1. General provisions
Docura OÜ entered into commitment to fulfill the responsibility of providing Client Data protection. Proceeding from this, we have devised the main principals of current Privacy Policy applied during collection, utilization and retention of Client Data while using any of Docura Services or Docura.net website visiting. We confirm to process our Client Data in compliance with all appropriate activities and relevant legislation of the European Union (Regulation (EU) 2016/679 of the European Parliament and of the Council) and the Republic of Estonia.
2. Definitions
2.1. Client – natural or legal person who uses or has expressed the willingness to use Docura services or visits the Docura.net website.
2.2. Client Data – Service Data and Personal Data.
2.3. Client Data processing – any operation with Client Data i.e.: collecting, cleansing, saving, editing, amending, analysis, conversion, retention, recovery, publication, transferring and deleting.
2.4. Contract – the agreement between Docura and the Client for providing Docura Services.
2.5. Data Subject – any person whose personal data is being collected, held or processed.
2.6. Docura Services – any services provided by Docura to the Client under the Contract.
2.7. E-Document – a structured message, using an agreed standard, prepared in a computer readable format and capable of being automatically and unambiguously processed.
2.8. Personal Data – any information relating to an identified or identifiable natural person generated while visiting Docura website or providing the Docura services. Personally identifiable information may include, but is not limited to: name, email address and phone number, company name, cookies, website activity data.
2.9. Service Data – is both the terms and conditions of the Contract as well as all data contained in Client’s e-documents.
2.10. Third Party – means a natural or legal person, public authority, agency or body other than the Data Subject, and persons who are authorized to process personal data on behalf of Docura.
3. General Principales of Client Data processing
3.1. Docura collects and processes Client Data only to the extent to which it is needed to achieve the purpose of processing and in a way compatible with their purpose.
3.2. Docura implements organisational and technological measures to provide that the Client Data is protected at the appropriate level of security. Docura uses encrypted communication channels for Client Data exchange.
3.3. Client Data is processed only by authorised staff who has the right to utilize the Client Data only for performing working tasks.
3.4. Docura and her employees are obliged by the requirements of legislation and in accordance with their employment contracts to maintain the confidentiality of the Client Data without any time limit and are liable for any breach of these obligations. Docura provides access to the Client Data only to employees with the relevant training. An employee has the right to process Client Data only to the extent necessary for the fulfilment of the duties appointed to them.
3.5. Docura confirms to process Personal Data in compliance with applicable personal data protection laws, including the Regulation of the European Parliament and the Council (EU) 2016/679 and agreements entered into with the Client.
3.6. Docura demands from all partners with whom it collaborates in processing Client Data that they keep to the same principles for processing Client Data.
4. Client Data collection and utilization
4.1. Service data
4.1.1. Docura collects and uses Client Data to fulfil the contractual obligations and offer the Client access to the services. Docura ensures the secure use of Docura Services, including a secure access to Docura.net application.
4.1.1. Docura collects and uses Client Data to fulfil the contractual obligations and offer the Client access to the services. Docura ensures the secure use of Docura Services, including a secure access to Docura.net application.
4.1.2. To ensure protection of Client Data from Third Parties. The terms and conditions of the Service Data shall be confidential.
4.1.3. Service Data shall not be disclosed to any Third Party without the prior written consent of the Client.
4.1.4. The obligation not to disclose Service Data shall also be binding to Docura and the Client for 5 (five) years after the end of the Contract.
4.1.5. The disclosure prohibition of Service Data does not apply towards organizations who are parties to specific e-document (e.g., sender, receiver, payer, logistic service provider).
4.2. Personal Data
4.2.1. The purpose of Personal Data Docura collects and manages is to inform our Clients about new software features, available services, changes in contract terms, and marketing campaigns. Client has the right to withdraw his consent from participating in marketing campaigns at any time by respective notice.
4.3. Cookies and website activity data
4.3.1. A cookie is a small file which asks permission to be placed on your device. The cookie helps to analyse web traffic. Cookies allow Docura Services to respond to you as an individual. The web application can tailor its operations to the needs of the Client and his preferences by gathering and remembering information about your preferences.
4.3.2. Docura uses traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to Client needs. We only use this information for statistical analysis purposes.
5. Client Data retention
5.1. Docura will retain the Client data not longer than it is needed to fulfil the objectives of processing such data (retention period of Client Data is based on the agreement entered into with the Client), obligation to retain data set legislation and to protect Docura own rights in resolving potential dispute arising from the contract entered into with the Client.
5.2. Client has the right to change the retention period prior to entering the agreement.
5.3. Docura has the right to save all notifications forwarded by the Client using communication means (e-mail, telephone, etc.).

5.4. Following the retention period Docura shall destroy all Client Data in a timely professional manner in accordance with industry standards.

6. Client rights

6.1. The Client has the right to access their Client Data.

6.2. The Client has the right to request for the rectification or amendment of incorrect or incomplete Client Data.

6.3. If the Client finds that the Client Data pcosessing is not permitted according to legislation, the contract signed with him or the general principles of Client Data processing, the Client has the right to end the processing, disclosing and/or granting access to his Client data.

6.4. The Client has the right to request the cessation of the Client Data processing and its further deletion, except in cases where the right and obligation to process data arises from legislation or is required in order to fulfil the contract entered into with the Client or to ensure its fulfilment.

6.5. The Client has the right to receive the information concerning the Third Parties to whom the Client’s Data has been made available or to whom such data is permitted to be made available.

6.6. The Client may contact Docura data protection specialist by e-mailing info@docura.ee in order to obtain explanations regarding the processing of the Client Data or to submit complaints.