Search
Privacy Notice
This privacy notice (hereinafter “Notice”) explains how Cleveron AS (hereinafter “we” or “us”) processes personal data of individuals who visit our website https://cleveron.com (hereinafter “Website”), representatives of our potential and current business clients, shareholders or representatives of shareholders and other individuals who contact us or whose personal data is processed in the course of our business activities. All such individuals are referred to as “you”.
This Notice describes the processing of personal data by us as a data controller. This means that we individually or along with others determine the purposes and means of the processing of personal data.
1. DATA CONTROLLER
Cleveron AS
Registry code: 11405467
Address: Reinu tee 48, 71020 Viljandi, Estonia
Email:
2. PERSONAL DATA WE PROCESS
2.1 Identification data” – this includes your first name, last name, personal ID number and/or date of birth (if applicable).
Sources of collection of data: we get this data directly from you when you contact us, or from the representative of the company you work for. We may also collect this information from a website of the company you work for or from public registers, such as business register, for the purposes of concluding a contract with the company you represent.
2.2 “Contact data” – this includes your email address and phone number.
Sources of collection of data: we get this data directly from you when you contact us, or from the representative of the company you work for. We may also collect this information from a website of the company you work for or from public registers, such as business register, for the purposes of concluding a contract with the company you represent.
2.3 “Company data” – this includes name of the company you work for and/or your position in the company (if applicable).
Sources of collection of data: we get this data directly from you or from the representative of the company you work for. We may also collect this information from public registers, such as business register, for the purposes of concluding a contract with the company you represent.
2.4 “Communication data” – this includes personal data contained in the correspondence with us.
Sources of collection of data: we get this data when you send us a message either via form on our Website, by e-mail or via other means or when we contact you.
2.5 “Shareholder data” – this includes first name, last name, email address, phone number, personal ID number, number of shares, address and a bank account number (in case of individual shareholders) or first name, last name and personal ID number (in case of a representative of a shareholder).
Sources of collection of data: we get this data directly from you when you or the company you represent, becomes our shareholder. We may also collect this information from the Estonian register of securities.
2.6 “Website visit data” – this includes personal data which is processed upon visiting and using our Website. Depending on the particular cookie we use, the types of personal data may include e.g.: online identifiers, including cookie identifiers, IP addresses, device identifiers, client identifiers or session ID.
Sources of collection of data: we get this data when you visit and use our Website.
3. PURPOSES AND LEGAL GROUNDS FOR DATA PROCESSING
When we process your personal data, we rely on the following legal grounds:
3.1 Consent
In some cases, we need your consent for data processing. You always have the right to withdraw the consent for direct marketing based on consent, by clicking the unsubscribe link in the email that we send to you or by sending us respective email (please Section 1 of this Notice for our contact details). As for cookies, you always have the right to withdraw the consent by changing your preferences on our Website. Withdrawal of the consent does not affect the legality of the processing of your personal data prior to withdrawal.
| Purposes of processing | Personal data that we process |
| Processing of personal data through marketing and analytics cookies.
The processing of personal data through the use of marketing cookies is necessary to deliver advertising that is more relevant to you and your interests. The processing of personal data through the use of analytics cookies is necessary to understand how our Website works, how visitors use the Website and whether there may be technical problems. |
Website visit data. |
| Direct marketing based on the data you have provided to us via the forms on our Website. | Identification data, contact data, company data, communication data. |
3.2 Legitimate interests
We process your personal data based on our legitimate interests for purposes described below. You have the right to ask clarifications regarding the processing based on the legitimate interests. You also have the right to send the objection, if you find that processing of your personal data for the purposes provided below prejudice your rights. Please see Section 1 of this Notice for our contact details.
| Purposes of processing | Personal data that we process |
| Provision of our services via Website. To do this, we process your personal data that we have collected through strictly necessary cookies and similar technologies (which are essential for the provision of the services on our Website). | Website visit data. |
| General business communication with individuals that contact us via sales contact form or partnership contact form on our Website, email, phone or via other means. | Identification data, contact data, company data, communication data. |
| Performance of contract with our business clients and service partners, including pre-contractual negotiations, contract administration and billing. | Identification data, contact data, company data, communication data. |
| Creating and storing a list of sales leads in our customer relationship management system of individuals that contact us via our sales contact form or partnership contact form on our Website or download our product sheet from our Website. | Identification data, contact data, company data. |
| Direct marketing and sales of our products to potential business clients. | Identification data, contact data, company data, communication data. |
| To better interact with our clients (including potential clients) and to provide them information about our services, we manage our Facebook page and Instagram account.
When you visit our Facebook page or Instagram account, we process your personal data. This is done for the following purposes:
|
When you visit our Facebook page or Instagram account, your personal data (such as age, gender or location) and your activity (such as which posts you have read, liked or commented) contribute to the statistical reports (also called ”Insights”) that Facebook or Instagram provides to us. Insights provide us information about our page/account performance, like demographic data about our audience and how people are responding to our posts. The statistics are aggregated, which means that we cannot draw conclusions about specific individuals based on the Insights.
It is also important to note that we lack the ability to influence the creation of Insights and the associated data processing conducted by Facebook or Instagram. Furthermore, we do not possess access to the raw data utilised in the compilation of Insights. When you communicate with us through your Facebook page or Instagram account, we will process your personal data related to your account (your name, photo, etc.), as well as the content of correspondence with you. |
| Retention of contracts and personal data related to performance of contracts after their termination or expiry to be able to submit legal claims if necessary, or to protect us against them. | Identification data, contact data, company data, communication data. |
3.3 Processing necessary for compliance with a legal obligation
We process personal data on this legal ground if the legal obligation for processing arises from the law.
| Purposes of processing | Personal data that we process |
| Accounting and tax administration, including retention of accounting source documents. | Identification data, contact data, company data. |
| Notification of and response to the information requests of public authorities and government institutions. | All relevant data described in Section 2 above. |
| Corporate governance (holding shareholder’s meetings, making dividend payments). | Shareholder data, communication data. |
4. CATEGORIES OF RECIPIENTS OF PERSONAL DATA AND TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
In some cases, we may transfer your personal data to certain recipients who are categorized as follows:
4.1 Independent controllers:
(a) Banks and providers of payment services.
(b) Law firms and auditing firms.
4.2 Partners who provide the services to us, and who process the personal data on our behalf (data processors):
(a) Providers of ICT services (including providers of the Website hosting services and other providers of cloud services);
(b) Various contractors (including IT development and support services).
4.3 Joint controllers as described in Section 5 of this Notice.
4.4 Public authorities and supervisory bodies, e.g., court, law enforcement authorities, Data Protection Inspectorate. We transfer your personal data to public authorities and supervisory bodies only if the law requires it.
Unless necessary for the operation of our business, we do not transfer your personal data outside of the European Union (EU) or the European Economic Area (EEA), nor to such third country or international organization, the level of data protection of which the European Commission has not considered adequate. If your personal data is transferred outside of the EU or EEA, such transfer of personal data will take place only upon appropriate legal basis, and we will take appropriate protective measures.
You have the right to get additional information about the transfer of your personal data by sending us the relevant request using the contact details in Section 1 of this Notice.
5. JOINT CONTROLLERSHIP
5.1 Joint controllership with Meta Platforms Ireland Ltd (the operator of Facebook).
We are a joint controller with Meta Platforms Ireland Ltd (hereinafter Meta Ireland) in relation to the products and services listed below. We have concluded joint controller arrangements with Meta Ireland pursuant to Article 26 of the GDPR to determine the obligations with respect to the obligations under the GDPR concerning joint processing.
For further information on how Meta Ireland processes personal data (the information required by Article 13(1)(a) and (b) of the GDPR), including the legal basis Meta Ireland relies on and the ways to exercise your rights against Meta Ireland, can be found in Meta Ireland’s Privacy Policy at https://www.facebook.com/about/privacy.
(a) Page Insights (aggregated statistics)
When you use Meta’s products, including Facebook Pages, (hereinafter “Pages”), Meta collects and uses the information described in Meta’s Privacy Policy. You can also read more about how Meta uses cookies and similar technologies in Meta’s Cookies Policy.
For Pages, Meta provides statistics and insights to Page admins (like us) that help them understand the types of actions that people take on their Pages (hereinafter “Page Insights”). Page Insights are aggregated statistics that are created from certain events logged by Meta servers when you interact with our Facebook page and the content associated with you. More information about the Insights Data can be found here.
We have agreed with Meta Ireland to be joint controllers for the processing of such personal data in events for Page Insights (in case you visit our Facebook page). Please see the Page Insights Addendum here. We have also agreed with Meta Ireland that for any other processing of personal data in connection with our Facebook page and/or the content associated with it for which there is no joint determination of the purposes and means, Meta Ireland and, as the case may be, we, remain separate and independent controllers.
According to the Page Insights Addendum, Meta has undertaken the obligation to make the essence of the Page Insights Addendum available to data subjects. This is currently done via the Information about Page Insights data page.
6. RETENTION OF PERSONAL DATA
We retain your personal data for the period necessary for the achievement of purposes stated in this Notice or until the law requires it. The retention periods for cookies are described in Section 8 below.
Specific terms of retention can be exercised by accessing your personal data. Please see the explanation in the section “Your rights regarding the personal data”.
7. YOUR RIGHTS REGARDING THE PERSONAL DATA
Right of access to your data: you have the right to know, whether personal data concerning you are being processed or not, what is the purpose of processing and what are the categories of personal data. Besides, to whom the personal data is disclosed (especially the recipients in third countries), for how long the personal data is retained and what are your rights concerning rectification, erasure and restriction of the processing.
Right of rectification: you have the right to demand rectification of the personal data concerning you if the data are inaccurate or incomplete.
Right of erasure: in some cases, you have the right to demand erasure of the personal data concerning you, for example in case when you withdraw your consent and there are no other legal grounds for the processing of the personal data.
Right to restrict the processing: in some cases, you have the right to restrict processing of the personal data concerning you for a certain time (e.g., if you have objected to the processing of personal data).
Right to object: you have the right to object to the processing of personal data, which is processed based on the legitimate interest, including profiling (if relevant). Upon objection, we will no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.
Right to data portability: if processing of your personal data is based on your consent or the contract with us and the data processing is carried out by automated means, then you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. Also, you have the right to claim to transmit those personal data to another service provider if it is technically possible.
Right to turn to us, supervisory authority, or a court: if you want to exercise the above-mentioned rights, please send us an email using the contact details in Section 1 of this Notice. If you find that your rights have been breached, you have the right to turn to the Data Protection Inspectorate and/or court. The contact details of the Data Protection Inspectorate are available at https://www.aki.ee.
8. COOKIES AND SIMILAR TECHNOLOGIES
We use all cookies and other similar technologies, except the necessary cookies, with your prior consent. You always have the right to withdraw the consent by changing your preferences on our website. Should necessary cookies process your personal data, we rely on our legitimate interests in processing of such data.
We may use both session cookies and persistent cookies. Session cookies or in other words non-persistent cookies are cookies that exist only temporarily while you browse our website. Your web browser should delete these cookies when you close your browser. On the other hand, persistent cookies that we use expire at a specific date or after a specific length of time set by the third-party or us.
For your convenience, we have categorised the cookies we use on our website by their purposes as follows:
| Necessary | These cookies are used to enable the basic functionality of the website, which means that without these cookies our website would not function as it should. Due to the nature of such cookies, and in accordance with applicable law, we are entitled to use them without your prior consent. However, if these cookies process personal data, we rely on our legitimate interests upon processing of such data. |
| Functional | Functional cookies enable a website to provide enhanced functionality and personalization. They are essential for certain features of a website to work correctly and enhance the user experience by remembering choices and preferences. Functional cookies are used only based on your prior consent. |
| Marketing (Advertising) | These cookies are used to deliver advertising that is more relevant to you and your interests. Marketing cookies are used only based on your prior consent. |
| Analytics | These cookies are used to understand how our website performs, how visitors interact with the site, and whether there may be technical issues. Analytics cookies are used only based on your prior consent. |
Hereunder we have listed all the cookies used on our website.
| Category | Name | Purpose | Retention period | Provider
|
| Necessary | _cfuvid | The _cfuvid cookie is used to allow the Cloudflare WAF to distinguish individual users who share the same IP address. Visitors who do not provide the cookie are likely to be grouped together and may not be able to access the site if there are many other visitors from the same IP address. | Session | Cloudflare |
| Necessary | __cf_bm | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. | 1 hour | Cloudflare |
| Necessary | cookieyes-consent | CookieYes sets this cookie to remember users’ consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about the site visitors. | 1 year | Cookieyes |
| Functional | wp-wpml_current_language | Used to determine what language should be used for the visitor. | Session | Cleveron
(Cleveron.com) |
| Analytics | __hssrc | This cookie is set by Hubspot whenever it changes the session cookie. The_hssrc cookie set to 1 indicates that the user has restarted the browser, and if the cookie does not exist, it is assumed to be a new session. | Session | Hubspot |
| Analytics | __hssc | HubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. | 1 hour | Hubspot |
| Analytics | __hstc | Hubspot set this main cookie for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session). | 6 months | Hubspot |
| Analytics | hubspotutk | HubSpot sets this cookie to keep track of the visitors to the website. This cookie is passed to HubSpot on form submission and used when deduplicating contacts. | 6 months | Hubspot |
| Marketing | _fbp | Facebook sets this cookie to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising after visiting the website. | 3 months | |
| Marketing | _gcl_au | This cookie is is used to understand and track the effectiveness of ads and manage user interactions with those ads. | 3 months | Google Ads |
| Marketing | test_cookie | doubleclick.net sets this cookie to determine if the user’s browser supports cookies. | 15 minutes | Google Marketing Platform
(doubleclick.net) |
| Marketing | IDE | Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile. | 13 months | Google Marketing Platform
( doubleclick.net) |
9. AMENDMENT OF THIS NOTICE
We have the right to amend this Notice unilaterally. We will notify of amendment of this Notice on our Website, by email or in other manner.