We process personal data in compliance with applicable personal data protection laws, including the Regulation of the European Parliament and the Council (EU) 2016/679 (“GDPR”) as well as the Personal Data Protection Act of Estonia.
IMPACT 80/20 respects your right to control your privacy. It is important for us that you can exercise your rights. Below you will find details on how to do this.
Terms and definitions
Data subject: Identified or identifiable natural person whose data is processed;
Personal Data: Any information concerning an identified or identifiable natural person (“data subject”); identifiable natural person means a person who can be identified directly or indirectly, in particular on the basis of identifying attribute, including name, personal identification code, location information, network identifier, or on the basis of one or more physical, physiological, genetic, mental, economic, cultural or social characteristics of the natural person;
Processing of Personal Data: Automated or non-automated operation or set of operations, including collection, documentation, organizing, structuring, storing, customizing and modifying, querying, reading, using, transferring, distributing, or making otherwise available, joining or combining, restricting, deleting or destructing of personal data or set of them;
Profile analysis: Any automated processing of personal data involving the use of personal data for the assessment of certain personal aspects of the natural person. In particular, for analyzing or forecasting aspects related to the performance, financial situation, health, personal preferences, interests, reliability, behaviour, location or movement of the natural person concerned;
Controller: Natural or legal person, public entity, agency or other body which alone or in cooperation with others determines the objectives and means of the processing of personal data; if the objectives and means of such processing are determined in the law of the Union or the Member State, the specific criteria for the Responsible Processor or for assigning the one may be established in the law of the Union or the Member State;
Processor: Natural or legal person, public entity, agency or other body processing personal data on behalf of the controller;
Set of data: Any organized set of personal data from which data can be derived on the basis of certain criteria, regardless of whether the set of data is functionally or geographically centralized, decentralized or distributed;
Recipient: Natural or legal person, public entity, agency or other body to whom personal data is disclosed, whether or not it is a third party. The public entities which can obtain personal data as a result of specific inquiry in accordance with the law of the Union or the Member State, are not deemed to be recipients; these public entities process such data in accordance with applicable data protection standards in the basis of the processing purposes;
Third Party: Natural or legal person, public entity, agency or body, excluding the Data Subject, Controller, Processor and persons who can process personal data under the direct responsibility of the Controller or Processor;
“Consent” of the Data Subject: Voluntary, specific, conscious and unambiguous statement by which the Data Subject in the form of an application or by explicit consent, agrees with the processing of his/her personal data.
Company name: IMPACT 8020 OÜ
Address: Pärnu Str. 102b, Tallinn 11312
Phone: +372 688 8098
Data Protection Officer of IMPACT 80/20 can be contacted by e-mail .
What personal data IMPACT 80/20 collects and how is the data used?
Website browsing statistics
IMPACT 80/20 wants to make its website as easy to use as possible. In order to improve the user experience, the following information will be stored when you visit IMPACT 80/20 website: type and version of the browser, device type and operating system, IP address, duration and time of the visit, pages visited, as well as demographic information, such as the preferred language and location. The information collected as statistics of the website browsing is used anonymously and we do not match it to any particular physical person.
In order to collect and analyze the above data, IMPACT 80/20 uses automated tool Google Analytics. You can always disable collection of your data by Google Analytics as described here.
The server that hosts the IMPACT 80/20 website can also save your requests to the server (opened URLs, type of the web browser and the device used, IP address, time of access). This data is used only for technical purposes – to ensure proper functioning and security of the website and for investigating any security issues.
What are Cookies?
Cookie is a small text file saved by website on your computer or mobile device when you visit the website. It allows the website to remember your activities and preferences for a longer period so that you do not have to re-enter them when you return on the site or when you move from one page to another.
How IMPACT 80/20 uses the Cookies?
However, please be aware that the website also uses persistent cookies that are stored on your computer after exiting the browser. These persistent cookies may remain on the user’s computer for days, months, or even years. Such cookies help us also to target ads to you that you see especially in Facebook and/or Google, but also in Instagram and/or YouTube.
How to disable or delete cookies
User can disable or restrict storing of cookies on his/her computer. Furthermore, you can delete all the cookies that have been previously saved on your computer. To do this, you need to change privacy settings of your web browser. Please note that if you do this, you may need to adjust certain preferences manually every time when you visit the websites, and certain services and features may not work.
IMPACT 80/20 can use website visitors’ statistics to analyze the trends and demographics of the website visitors, but IMPACT 80/20 does not create individual profiles of visitors.
If you want to buy IMPACT 80/20 service from the IMPACT 80/20 website or get more information about it, then sharing your personal data with us is necessary. Queries can be submitted by filling the appropriate contact form or by sending an email to the address .
In order to be able to respond to your queries, we may collect the following personal information: Your name, contact details (e-mail, telephone number), and position, company name and contacts. When you submit the contact form, all the information that have been previously collected by cookies will be associated with your personal data transmitted through the contact form. In other words, the so-called contact’s history is created. For preparing the offers, we also use the data transferred by Creditinfo in response of our queries about the company and its representatives.
The legal basis for such processing of the personal data is processing of personal data for the performance of the contract entered into with the data subject, or for taking measures prior to the conclusion of a contract in accordance with the data subject’s request (GDPR, Sec. 6(1)(b)). Access to the personal data mentioned above is granted for employees of IMPACT 80/20. If you submit your query in the contact form, your personal data can also be accessed by our IT partner. We implement appropriate technical and organizational measures to ensure safety of the personal data.
After we have responded to your query, we may keep your personal data to facilitate further communication with you. The legal basis for such processing is the legitimate interest (GDPR Sec. 6(1)(f)) of IMPACT 80/20 to ensure fast communication with its customers and other people who have shown interest in our company and its services.
Providing service to the customers
When IMPACT 80/20 provides service for you or your company, personal data is also processed and therefore sharing of your personal data with us is necessary.
Processing of the personal data of our customers, in particular, for preparation, conclusion and performing of contracts and offers. In this purpose, we process the following personal data: names, contact details and positions of company representatives, data communicated by Creditinfo about the company and its representatives. This personal data is processed as long as the contract is valid and in addition to IMPACT 80/20 employees, the data is also accessible for our contractual accountant. The legal basis for such processing of the personal data is processing of personal data for the performance of the contract entered into with the data subject or for taking measures prior to the conclusion of a contract, in accordance with the data subject’s request (GDPR, Sec. 6(1)(b)).
During the customer relationship and 10 years afterwards, we process personal data of our customers for archiving the customer contracts. IMPACT 80/20 has a legitimate interest (GDPR Sec. 6(1)(f)) for maintaining the customer related documents.
If your company have some arrears, then please note that we process your personal data for managing the arrears until the due amount is paid. For this, we will share your personal data with our contractual accountant. If the invoice due date is exceeded for more than two months, then we have to disclose the arrear on public channels, including creditinfo.ee website. If the invoice due date is exceeded for more than three months, then we have to take the arrears to court. IMPACT 80/20 has a legitimate interest (GDPR Sec. 6(1)(f)) to collect arrears from its customers if arrears have occurred due to services provided to the customers.
We process the personal data of our current customers during the customer relationship and the personal data of our former customers for 3 years after the end of the customer relationship, also for the purpose of potential additional sales. IMPACT 80/20 has a legitimate interest (GDPR Sec. 6(1)(f)) to maintain business relationship with its current and former customers.
Once we have created a website for your company and have given access for you to the administrative software for the website, we will monitor locations of your logins into the administrative software for security reasons during 10 years after the first access to the administrative software. For this purpose, your location data will also be processed by our IT partner. IMPACT 80/20 collects such personal data because IMPACT 80/20 has a legitimate interest (GDPR Sec. 6(1)(f)) to assure security of the websites of its customers.
For its customers and other individuals interested in receiving direct marketing communications, IMPACT 80/20 wishes to communicate relevant news about IMPACT 80/20 Agency and IMPACT 80/20 services, invitations to IMPACT 80/20 events, and other IMPACT 80/20 business related information.
If you subscribe our newsletter at www.impact8020.com, we will send you email newsletters about our company’s activities, new digital marketing solutions and upcoming events (for example, conferences organized by us). For sending email marketing messages, the data we process includes your name, email, and buyer persona (CEO, marketing manager, digital marketing enthusiast and other). When you submit the contact form, all the information that have been previously collected by cookies will be associated with your personal data transmitted through the contact form. In other words, the so-called contact’s history is created.
In certain cases, when natural persons are concerned, we must ask for the consent of the data subject for sending email marketing communications. If you have not given your consent for such processing of personal data, we will not process your personal data for this purpose. Your consent will not expire, but if you no longer want to receive marketing communications, you can conveniently exit from the mailing list by using the link (“remove from the list” or unsubscribe”) found at the end of the message. You are also entitled at any time to object the processing of your personal data for direct marketing purposes.
When IMPACT 80/20 sends you an e-mail, IMPACT 80/20 can collect statistics about your activities on the message, for example, did you open the message, which links did you click, which devices did you use and what are their technical specifications. Such information is saved in the contact’s history.
Sometimes, before sending a newsletter, we evaluate the behaviour of our contacts (contact’s history data, attending the IMPACT 80/20 events, etc.). This is necessary for sending more personalized e-mail communications to you. IMPACT 80/20 has a legitimate interest (GDPR Sec. 6(1)(f)) to understand the needs and preferences of its contacts in order to provide more relevant information to them.
Please be informed that if your data is in our contact database, we may process your name and email or mobile number in order to show ads to you or to people similar with you (so called lookalike audience) in Facebook, Google, LinkedIn and/or Instagram. For these purposes, we process your personal data during 5 years after adding your contact into the database. IMPACT 80/20 has a legitimate interest (GDPR Sec. 6(1)(f)) to send marketing communications to its contacts for maintaining business relationship with them.
For the purpose of processing personal data listed in this section, IMPACT 80/20 employees can access the data. The personal data can also be accessed by the partner providing IT services for us. We implement appropriate technical and organizational measures to ensure safety of the personal data.
What are your rights and how you can exercise them
By contacting IMPACT 80/20 by e-mail , you can exercise the following rights:
- The right to view your personal data;
- The right to correct your personal data;
- The right to delete your personal data;
- The right to transfer your personal data;
- The right that you will not be judged solely on the basis of automated data processing;
- The right to withdraw your consent.
In certain cases, you have the right to demand restriction for processing of your personal data and the right to object processing of your personal data.
You can exercise your rights in accordance with the terms and conditions based on GDPR and other local regulations.
If you believe that your privacy has been compromised, please contact us by the email address below. You also have the right to file a complaint to the data protection supervisory authority of the country of your residence. In Estonia, this is the Estonian Data Protection Inspectorate.
With any questions, please feel free to contact our Data Protection Officer at .