Privacy and Cookie Policy

Cookie Policy

This Cookie Policy applies to cookies we, at AKTSIASELTS HELMES (BR code 10364097, located at Lõõtsa 6, 11415, Tallinn, Estonia) collect about individuals who visit this website.

Our Cookies Policy explains what cookies are, how we use cookies, how third parties we may partner with may use cookies on the Service, your choices regarding cookies and further information about cookies.

What are cookies?

Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognize you and make your next visit easier and the Service more useful to you.

Cookies can be “persistent” or “session” cookies.

How We use Cookies

When you use and access the Service, we may place a number of cookies files in your web browser.

We use cookies to enable basic functions of the Service, to provide analytics to help Us understand how Our visitors interact with Our website, to store your preferences, and to enable relevant advertisements delivery, including behavioural advertising.

We use both session and persistent cookies on the Service.

Third-party cookies

In addition to our own cookies, we may also use various third-parties cookies to report usage statistics of the Service, deliver advertisements on and through the Service, and so on.

Website Analytics

Analytics cookies collect information about your use of our website. However, analytics shows us only overall patterns of use on the website rather than information about any individual visit or visitor. Analytics helps us understand what parts of our website are appreciated and what parts are not, for us to improve your experience on the website. It helps us find problems with the website and teaches us what advertising campaigns are relevant for you and our other visitors.

This website uses Google Analytics, a web analytics service offered by Google Inc., that tracks and reports website traffic. Google Analytics mainly uses first-party cookies to report on user interactions on this website. The information generated by cookies regarding your use of the website (including your IP address) is sent to and stored on Google servers in the United States. Google will use this information to track and examine your use of the website, compile reports on website activity for the website operators and supply other services relating to website activity and internet use. Google may also transfer this information to third parties if required by law or if these third parties process the aforesaid information on behalf of Google. Google will not associate your IP address with any other data owned by Google. You may refuse to use cookies by selecting the appropriate setting on your browser, but this may prevent you from using all the functions of this website. By using this website, you agree to your data being processed by Google by the aforesaid means for the aforesaid purposes. For information regarding Google’s privacy policy, please click here.

Online Advertising

Online advertising cookies collect information on your activities and interests indicated across our website, enabling us to display relevant, targeted advertising in third-party channels (search engines, social media and advertising networks). Information about how you can control ads in the respective services is described in the privacy and cookie policies provided by the respective service.

This website uses the following third-party cookies for remarketing:

  • Google AdWords, an online advertising service offered by Google Inc. For more information on the Google privacy and cookie policy, please click here
  • Facebook Ads, an online advertising service offered by Facebook Inc. For more information on Facebook privacy and cookie policy, please click here
  • Linkedin Ads, an online advertising service offered by Linkedin Inc. For more information on the LinkedIn privacy and cookie policy, please click here

What are your choices regarding cookies?

If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.

More information about how to manage cookie preferences on the most popular browsers can be found here:

Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.

Privacy Notice

This Privacy Notice applies to information we at AKTSIASELTS HELMES (BR code 10364097, located at Lõõtsa 6, 11415, Tallinn, Estonia) collect about individuals who interact with our organisation. It explains what personal information we collect and how we use it.

For the purpose of the General Data Protection Regulation (“GDPR”) the Data Controller is AKTSIASELTS HELMES. If you have any comments or questions about this notice, feel free to contact us at privacy@helmes.com.

Personal data that we process:

    The following table explains the types of data we collect and the legal basis, under current data protection legislation, on which this data is processed.

    PurposeData types (key elements)Lawful Basis
    Recruitment (Helmes acts as a Data Controller)Data specified in the enclosed CV and application letter, in particular your name, e-mail address, address, date of birth, qualifications, experience, skills, your employment history and any other information you provide during the application process online or in person.
    If you contact us, we may keep a record of that correspondence.
    Details of your visits to Greenhouse’s Website (we use Greenhouse Software, Inc. an online application to assist with the recruitment process) including, but not limited to, traffic data, location data, weblogs and other communication data, the site that referred you to Greenhouse’s Website and the resources that you access.    		We rely on your consent as the lawful basis on which we collect and use your personal data.
    Sourcing and recruitment (Helmes acts as a Data Controller)We may collect data from other parties as part of the recruitment process from sources like the following:
    – public sources and social media sites;
    – information from recruitment agencies that you have asked to support you in finding a job.    		We rely on legitimate interest as the lawful basis on which we collect and use your personal data.
    Contact requests (Helmes acts as a Data Controller)Information that you provide when you fill out a contact request on our website, in particular your name and contact details.
    If you contact us by e-mail, we may keep a record of that correspondence.    		We rely on your consent as the lawful basis on which We collect and use your personal data. We do not share the personal information you have submitted to Us for any other purpose, than contacting you and providing quality service, without asking your consent first.
    Providing ICT services to Helmes’ Clients (Helmes acts as a Data Processor)Information provided by Helmes’ clients.The personal data for which Helmes’ client is the data controller is processed on the basis of a contract between the client and Helmes or legal acts that regulate at least the issues provided for in Article 28 of the General Data Protection Regulation.

    How we use your data

      We will only use your data in a manner that is appropriate considering the basis on which that data was collected, as set out in the table at the top of this policy.

      • Recruitment purposes and data storage:

      We use Greenhouse, an online application provided by Greenhouse Software, Inc, to assist with Our recruitment process. We use Greenhouse to process personal information as a data processor on Our behalf. Greenhouse is only entitled to process your personal data in accordance with Our instructions. Where you apply for a job opening posted by Us, these Privacy Notice provisions will apply to Our processing of your personal information.

      • Purposes of processing

      We use information held about you in the following ways:

      • To consider your application in respect of a role for which you have applied.
      • To consider your application in respect of other roles.
      • To communicate with you in respect of the recruitment process.
      • To enhance any information that we receive from you with information obtained from third party data providers.
      • To find appropriate candidates to fill Our job openings.
      • To help Greenhouse improve their services.

      We do not use automated decision making of profiling in our recruitment process.

      • Security

      We take appropriate measures to ensure that all personal data is kept secure including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

      We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where We are legally required to do so.

      Unfortunately, the transmission of information via the internet is not completely secure. Although We will do Our best to protect your personal data, We cannot guarantee the security of your data transmitted through any online means, therefore any transmission remains at your own risk.

      Where we store your personal data in our own systems, it is stored on our secure servers within the EEA.

      The data that We collect from you and process using Greenhouse’s Services may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for Us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your orders, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing.

      In particular, your data may be accessible to:

      i) Greenhouse’s staff in the USA or

      ii) may be stored by Greenhouse’s hosting service provider on servers in the USA as well as in the EU.

      If you would like further information please contact Us (see ‘Contact’). We will not otherwise transfer your personal data outside of the United Kingdom OR EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

      How long we keep your personal data

      We will hold all the data for the duration of the recruitment process.

      Your personal information will be deleted on one of the following occurrences:

      • deletion of your personal information by you (or by another person engaged by the Customer); or
      • receipt of a written request by you (or another person engaged by the Customer) to us.
        • Contact requests/sales purposes and data storage:
      • Security

      We take appropriate measures to ensure that all personal data is kept secure including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

      We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where We are legally required to do so.

      Unfortunately, the transmission of information via the internet is not completely secure. Although We will do Our best to protect your personal data, We cannot guarantee the security of your data transmitted through any online means, therefore any transmission remains at your own risk.

      Your personal data is stored on our secure servers within the EEA.

      We will not transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

      We will hold all the data for 24 months.

      Your personal information will be deleted on the receipt of a written request by you to us.

      • ICT Services purposes:

      Helmes processes the personal data of third parties only if ordered by and separately agreed with the client. Here, Helmes acts as a data processor, processing data on the behalf of the relevant Helmes’s client. As required by the General Data Protection Regulation, the personal data for which Helmes’s client is the data controller is processed on the basis of a contract between the client and Helmes or legal acts that regulate at least the issues provided for in Article 28 of the General Data Protection Regulation.

      In case Helmes processes personal data related to the contacts of its client’s employees or other representatives, it does so based on the legitimate interest of Helmes. Such personal data may include official e-mail addresses which include personal data, phone number, and job title of the contact. It is in Helmes’ interest to communicate with the client’s representatives to ensure smooth provision of services, ask for feedback and provide informational or marketing materials.

      Helmes processes personal data with great care and takes all reasonable precautions and measures. Also, Helmes has designed and implemented internal processes to guarantee the security, confidentiality, and integrity of personal data. Helmes internal processes are ISO 9001 certified.

      Helmes has implemented the ISMS (Information security management system), which is ISO 27001 certified. ISMS defines different information security management policies. The main principles and measures are as follows:

      • The confidentiality, integrity, and availability of Helmes premises and assets (incl data) is ensured by implementing User Access Management, Clear Desk and Screen, Electronic Devices, Cryptographic controls, and Disposal of Physical Media and Sensitive Data, IT Asset Management and other policies.
      • The integrity and availability of Helmes infrastructure is ensured by implementing IT infrastructure security, System and Network Administration, Helmes IS Backup and Suppliers process, and other policies.

      When we share your data

      We will only pass your data to third parties in the following circumstances:

      • you have provided your explicit consent for us to pass data to a named third party;
      • we are using a third party purely for the purposes of processing data on our behalf and we have in place a data processing agreement with that third party that fulfils our legal obligations in relation to the use of third party data processors; or
      • we are required by law to share your data.

      In addition, we will only pass data to third parties outside of the EU where appropriate safeguards are in place as defined by Article 46 of the General Data Protection Regulation.

      How long we keep your data

      We take the principles of data minimisation and removal seriously and have internal policies in place to ensure that we only ever ask for the minimum amount of data for the associated purpose and delete that data promptly once it is no longer required.

      Recruitment and sourcing data is kept for two years.

      Where data is collected on the basis of consent, we will seek renewal of consent at least every two years.

      Rights you have over your data

      You have a range of rights over your data, which include the following:

      1. Where data processing is based on consent, you may revoke this consent at any time;
      2. You have the right to ask for rectification and/or deletion of your information;
      3. You have the right of access to your information;
      4. You have the right to receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
      5. You have the right to object at any time to processing of personal data concerning you for direct marketing;
      6. You have the right to object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
      7. You have the right to object in certain other situations to our continued processing of your personal data;
      8. You have the right to claim compensation for damages caused by our breach of any data protection laws.

      For further information on each of those rights, including the circumstances in which they apply, see the General Data Protection Regulation, or Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

      If you would like to access the rights listed above, or any other legal rights you have over your data under current legislation, please contact us.

      Please note that relying on some of these rights, such as the right to deleting your data, will make it impossible for us to continue to deliver some services to you. However, where possible we will always try to allow the maximum access to your rights while continuing to deliver as many services to you as possible.

      Modifications We may modify this Privacy Notice from time to time and will publish the most current version on our website. If a modification meaningfully reduces your rights, we’ll notify people whose personal data we hold and is affected.