Home / Data protection

Data protection

Hybrens OÜ is a regional solar energy product distribution company.

In the course of our activities, we collect, store and use your personal data with the aim of providing you with the best product solutions, service and fulfilling the contracts concluded with you. Your privacy is important to us and we comply with all applicable laws and regulations regarding any personal data we may collect about you when you visit our website www.hybrens.ee. By using our website, you agree that we collect and use your data in accordance with this privacy policy.

Data processor and controller

The processor and controller of personal data is Hybrens OÜ, register code 16357906, address Nooruse 1A, Tabasalu 76901, Harjumaa, Estonia, e-mail info@hybrens.com.

We collect and process information in accordance with the General Data Protection Regulation (GDPR) of the European Union, which entered into force on 25.05.2018.

Collection, processing and use of data

Hybrens OÜ uses the data of those who have sent a question about our products/services via contact form or email, or have previously used products/services or are still using products/services. We collect and use the data of regular customers and contacted persons (including “old” or “inactive customers”).

We are processing following personal data:

  • personal data and contact details, e.g. first name, surname, personal identification code, residential address, e-mail address, telephone numbers;
  • data of legal person’s representatives, e.g. first name, surname, personal identification code, residential address, e-mail address, telephone numbers;
  • payment and finance data, e.g. payment method, account number, bank and card data, data of financial behavior;
  • data concerning purchase of products and using services, e.g. method of delivery, reclamations;
  • data of communication, e.g. data inserted in our web contact form, data changed via e-mails, messages, social media platforms;
  • online identifier, e.g. cookies data.;
  • IP-address, maintaining security of information system and securing compliance with the requirements of the terms of use;

Please note that upon deficiency of data listed in p-s 1-5, we may not be able to conclude or fulfill contracts.

We use personal data from following third persons:

  • national registers, commercial register, population register or other public source or register. We collect and use this data to confirm data accuracy;
  • business partners if we have your consent or it is enabled by law.

Purpose and legal grounds of processing personal data

We process the personal data of Hybrens OÜ customers, i.e. service users, in order to fulfill our contractual obligations. We use the personal data of customers and also the information received from them in order to offer existing and potential customers higher quality service and more accurate information. If Hybrens OÜ processes personal data for the mentioned purposes, the legal basis for processing the collected personal data is our legitimate interest in ensuring the correct and, if possible, higher quality provision of the offered service.

We are processing personal data to:

  • identify data subject;
  • conclude, alter or fulfill our sales or service contracts;
  • precontractual negotiations;
  • proceed inquiries and applications by clients or partners, including via web;
  • solve claims or guarantee demands by clients or partners;
  • exercise rights and obligations arising from legislation;
  • fulfil accounting and audit obligations;
  • in the legitimate interests of Hybrens to avoid violation of law or damage;

We are processing personal data in accordance with EU regulations and Estonian legislation.

Principles of processing personal data

We are following principles upon processing personal data:

  1. Legality and fairness – personal data is processed legally and fairly.
  2. Purposefulness – personal data is collected for specified, explicit and legitimate purposes and it shall not be processed in any manner which is incompatible with these purposes.
  3. Quality – personal data must be adequate and appropriate and must not be excessive given the purposes of the data processing.
  4. Accuracy – personal data must be accurate and, if necessary, kept up to date; reasonable measures are taken to ensure that any personal data which is inaccurate with respect to the purpose of data processing shall be erased or rectified without delay.
  5. Retention – personal data is retained in the format which enables to identify the data subject only until this is necessary for achievement of the purpose for which the personal data is processed.
  6. Security – personal data is processed in a manner that ensures appropriate security thereof, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, by means of implementing appropriate technical or organizational measures. We apply physical, technical and organizational measures to protect personal data and manage risks. We follow risks and keep them reasonably under control.

Rights of data subjects

Natural person has following rights according to General Data Protection Regulation:

  • Right for information –right to know which personal data is retained and how it is processed.
  • Right for rectification of the personal data of the data subject – right to demand for rectification of insufficient and false personal data.
  • Right to withdraw consent for processing personal data – if processing of personal data is done with consent, this consent can be withdrawn.
  • Right to erasure (‘right to be forgotten’) – right to demand that we delete personal data. We have the right to decline – if processing of personal data is necessary for compliance with legal obligations, for exercising the right of freedom of expression and information, for the establishment, exercise or defense of legal claims or for reasons of public interest.
  • Right to restriction of processing – data subject has the right in certain cases to restrict or limit processing of personal data (e.g if the data subject has objected to processing).
  • Right to object – the data subject has the right to object to processing of personal data concerning him or her, which we shall respond within reasonable time.
  • Right to data portability – if processing of personal data is based on consent and is automatic, the data subject has the right to receive the personal data concerning him or her in a structured, commonly used and machine-readable format.
  • Automated individual decision-making, including profiling – if we have notified person of making decisions based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, the person may demand not to be subject to a decision based solely on automated processing.
  • Complaint procedure. Person has the right to file a complaint to the Estonian Data Protection Inspectorate: e-mail info@aki.ee.

We ask you to send questions concerning processing of personal data to our email info@hybrens.com.

Confidentiality of personal data

We keep your personal data confidential. Personal data is not disclosed to third persons, unless the data subject has explicitly asked for it or given consent, it is enabled by law or obligations towards Hybrens are not fulfilled. We have the right to use personal data for protecting our rights and forward data for the protection of our rights to third persons (court etc).

If we ask another company to process personal data under subcontract, we shall use service provider guaranteeing us compliance with General Data Protection Regulation (including security measures).

Hybrens OÜ uses third parties for its day-to-day operations, who offer:

  • Zone – website hosting
  • Google – website usage statistics analysis
  • Facebook – social media usage and social media statistics analysis

In addition to the third parties mentioned in the previous point, Hybrens OÜ transmits the user’s personal data to the cooperation partner. This is only to the extent necessary to provide the service to the user. Personal data is processed in the European Economic Area (EU countries, Norway, Iceland and Liechtenstein). If transmission of personal data outside the European Economic Area is required, it is done according to General Data Protection Regulation.

Retention of personal data

Retention period is as long as it is obligatory or permitted by law or necessary for the interests of our business.

The term of data retention depends on whether it is necessary to respond to the requests of data subjects, the legal requirements for the retention of documents adapted to different problems and needs. If the legislation does not require the storage of personal data and Hybrensa OÜ does not need them, we will delete this personal data. In this case, we can only use the personal data provided for statistical purposes and in an anonymized form.

Security measures

Hybrens has implemented processing rules, organizational, technical (including IT) and physical security measures to protect personal data. Security measures apply to all information systems, processes of human activity, including employees, suppliers, clients and service providers.

Hybrens follows EU regulations and Estonian legislation of personal data protection.

Cookies

Hybrens uses cookies on website. Cookies are small text files that your web browser places on your computer or smart device when visiting our website and enables to remember your user preferences. Cookies are designed to ensure personalized user experience and convenient navigation on website.

Accepting cookies is consenting to the rules of this policy.

If you prefer not to receive cookies, you may set your browser to refuse all cookies. For that activate private browsing or cookies blocking function in your browser. Different browsers provide different measures on how to manage cookies. Please note that if you opt out of the cookies, we cannot be sure that our website will function.

We use cookies only to capture and analyze the statistical data for improving our site and applications. We use the Google Analytics Website Analysis Service to capture statistical data on the number of website visitors, the pages visited, the total length of time spent on our website, used devices and other statistics.

Data Protection Policy and Changes

Data protection rules are available on Hybrens website. By using or interacting with the website or our services, you, as a user of our website or as our client, agree to the provisions of this policy and confirm that you have read and understood all of the provisions stated in the policy. Data Protection Policy is renewed according to the relevant changes in data processing.

Hybrens OÜ reserves the right to change the data protection conditions unilaterally. When the data protection conditions are updated, we will also introduce the changes to the information on the website. If you continue to visit and use our website after the privacy policy has been updated, we will treat it as your tacit consent to the changes.

Last modified 15/02/2023