Privacy policy

Privacy policy

In creating our privacy policy we were guided by the responsibility that PRIVACY is a prerequisite self-establishment and for the creation of one’s identity. It is a part of every person’s fundamental rights. This is why we have a goal to protect the rights of those who provide us with information about themselves. Accordingly, we have created the privacy policy principles at hand, which contains data collection, processing, disclosure, sharing and deletion. In its activities, Metaprint relies on a number of legal basis including EU legislation and regulations and the laws of the Republic of Estonia.


Data collection and processing

Personal data is collected on the basis of legitimate interest or given consent. The data collected about an individual is organized in a way which allows it to be transferred from one system to another on request.

When processing personal data, we follow the principles listed below:

  • Lawfulness and fairness – personal data is processed lawfully and fairly;
  • Purposefulness – personal data is collected based on specifically and explicitly defined legitimate purposes and is not processed in a way incompatible with those purposes;
  • Quality – personal data must be sufficient, relevant and not excessive in relation to the purposes of the data processing;
  • Correctness – personal data must be correct and updated if necessary; reasonable measures are taken to ensure that personal data, which is incorrect from the perspective of the data processing purpose, will be deleted or corrected instantly;
  • Retention – personal data is retained in a way which enables an individual to be identified only for as long as necessary to fulfill the data processing purpose;
  • Security – personal data is being processed in a manner which guarantees its security, including protection from unauthorized or illegal processing as well as accidental loss, destruction or damaging of data, by implementing relevant technical and organizational measures.


Personal data of individuals applying for a job or internship

With individuals who have applied for a job or internship, we rely on the information disclosed by the candidate and data collected from public sources. Based on the principle of good faith, we assume that:

  • we are allowed to contact individuals referred to as references by the candidate;
  • the candidate has the right to know what data we have collected about them. They also have the right to familiarize themselves with the data collected and give explanations/objections;
  • information about other candidates will not be disclosed;
  • in case you were not chosen for the job we will retain your data based on your consent, if necessary;
  • access to candidates’ information is limited (meaning it is not publicly accessible). The information can be accessed by third parties (including competent establishments) only by way of exception and as stated by law.


Security measures for the protection of personal data

We have implemented necessary organizational and technical security measures to protect personal data in order to:

  • prohibit unauthorized individuals to access data processing devices used for processing personal data;
  • prevent unauthorized reading, copying, modification or destruction of data from storage devices;
  • prevent unauthorized entry of personal data and the inspection, modification or deletion of stored personal data;
  • prevent the use of the data processing system via data communication devices by unauthorized individuals;
  • provide access to a user with authorized access to an automated data processing system, limited to personal data covered by his/her access authorization;
  • ensure the possibility to verify which establishments the personal data has been shared with or have been able to access personal data and which establishments this data can be shared with and made accessible to;
  • ensure the possibility to verify which personal data has been entered into the automated data processing system and when and by whom it has been entered;
  • prevent unauthorized reading, copying, modification or destruction of personal data during data transferring process or transportation of storage devices;
  • ensure the possibility to restore installed data processing systems in case of a disruption;
  • ensure the functioning of the data processing system and to inform of any malfunctions that may occur in its operation;
  • prevent personal data from being distorted as a result of system failures.


How to familiarize yourself with data we hold about you

Every person has the right to access data that we have collected. We issue data and documents only upon submission of a handwritten or digitally signed application so that we can be certain of your identity when issuing personal information.

You also have the right to request a modification of incorrect personal data or to object to our processing of your personal information (if we no longer have a legal basis for the use of your personal information). To do that, please submit a handwritten or digitally signed application.


The right to be forgotten

If the data is no longer needed for its original processing purpose, there is no legal interest towards accessing the data or the data subject has simply withdrawn their consent, we will delete personal data or no longer process it.