{"id":1380,"date":"2026-01-19T16:45:53","date_gmt":"2026-01-19T14:45:53","guid":{"rendered":"https:\/\/develop.naissaarekeskus.ee\/privacy-policy\/"},"modified":"2026-02-16T17:01:25","modified_gmt":"2026-02-16T15:01:25","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/develop.naissaarekeskus.ee\/en\/privacy-policy\/","title":{"rendered":"Privacy Policy"},"content":{"rendered":"\n<p><strong>SA Rannarahva Muuseum \/ Naissaar Visitor Centre<\/strong><\/p>\n\n<p><strong>1. General Provisions<\/strong><\/p>\n\n<p>This Privacy Policy governs the collection, use, storage, and protection of personal data by SA Rannarahva Muuseum <em>(hereinafter the Data Controller)<\/em>.<\/p>\n\n<p>The Data Controller considers the protection of personal data important and processes personal data in accordance with all applicable legislation, including the EU General Data Protection Regulation (EU) 2016\/679 (GDPR) and data protection laws in force in the Republic of Estonia.<\/p>\n\n<p>This Privacy Policy applies to the website <a href=\"http:\/\/www.naissaarekeskus.ee\"><strong>www.naissaarekeskus.ee<\/strong><\/a>, its subpages, and the services and functions offered through the website.<\/p>\n\n<p><strong>2. Data Controller<\/strong><\/p>\n\n<p><strong>SA Rannarahva Muuseum<\/strong><br\/>Registry code: 90009565<br\/>Email: <a href=\"mailto:info@naissaarekeskus.ee\" target=\"_blank\" rel=\"noreferrer noopener\">info@naissaarekeskus.ee<\/a><br\/>Phone: +372 5694 6949<\/p>\n\n<p><strong>3. Categories of Personal Data Processed<\/strong><\/p>\n\n<p>The Data Controller collects and processes personal data only to the extent necessary for providing services or fulfilling legal obligations.<\/p>\n\n<p>Personal data processed may include:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>first and last name<\/li>\n\n\n\n<li>email address<\/li>\n\n\n\n<li>phone number<\/li>\n\n\n\n<li>postal address (if necessary)<\/li>\n\n\n\n<li>order and booking details<\/li>\n\n\n\n<li>purchase history<\/li>\n\n\n\n<li>feedback and opinions provided by the client<\/li>\n\n\n\n<li>communication with the Data Controller (email, phone, correspondence)<\/li>\n\n\n\n<li>technical data related to website usage (IP address, browser, device type, visit time)<\/li>\n<\/ul>\n\n<p><strong>4. Methods of Collecting Personal Data<\/strong><\/p>\n\n<p>Personal data may be collected through the following means:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>placing orders or bookings via the website<\/li>\n\n\n\n<li>filling in contact or feedback forms on the website<\/li>\n\n\n\n<li>contacting via email or phone<\/li>\n\n\n\n<li>subscribing to the newsletter<\/li>\n\n\n\n<li>participating in public events<\/li>\n\n\n\n<li>visiting the website (via cookies and log files)<\/li>\n<\/ul>\n\n<p><strong>5. Purposes of Processing Personal Data<\/strong><\/p>\n\n<p>Personal data is processed for the following purposes:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>providing and managing services<\/li>\n\n\n\n<li>processing orders and bookings<\/li>\n\n\n\n<li>customer communication and support<\/li>\n\n\n\n<li>billing and accounting<\/li>\n\n\n\n<li>collecting and analyzing customer feedback to improve service quality<\/li>\n\n\n\n<li>ensuring the functionality, security, and development of the website<\/li>\n\n\n\n<li>compiling statistics and visitor analytics<\/li>\n\n\n\n<li>fulfilling legal obligations<\/li>\n<\/ul>\n\n<p>IPersonal data will not be processed for purposes inconsistent with this Privacy Policy.<\/p>\n\n<p><strong>6. Legal Basis for Processing Personal Data<\/strong><\/p>\n\n<p>Personal data is processed on the following legal bases:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>performance of a contract with the data subject<\/li>\n\n\n\n<li>compliance with legal obligations of the Data Controller<\/li>\n\n\n\n<li>legitimate interest of the Data Controller (e.g. service development, analysis of customer feedback, website security)<\/li>\n\n\n\n<li>consent of the data subject (e.g. newsletter)<\/li>\n<\/ul>\n\n<p><strong>7. Cookies and Log Files<\/strong><\/p>\n\n<p>The website uses cookies and log files to ensure proper functioning and to collect statistical information.<\/p>\n\n<p>Types of cookies used:<\/p>\n\n<ul class=\"wp-block-list\">\n<li><strong>necessary cookies<\/strong> essential for website functionality<\/li>\n\n\n\n<li><strong>analytical cookies<\/strong> that help understand website usage and improve user experience<\/li>\n<\/ul>\n\n<p>Users can restrict or disable cookies in their web browser settings.<\/p>\n\n<p><strong>8. Retention of Personal Data<\/strong><\/p>\n\n<p>Personal data is retained only for as long as necessary to achieve the purpose of processing or to comply with legal obligations.<\/p>\n\n<p>Retention periods:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>accounting data \u2013 7 years<\/li>\n\n\n\n<li>customer communication \u2013 up to 1 year<\/li>\n\n\n\n<li>customer feedback \u2013 up to 2 years or until the purpose of feedback is fulfilled<\/li>\n\n\n\n<li>newsletter data \u2013 until consent is withdrawn<\/li>\n\n\n\n<li>website logs \u2013 for a limited period<\/li>\n<\/ul>\n\n<p><strong>9. Transfer of Personal Data to Third Parties<\/strong><\/p>\n\n<p>Personal data may be transferred:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>to service providers (e.g. web hosting, payment solutions, IT services)<\/li>\n\n\n\n<li>only to the extent necessary for service provision<\/li>\n\n\n\n<li>only within the European Union or the European Economic Area.<\/li>\n<\/ul>\n\n<p>Third parties process personal data based on the Data Controller\u2019s instructions and are required to ensure data protection.<\/p>\n\n<p><strong>10. Photos and Videos at Public Events<\/strong><\/p>\n\n<p>During public events and activities, the Data Controller may take photos and videos for documenting and promoting the organization\u2019s activities (e.g. on the website and social media).<\/p>\n\n<p>The data subject has the right to request the removal of their image by contacting <strong>info@naissaarekeskus.ee<\/strong>.<\/p>\n\n<p><strong>11. Children\u2019s Personal Data<\/strong><\/p>\n\n<p>The Data Controller does not knowingly collect personal data of minors without the consent of a parent or guardian.<\/p>\n\n<p><strong>12. Rights of the Data Subject<\/strong><\/p>\n\n<p>The data subject has the right to:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>receive information about the processing of personal data<\/li>\n\n\n\n<li>request access to their personal data<\/li>\n\n\n\n<li>request correction of inaccurate data<\/li>\n\n\n\n<li>request deletion of personal data<\/li>\n\n\n\n<li>restrict the processing of personal data<\/li>\n\n\n\n<li>object to the processing of personal data<\/li>\n\n\n\n<li>withdraw consent<\/li>\n\n\n\n<li>esitada kaebus j\u00e4relevalveasutusele<\/li>\n<\/ul>\n\n<p><strong>13. Personal Data Security<\/strong><\/p>\n\n<p>The Data Controller implements appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction.<\/p>\n\n<p><strong>14. Dispute Resolution<\/strong><\/p>\n\n<p>IFor questions or disputes related to personal data processing, please first contact the Data Controller at <strong><a href=\"mailto:info@naissaarekeskus.ee\" target=\"_blank\" rel=\"noreferrer noopener\">info@naissaarekeskus.ee<\/a><\/strong>.<\/p>\n\n<p>If the dispute cannot be resolved, the data subject has the right to contact the supervisory authority:<br\/><strong>Estonian Data Protection Inspectorate<\/strong> \u2013 info@aki.ee<\/p>\n\n<p><strong>15. Amendments to the Privacy Policy<\/strong><\/p>\n\n<p>he Data Controller has the right to amend this Privacy Policy. The current version is always available at <a href=\"http:\/\/www.naissaarekeskus.ee\"><strong>www.naissaarekeskus.ee<\/strong><\/a>.<\/p>\n\n<p><strong>Last updated: 10 February 2026<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>SA Rannarahva Muuseum \/ Naissaar Visitor Centre 1. General Provisions This Privacy Policy governs the collection, use, storage, and protection of personal data by SA Rannarahva Muuseum (hereinafter the Data Controller). The Data Controller considers the protection of personal data important and processes personal data in accordance with all applicable legislation, including the EU General [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1380","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/develop.naissaarekeskus.ee\/en\/wp-json\/wp\/v2\/pages\/1380","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/develop.naissaarekeskus.ee\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/develop.naissaarekeskus.ee\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/develop.naissaarekeskus.ee\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/develop.naissaarekeskus.ee\/en\/wp-json\/wp\/v2\/comments?post=1380"}],"version-history":[{"count":1,"href":"https:\/\/develop.naissaarekeskus.ee\/en\/wp-json\/wp\/v2\/pages\/1380\/revisions"}],"predecessor-version":[{"id":1381,"href":"https:\/\/develop.naissaarekeskus.ee\/en\/wp-json\/wp\/v2\/pages\/1380\/revisions\/1381"}],"wp:attachment":[{"href":"https:\/\/develop.naissaarekeskus.ee\/en\/wp-json\/wp\/v2\/media?parent=1380"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}