1. Customer data processing principles

  2. 1. Definitions and General Provisions
  3. 1.1 Customer data is any information that is known to eKool about the customer school (personal data, contact information, eKool entered study information, communications, etc., entered into eKool).
  4. 1.2 Customer Data Processing is any activity carried out with customer data (including collection, recording, organization, storage, alteration, disclosure, enabling access to, making queries, retrieval, use, transmission or cross-referencing, deleting, etc., of customer data).
  5. 1.3 Customer relations is the legal relationship between the customer and eKool that occurs when a customer is registered as an eKool website user and/or uses the eKool service.
  6. 1.4 Customer is a natural person who is registered or has been registered as a user of the eKool website in the role of a student, teacher, school administrator or a parent and every institution and government body as a legal person who uses the eKool service.
  7. 1.5 A third party is any person who is not a customer of eKool or eKool staff.
  8. 1.6 A service is any service that eKool provides to the customer under the contract concluded with him/her.
  9. 1.7 The authorized processors are the persons who handle customer data on behalf of eKool A list of the authorized processors and their contact information is available at www. ekool.eu. If the authorized processors or data change, the list will be amended within a reasonable period, but not later than thirty (30) days from the occurrence of the change.
  10. 1.8 The customer data processing principles provided herein (also referred to as principles) are an integral part of the conditions of the provision of general service and apply to the extent to which they do not conflict with the specific service contracts.
  11. 1.9 By entering into a customer relationship with eKool the customer gives consent for processing of their customer data according to the principles and procedures provided herein.

  12. 2. General principles of processing customer data
  13. 2.1. eKool processes customer data in accordance with the requirements of the Personal Data Protection Act, other relevant legislation and the principles laid down herein.
  14. 2.2. eKool implements reasonable information technology and other necessary security measures to protect customer data and to monitor customer data processing.
  15. 2.3 The customer is aware and accepts that in spite of the measures to be implemented, electronic information exchange carries the risk that customer information may become known to third parties, the transmitted information can be faked, used for one’s own interest, etc.
  16. 2.4. eKool cannot ensure the security of customer data and is not responsible for it if the customer data is not protected due to insecurity of the equipment used by the customer, or if the user data related to the customer service, or any other information or media used to identify oneself has become known to a third party independent of eKool
  17. 2.5. eKool employees are, under laws and the employment contract or other similar agreements, under an obligation to keep customer data confidential for an indefinite period and shall be responsible for violation of the foregoing obligations. The employee has the right to process customer data only to the extent that is necessary to fulfill the tasks assigned to him/her.
  18. 2.6. eKool requires compliance with the rules of security and confidentiality of eKool by any person to whom customer data is transmitted or disclosed under the principles provided herein.
  19. 2.7. eKool limits customer data processing to the minimum that is required to fulfill the contracts with customers, to best serve the customers and to achieve the objectives set out in section 4 provided herein.

  20. 3. Composition of the customer data to be processed
  21. 3.1. eKool processes all customer data that have become known to him/her in the course of the customer relationship processes. eKool processes in particular, but not limited to, the following types of customer data:
  22. 3.1.1. Customer's personal information (including name, personal identification code, language of communication, etc.), as well as the data related to student customer education (including education, educational institution, etc.);
  23. 3.1.2. Customer’s contact information (including address, mobile phone number, e-mail address, etc.);
  24. 3.1.3. Data of the contracts entered into by the customer;
  25. 3.1.4. Data related to the customer’s habits, preferences and satisfaction (e.g., the frequency of using services, service preferences, customer complaints, etc.);
  26. 3.1.5. Customer segment data (i.e., a group or the region that the customer belongs to);
  27. 3.1.6. The data of the eKool web pages visited by the Customer.

  28. 4. General principles of processing customer data
  29. 4.1. For creation of a customer relationship and provision of services, eKool has the right to process all customer data that it has received from the customer, from another customer, (e.g., on a student from parents, teachers and/or school), or from public databases (including the data published on the Internet), as well as from third parties if transfer of such customer data is legitimate.
  30. 4.2. eKool processes customer data to the extent permitted by law in order to:
  31. 4.2.1. Identify the customer;
  32. 4.2.2. Perform the contract between the customer and eKool or to ensure the performance of the contract (including for the calculation and settlement of fees), and to realize its rights arising from the contract entered with the customer or a related contract, as well as to protect its violated or disputed rights;
  33. 4.2.3. Perform customer surveys, statistical studies, analyzes and reporting on the customers and the services;
  34. 4.2.4. Manage and develop existing services and applications used for the provision of the service, and to develop new services;
  35. 4.2.5. Check and, if necessary, correct or supplement the customer data provided by the customer;
  36. 4.2.6. Assess and prevent the potential business risks or losses related to the provision of services.
  37. 4.3 The overview of the processing of customer data provided in section 4.2 is not exhaustive. For creating customer relationships and for ensuring provision of services, in the event of arising of such need, eKool may process the customer data for a purpose not specifically indicated in section 4.2.
  38. 4.4. eKool does not process the study related data entered by the customer on any purpose other than to fulfill its contractual obligations.
  39. 5. Transmission of customer data to third parties
  40. 5.1. eKool discloses customer information to third parties solely to the extent required by the third parties for meeting the objectives set out in section 4.
  41. 5.2. eKool clients have the right to transmit customer data:
  42. 5.2.1. To individuals and organizations involved in the provision of services and in performance of contracts entered into with the customer (e.g., mobile telephony company);
  43. 5.2.2. To eKool consultants or other service providers if the customer data is necessary in order to provide a high-quality service, and provided that such persons fulfill the organizational, physical and information technological requirements provided for in eKool to maintain and protect confidential customer data;
  44. 5.2.3. To service providers, for who eKool has transferred under the conditions provided by law a part or all of their operations or the operations directly supporting the core operations (e.g., mail service, the archive service), provided that such persons fulfill the necessary organizational, physical and technological requirements to maintain and protect confidential customer data;
  45. 5.2.4. To the authorized processors (e.g., the statistical analysis of the use of services);
  46. 5.2.5. Summary statements to local educational agencies, and to the Ministry of Education and Research;
  47. 5.2.6. To other third parties, if the customer is in breach of contract (such as to a debt collection service provider, credit information to a company). The customer is aware and agrees that the relevant persons may process the customer data forwarded to them due to breach of contract in accordance with their existing customer data processing principles.
  48. 5.3 eKool is required to publish and communicate to the customer data for fulfilling their statutory liabilities.

  49. 6. Customer data processing for direct marketing and the study of customer habits and satisfaction
  50. 6.1. eKool has the right to transmit to the customer:
  51. 6.1.2. Advertisements and offers related to eKool services;
  52. 6.1.3. Advertisements and offers of carefully chosen partners.
  53. 6.2. eKool does not transmit customer data to the partners referred to in section 6.1.3.
  54. 6.3 The customer has the right at any time to announce to eKool of their wish not to receive further personalized offers and advertising. The information on how to refuse further personalized offers and advertising is available with the offer or the advertising and/or the eKool website (under Settings> Privacy settings).
  55. 6.4 General and introductory information about the services offered by eKool as well as the information relating to performance of the concluded contract, shall not be considered personalized offers and advertising. The customer cannot refuse receipt of such information.
  56. 6.5 eKool can use information technological measures that enable to process information on the reading of the e-mails and SMS messages sent to the customer by eKool and on the use of the links attached to them, as well as information on the use of eKool website.
  57. 6.6. eKool has the right to process customer data to investigate customer behavior, to conduct surveys to that end, to analyze the resulting data and use it to develop new products and services and to improve the quality of the service. The third party may also conduct an investigation of customer behavior.

  58. 7. Changing of customer data and termination of processing thereof
  59. 7.1 The customer is obliged immediately to inform eKool of any changes that are made in the customer data provided in contracts or other documents submitted to eKool
  60. 7.2. eKool regularly checks whether the customer data is complete and correct.
  61. 7.3 The customer is obliged to inform eKool when he/she finds that his/her customer data is inaccurate.
  62. 7.4 If the customer finds that processing of his/her customer data is not allowed according to legislation, the contract entered into with him/her and/or the customer data processing principles of eKool he/she is entitled to require termination of processing and/or disclosure of his/her customer and/or enabling access thereto and/or deletion of the collected customer data.
  63. 7.5. eKool processes customer data for as long as is necessary to achieve the purposes of the processing of customer data or to comply with legal obligations.
  64. 7.6 If the customer requires the termination of the processing of his/her customer data and/or deletion of the collected customer data, eKool is entitled to, extraordinarily and without notice, terminate the contracts entered into with the customer if eKool cannot reasonably continue the execution of the contracts.

  65. 8. Protection of customer rights
  66. 8.1 The customer is entitled to receive from eKool information about the customer data regarding him/herself and regarding its processing according to the procedure and to the extent provided for in legislation.
  67. 8.2 If a customer believes that in customer data processing his/her rights are infringed, he/she has the right to seek termination of the infringement by turning to eKool in writing at the e-mail address hello@ekool.eu or postal address Telliskivi 60/1, Tallinn, 10412.
  68. 8.3 The customer has the right at any time, in the event of infringement of his/her rights to turn to the Data Protection Inspectorate, or the competent court.
  69. 8.4 If it is found that in the course of processing of customer data, customer rights have been infringed, the customer is entitled to demand compensation for damages caused by the infringement.
  70. 8.5. eKool is not responsible for the principles of the other customers who have access to customer data which they apply when processing customer data and is not responsible that the other customers who have access to customer data ensure the confidentiality of the data (i.e., responsibility for entering and processing the study-related customer data and for provision an access thereto lies on the student's school and the school employees; personal data can be changed both by students and parents; the customers posts on the eKool website can be accessed also by other customers designated by the school).
  71. 8.6. eKool will not be liable for the principles of processing of customer data entered by the customer into the links referred to in section 6.5 or the protection of its confidentiality.

  72. 9. Change and application of the customer data processing principles
  73. 9.1. eKool has the right at any time, to unilaterally change the principles provided herein, in accordance with applicable legislation.
  74. 9.2. eKool informs the customer of the change in the principles on the eKool website for at least one (1) month before the change takes effect, except where the principles are amended only due to changes to legislation.
  75. 9.3 Customer data processing principles apply to processing of the customers data of all customers, including customer relations, which emerged before the entry into force of the principles.
  76. 9.4 Customer data processing principles replace the former privacy policy.