Legal Terms
Privacy Policy
Effective Date:
January 7, 2026
Last Updated:
January 7, 2026
At Waste Tool, your privacy matters. This Privacy Policy explains how WasteLocker OÜ ("we", "our", "us") collects, uses, shares, and protects your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR).
Table of Contents
Who We Are
WasteLocker OÜ is a company registered in Estonia and responsible on behalf of the Vidzeme Planning Region for managing the website Waste Tool within the scope of the Ce4Re project. We are the data controller of the personal data processed through this website.
What Data We Collect
We may collect and process the following categories of personal data:
- Account Data: name, email address, organization, login credentials
- Usage Data: pages visited, login history, feature usage
- Technical Data: IP address, browser type, operating system, device type
- Communication Data: feedback, support requests, contact messages
How and Why We Use Your Data
We use your personal data for the following purposes:
| Purpose | Legal Basis |
|---|---|
| To create and manage your account | Performance of a contract |
| To provide platform functionality | Legitimate interest |
| To ensure security and prevent misuse | Legitimate interest |
| To respond to your inquiries | Consent or performance of a contract |
| To analyze usage and improve the platform | Legitimate interest |
| To comply with legal obligations | Legal obligation |
Who Has Access to Your Data
Your data may be accessed by:
- Authorized personnel of WasteLocker OÜ
- Project partners (e.g., Vidzeme Planning Region) and pertinent officials and/or authorities only when relevant to your use
- IT service providers (e.g. hosting, maintenance), under data processing agreements
We do not sell or rent your personal data.
Data Transfers
Your data is stored in the European Economic Area (EEA). If we ever transfer data outside the EEA, we will ensure appropriate safeguards (e.g. Standard Contractual Clauses) are in place. We will notify you and provide with proper reason and documentation as to why we would transfer outside of EEA, should it be necessary.
How Long We Keep Your Data
We keep your personal data only as long as necessary for the purposes outlined above or as required by law. When your data is no longer needed, we securely delete or anonymize it.
Your Rights Under GDPR
You have the following rights:
- Right to Access – Know what personal data we hold about you.
- Right to Rectification – Correct inaccurate or incomplete data.
- Right to Erasure – Request deletion of your data ("right to be forgotten").
- Right to Restriction – Limit how we process your data.
- Right to Data Portability – Receive your data in a portable format.
- Right to Object – Object to certain types of processing.
- Right to Withdraw Consent – At any time, where consent is the legal basis.
- Right to Lodge a Complaint – With the Estonian Data Protection Inspectorate (www.aki.ee).
Security Measures
We implement appropriate technical and organizational measures to protect your personal data, including secure hosting, encrypted communication (HTTPS), and access control. However, no method of transmission over the internet is 100% secure.
Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated via the website and/or email notification. Continued use of the platform indicates your acceptance of the revised policy.