Privacy policy

IT Talent OÜ follows the European data protection rules according to the General Data Protection Regulation (EU GDPR) when processing personal data.

To ensure the lawful processing of personal data, we meet the following conditions:

  • The data subject (employee, client, training participant) must consent to the processing of his or her personal data for one or more specific purposes.
  • We process personal data in order to fulfill an agreement entered into with the participation of the data subject.
  • The processing of personal data is necessary for the fulfillment of the legal obligation of the controller IT Talent OÜ.


How we collect your personal data:

  • In particular, we use personal data that you have provided to us upon registration on the website or data that we have generated for us as a result of the company's activities or our service.
  • We receive personal data directly from you when you participate in our training. As well as, when you contact us through our website (by e-mail, letter, call or participate in a campaign organized by us).
  • If you represent our legal entity client, we will receive your personal data upon concluding the agreement or during the performance of the agreement. As a representative of our legal entity client, you can provide us with the personal data of your other representatives and/or training participants.


Purpose of collection the personal data

The purpose of the processing of personal data collected by IT Talent OÜ is to comply with the requirements set by law (incl. The Adult Education Act) and to ensure the quality of training.

Personal data collected by IT Talent OÜ:

  • name,
  • personal identification code,
  • telephone number,
  • Skype contact
  • Telegram contact,
  • email address,
  • level of education,
  • work experience.


Our Privacy Policy Principles:

  • We only collect relevant and necessary personal information. When collecting personal data, we proceed from the purpose of the processing of personal data, ie we do not collect more personal data than necessary.
  • We store personal data in a form that allows the identification of data subjects only for as long as it is necessary to fulfill the purpose for which the personal data is processed.
  • We monitor the accuracy of personal data and, if necessary, supplement, delete, or correct any personal data that is incorrect from the point of view of the purpose of processing.
  • We process personal data reliably and securely. The processing is lawful, fair, and transparent to the data subject.
  • We choose our partners carefully. We require and expect our contractual partners to be careful and ethical in the processing of personal data and to keep personal data secure. Our clients can be both legal entities and individuals.

We process personal data as both a controller and an authorized processor. As the controller, we determine the purposes and means of processing personal data ourselves. As an authorized processor, we follow the written instructions of the controller when processing personal data. As an authorized processor, we process personal data in accordance with the written instructions arising from the data processing agreement entered into with our legal entity client.


For how long we store personal data?

We retain personal data for as long as it is required and permitted by law or necessary to achieve the purposes stated in the Data Protection Rules. We store personal data for at least three years. Upon expiration of the term of storage of personal data, we will permanently delete personal data.


Data subject rights

The data subject has the right to apply to IT Talent OÜ pursuant to law:

  • the right to request information on which personal data concerning the data subject IT Talent OÜ processes;
  • the right to access personal data;
  • the right to request the rectification or erasure of personal data;
  • if there are grounds provided for in legislation, the right to demand a restriction on the processing of personal data or to submit objections to the processing of personal data;
  • the right to request the transfer of personal data;
  • the right not to be the subject of a decision based on automated processing.

We delete the collected personal data as soon as:

  • personal data are no longer needed for the purpose for which we collected them;
  • the data subject withdraws the consent given for processing;
  • the data subject objects to the processing of personal data;
  • we have processed personal data illegally;
  • the law requires it.

Reporting about the personal data breach

In the event of a personal data breach, please report immediately by email at or call +372 506 0627. We take the issue of personal data security seriously and react immediately to any violation.


Solving Disagreements

The parties shall endeavor to resolve any disagreements through negotiations. If the dispute could not be resolved through negotiations, the parties may apply to the Harju County Court. The natural person client who does not enter into the agreement in his or her economic and professional activities may also file a complaint with the Consumer Protection and Technical Regulatory Authority in the event of a violation of his or her rights. It is also possible for a data subject to request assistance from the Data Protection Inspectorate in exercising his or her rights.