Privacy policy
1. Introduction
Refiner is committed to safeguarding the privacy of our clients. This Privacy Policy outlines our practices for collecting, using and storing personal data.
2. Definitions
The terms “Refiner”, “we”, “us” and “our” all refer to the company Refiner Translations OÜ, business registry code 10894180, whose registered business address is Pärnu mnt 10, Tallinn 10148, Estonia.
The term “service(s)” refers to any of the services provided by Refiner described in the Services section of our website and governed by our Terms and Conditions.
The terms “client(s)” and “you” refer to any person or entity that inquires about the services provided by Refiner or makes an agreement with Refiner for the provision of services.
The term “provider(s)” refers to professional linguists employed by Refiner on a permanent or freelance basis for the purpose of providing services to clients.
The term “agreement” refers to, but is not limited to, contracts between Refiner and clients for the provision of services, confidentiality agreements and non-disclosure agreements.
“Personal data” refers to any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Data subject” refers to a person whose personal data is collected or processed.
“Processing” refers to any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Controller” refers to the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by European Union or Member State law.
“Processor” refers to a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
“Third party” refers to a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
“Consent” of the data subject refers to any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
“Personal data breach” refers to a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
“Cross-border processing” refers to either: processing of personal data which takes place in the context of the activities of establishments in more than one Member State of a controller or processor in the European Union where the controller or processor is established in more than one Member State; or processing of personal data which takes place in the context of the activities of a single establishment of a controller or processor in the European Union but which substantially affects or is likely to substantially affect data subjects in more than one Member State.
3. Principles
3.1. Refiner complies with the following principles when processing personal data:
3.1.1. Legality and fairness – personal data is processed legally and fairly.
3.1.2. Purposefulness – personal data is collected for specified, explicit and legitimate purposes and must not be processed in any manner incompatible with these purposes.
3.1.3. Quality – personal data must be adequate and appropriate and must not be excessive given the purposes of the data processing.
3.1.4. Accuracy – personal data must be accurate and, if necessary, kept up to date; reasonable measures are taken to ensure that any personal data which is inaccurate with respect to the purpose of data processing is erased or rectified without delay.
3.1.5. Retention – personal data is retained in a format that enables the identification of the data subject only until this is necessary for the achievement of the purpose for which the personal data is processed.
3.1.6. Security – personal data is processed in a manner that ensures appropriate security thereof, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, by means of implementing appropriate technical or organisational measures.
4. Roles
4.1. Refiner is a controller.
4.2. Refiner’s providers are processors.
5. Data processed
5.1. Refiner processes the following personal data:
5.1.1. Client name
5.1.2. Client email
5.1.3. Client phone number
5.1.4. Client employer (where provided)
5.1.5. Client’s position in the organisation that they are employed by (where provided)
5.1.6. Previous employer(s) (where provided)
5.1.7. Periods of absence from work (where provided)
5.1.8. Website user statistics
5.1.9. Personal data contained in materials clients send us for the provision of services (e.g. personal details that are contained within a text a client submits for translation).
6. Purposes for processing personal data
Refiner only processes personal data for the following purposes:
6.1. To answer client queries and provide clients quotes;
6.2. For entering, performing and concluding agreements with clients;
Where an agreement is for the provision of services, this includes:
Project management;
Provision of the agreed services;
Invoicing for the provision of the agreed services;
6.3. For enhanced website user experience (e.g. to remember website visitors’ language preferences);
6.4. Where legally obliged to do so.
7. Processing of personal data
7.1. Refiner does not transmit any personal data to its processors other than that contained in materials clients send us for the provision of services.
7.2. Refiner will only transmit personal data to third parties where legally obliged to do so.
7.3. Processors and third parties may not be residents of Estonia; thus, personal data that is transmitted to our processors or to third parties may be used for cross-border processing.
7.4. Refiner confirms that we apply appropriate technical and organisational measures to ensure the security of personal data.
7.5. Refiner confirms that we only transmit personal data to processors who provide sufficient guarantees that they implement appropriate technical and organisational measures to ensure the security of personal data.
7.6. Refiner confirms that we only transmit personal data to third parties who provide sufficient guarantees that they implement appropriate technical and organisational measures to ensure the security of personal data.
7.7. Refiner confirms that we apply appropriate technical and organisational measures to ensure the security of cross-border transmission of personal data.
8. Data retention
8.1. Except where Refiner is subject to a legal obligation that provides different terms for retaining that data, Refiner will destroy and/or erase any personal data no later than one year from the moment it is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
8.1.1. When there is no other purpose for processing it, Refiner will destroy and/or erase any personal data arising from an agreement for the provision of services no later than one year from the moment that Refiner has completed the service and the client has paid Refiner in full for the service.
8.1.2. When there is no other purpose for processing it, Refiner will destroy and/or erase any personal data arising from a client query no later than one year from the date of the final communication between Refiner and the client regarding the query.
8.1.3. The client and Refiner may make an agreement for Refiner to process personal data provided by the client for a period extending beyond a year from the moment it is no longer necessary in relation to the purposes for which it was collected.
8.2. Refiner will immediately notify data subjects of any breach of their personal data.
9. Rights of the data subject
9.1. Data subjects have the right for their data to be destroyed and/or erased.
9.2. Data subjects have the right to make inquiries to Refiner about the processing of their personal data.
9.3. Data subjects have the right to restrict the processing of their personal data.
9.4. Data subjects have the right to lodge a complaint with the Data Protection Inspectorate about the processing of their personal data.
10. Website use
10.1. Cookies are small data files that are saved on your computer or mobile device when you visit a website. They are widely used by website owners to make their websites work, or to work more efficiently, as well as to provide reporting information.
10.2. Our website, www.refiner.ee, uses cookies:
10.2.1. Where essential for the website’s basic functionality;
10.2.2. Where essential to provide functionality that you have requested (e.g. to remember your language preferences);
10.2.3. To recognise your computer when it visits the website;
10.2.4. To collect anonymous and generalised data about how the website is used.
10.3. You can manage the use of cookies through the cookie banner that opens when you first visit the site or through your browser settings. This includes allowing or blocking all cookies that are not essential for the website’s basic functionality.
11. Amendments to privacy policy
Refiner updates this Privacy Policy on a regular basis where necessary. The latest version of the Privacy Policy is always available on our website.