This Privacy Policy explains how Hansab IT Solutions OÜ (“we,” “us,” or “our”) processes your personal data when you use our payment acceptance mobile application (“the Application”). We are committed to protecting your privacy in compliance with the EU General Data Protection Regulation (GDPR) and other applicable laws.
By using the Application, you agree to the terms of this policy. If you don’t agree, please do not use the Application.
We may update this policy periodically, so we encourage you to review it regularly. Your continued use of the Application after any changes means you accept them. This policy does not apply to third-party stores from which you install the Application. We are not responsible for how they collect or use your data.
Who This Policy Applies To
Merchants/Users: Individuals who use our Application for business purposes. This includes employees or representatives of legal entities.
Buyers: Customers of our Merchants who make a payment and may choose to receive a digital receipt.
Data We Collect
We or our processors collect the following types of data to provide our services:
Merchant Data
Personal Data: Information you provide voluntarily, such as your name, email address, and physical address.
Derivative Data: Information our servers automatically collect when you access the Application, such as technical logs. This is considered personal data only if it can be used to identify you.
Mobile Device Data: Information about your device, including its ID number, model, manufacturer, and operating system version. This is considered personal data only if it can be used to identify you.
Buyer Data
Financial Data: Masked payment card number, expiration date, transaction amount, and other transaction details. We process this data only for payment transactions.
Personal Data: An email address or phone number is collected if a Buyer voluntarily provides it to receive a digital receipt. This data is used solely for that purpose.
Why We Process Your Data
We process your data to fulfill our contractual obligations and for other legitimate purposes, including:
Creating and managing your account.
Processing payments and other transactions.
Improving the Application and your user experience.
Notifying you of updates.
Preventing fraudulent or illegal transactions.
Delivering digital payment receipts.
Resolving disputes and providing customer support.
How We Share Your Data
We may share your personal data with third parties in the following situations:
To Comply With the Law: We may disclose your data if required by law or to protect our rights, property, and safety, or the rights, property, and safety of others.
With Third-Party Service Providers: We may share your data with service providers who perform functions on our behalf, such as payment processing and data analysis. We only share the data necessary for them to perform their services.
In Case of Business Sale or Bankruptcy: Your information may be transferred to a new entity if we reorganize, merge, or sell our assets.
Data Retention
We only retain your personal data for as long as necessary to achieve the purposes for which it was collected.
Merchants: We keep your data for the duration of your use of our services and for an additional 18 months after your agreement is terminated.
Buyers: We retain your personal data for one month after processing it to deliver a payment receipt.
Legal Obligations: We may keep some data for a longer period if required by law.
Data Security
We and our processors use administrative, technical, and physical security measures to protect your personal data. We comply with Payment Card Industry (PCI) standards and do not store unnecessary data.
Your Rights
Under GDPR, you have the right to:
Access your personal data.
Correct inaccurate or incomplete data.
Request erasure of your data when it is no longer necessary for the purposes for which it was collected.
Restrict the processing of your data in certain circumstances.
Receive your data in a structured, machine-readable format and transmit it to another controller (data portability).
Object to the processing of your data based on legitimate interest.
Withdraw your consent at any time.
File a complaint with a data protection authority if you believe we have violated your rights.
The relevant data protection authorities are:
Estonia: Estonian Data Protection Inspectorate
Latvia: Data State Inspectorate
Lithuania: State Data Protection Inspectorate
Contact Us
If you have any questions or wish to exercise your rights, please contact us. For security purposes, we require written requests sent by registered mail or email. We will respond to your request within one month.
Address: Keevise 11, Talinn 11415
Email: itinfo@hansab.ee
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.