounds for refusal in a timely manner.

8. COOKIE POLICY

Gate to Baltics uses “Cookies” to identify the areas of Our website that You have visited. A Cookie is a small text file containing certain data stored on Your computer or mobile device by Your web browser. We use Cookies to personalize the Content that You see on Our Website. Most web browsers can be set to disable the use of Cookies. However, if You disable Cookies, You may not be able to access functionality of Our website correctly or at all. We never place Personally Identifiable Information in Cookies. By using Our site, registering and account, or making a purchase, You consent to the fact that We use cookies. 

9. DATA PROTECTION AUTHORITY

 The supervisory authority in the field of processing of personal data is the Estonian Data Protection Inspectorate, which can be reached at the e-mail address info@aki.ee.