PRIVACY POLICY

1. Introduction  

Postoplan OÜ is committed to protecting your privacy and ensuring you have a positive experience when using the services we provide, which we generally refer to as Postoplan or Postoplan services. 

Scope of this Privacy Policy

This Privacy Policy explains how we handle data, including what we collect and how we obtain it, how we use it, when and if we disclose it, and some of your options for managing your data with Postoplan OÜ with regard to:

  • the services we provide, which we generally refer to as Postoplan or Postoplan services
  • our website https://postoplan.com/.

Who are we and how to contact us?

This Privacy Policy explains how personal data is processed by Postoplan OÜ, a company incorporated in Estonia and having its registered office at Harju maakond, Tallinn, Kesklinna linnaosa, Vesivärava tn 50–201, 10152, Estonia.

The words “we”, “our”, “us” refer to Postoplan OÜ. 

If you have questions, please contact the support team at [email protected] 

What data, for what purposes, how long, and based on what grounds do we process as a Controller?

Purpose of Processing

Data Subjects:

Categories of Data

Storage Period

Legal Basis

to create a Postoplan account for you

Our potential customers andtheir representatives:

email address; data from Google or Facebook account (user photo; user id; user name)

Until the termination of a contract or until the deletion of an account whichever happened earlier, and within the terms specified by law 

processing is necessary for the performance of a contract to which you are party.

We will not be able to provide you with our service if you fail to provide the data

to provide Postoplan service for you

Our customers and their representatives:

last name and first name or nickname; secret keys; access tokens and statistics; email address; account data (user access level, balance, tariff plan)

  Until the termination of a contract or until the deletion of an account whichever happened earlier, and within the terms specified by law

to receive a payment from you

Our customers and their representatives:

payment ID; payment data (card number; payment system; month and year; CVC code) 

to support users of our Facebook page

Facebook users:

last name, first name; Facebook account; the message content

5 years from the date of the last request or until you object to such processing whichever happened first 

our legitimate interests to improve the quality of our service

to collect your feedback about our service

Our customers and their representatives:

name; email address; used language of the Postoplan admin panel

to support you with various help queries received

Our potential customers, customers and their representatives:

first and last name or nickname; email address; request subject; request content including the attached file, ticket number

Our potential customers:

5 years from the date of the last request or until you object to such processing whichever happened first



 

Our customers and their representatives:

Until the termination of a contract or until the deletion of an account whichever happened earlier, and within the terms specified by law.

processing is necessary for the performance of a contract to which you are party.

We will not be able to provide you with our service if you fail to provide the data

to send you direct email marketing communications about our service

Our customers and their representatives or potential customers:

email address; the time of opening emails; the message content

until you unsubscribe from our mailing list, until the end of campaign, or until the purpose of processing personal data is achieved whichever happened earlier

your consent to receive our newsletter

You may withdraw your consent at any time by clicking the “unsubscribe” link in the email communications we send to you

to better understand your preferences, to help you navigate our website, to personalize and provide a more convenient experience to you, to analyze which pages you visit, and to measure advertising and promotional effectiveness

Our website visitors:

IP–address, GEO (country or town), OS type and version, browser type and version, type of device and its display resolution, traffic source for the visitor, OS and browser language, which buttons are being clicked and what pages are being opened

2 years or until you withdraw your consent whichever happened earlier

your consent to store cookies in your browser

You may withdraw your consent at any time by changing the settings of your web browser as set in our Cookie Policy


As described more below, under the GDPR, Postoplan OÜ is a “Processor” of our customers’ end–customers and subscribers personal data that our customers may process via Postoplan.

Our customers are the “Controllers”. We follow their directions regarding this data, and may store it, delete it, or disclose it at their direction.

The data processing practices related to cases when we act as a processor and process on behalf of our customers are described in our Data Processing Agreement (DPA). You can review and digitally sign a copy of the DPA by emailing [email protected]. We will countersign it and provide you with a fully executed downloadable copy via email within 10 business days.

Specific categories of data which we process on our customers’ behalf include:

With regard to end–customers and subscribers: name, family name (nickname); photo (user picture); the content of messages sent; the date and time of messages sent.

We process the data provided by our customers until the termination of our Terms of use with them and within the terms specified by applicable law.

Who do we share your data with?

We use third–party service providers to help us provide portions of the Postoplan OÜ services and give support. Examples of these third parties include our payment processor and hosting provider.

They only receive data needed to provide their services to us. We have agreements with our service providers that say they cannot use any of this data for their own purposes or for the purposes of another third party.

We prohibit our service providers from selling data they receive from us or receive on our behalf.

We require service providers to use data only in order to perform the services we have hired them to do (unless otherwise required by law). For example, we may use a company to help us provide client support. The information they may receive as part of providing that support cannot be used by them for anything else.

Acting as a Controller we share your data with the following processors:

Processors, their Location and the Link to Privacy Policy / Website if applicable

Purpose of Transfer

Omniplatforma SRL and Curca Dumitru ÎI (Republic of Moldova), Privacy Policy

CRM (Omnidesk) Service Provider

Facebook Inc. (the USA), Privacy Policy

Contextual Advertising Service Provider (Facebook Pixel)

Google LLC (the USA), Privacy Policy

Email Service Provider

Web Analytics Service Provider (Google Analytics, Google Tag Manager)

SendPulse Inc. (the USA), Privacy Policy

Email Marketing Provider

Twilio Inc. (the USA), Privacy Policy

Email Marketing Provider

Slack Technologies Inc. (the USA), Privacy Policy

Communication Service Provider

Stripe, Inc. (the USA), Privacy Policy

Online Payment Provider

Yandex LLC (Russia), Privacy Policy

Web Analytics Service Provider (Yandex Metrica)

Hetzner Online GmbH (Germany), Privacy Policy

Hosting Service Provider

P.A.G.M. OÜ (Estonia), Privacy Policy

Server Control Panel

 

Acting as a Processor we share the data provided by our Customers with the following sub–processors:

Purpose of sub–processing

Processors, their Location and the Link to Privacy Policy / Website if applicable

Safeguards for restricted transfers (outside the EEA and ‘adequate’ jurisdictions)

Hosting Service Provider

Hetzner Online GmbH (Germany), Privacy Policy

Adequate country

Server Control Panel

P.A.G.M. OÜ (Estonia), Privacy Policy

Adequate country

Cookie Polic

What is a cookie?

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

What do we use cookies for?

Postoplan OÜ uses cookies for the following purposes:

  • to better understand your preferences, 
  • to help you navigate our website, 
  • to personalize and provide a more convenient experience to you, 
  • to analyze which pages you visit, and 
  • to measure advertising and promotional effectiveness.

Cookie List

  • Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
  • Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
  • Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers.
  • Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
  • What can you do if you do not want storing cookies to be set or want them to be removed?

You are able to withdraw the consent to store cookies by changing the settings of your web browser.

You may see the cookie management instructions published by the browsers vendors at Google Chrome, Safari (Desktop, Mobile), Firefox, Internet Explorer respectively.

Your rights

You have the following rights under the GDPR concerning personal data: the right to information, right to access, right to rectification, right to withdraw consent, right to object against processing for specific purposes (such as direct marketing), right to object to automated processing, right to be forgotten and right for data portability (copy of personal data in a commonly used machine–readable format).

You may also exercise the mentioned rights by contacting us via email at [email protected] .

You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or where an alleged infringement of the GDPR has taken place.

7. Contact Us

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

If you have any questions about this Privacy Policy, please contact us.