1. Data Controller
The data controller is Clarente OÜ.
Registry code: 16897498
Address: Mustamäe tee 46, Tallinn
Email: info@clarente.ee
2. Definitions
Personal data – any information relating to an identified or identifiable person.
Special categories of personal data – данные о состоянии здоровья и психологическом состоянии.
Processing – collection, storage, use, disclosure and other processing of data.
3. Categories of personal data processed
3.1 General personal data
– name;
– personal identification code;
– phone number;
– email address;
– content of communication;
3.2 Special categories of personal data
– health data (including mental health);
– assessments and action plans collected during rehabilitation;
– information collected during counselling.
4. Töötlemise eesmärgid
Personal data is processed for the following purposes:
– provision of rehabilitation and counselling services;
– service planning and documentation;
– communication with the client;
– reporting to funders and partners;
– compliance with legal obligations;
– ensuring service quality.
5. Legal basis for processing
5.1 General personal data
– performance of a contract [GDPR Article 6(1)(b)];
– compliance with a legal obligation [GDPR Article 6(1)(c)];
– legitimate interest [GDPR Article 6(1)(f)];
– consent [GDPR Article 6(1)(a)].
5.2 Special categories of personal data
Processing of health data is carried out in accordance with
GDPR Article 9(2), in particular:
– point (h) – for the provision of health care and social services;
– point (a) – based on the client’s consent (where necessary).
6. Sources of personal data
Personal data is collected:
– from the client directly;
– via Töötukassa;
– via Sotsiaalkindlustusamet;
– from partners (e.g. referring specialists).
7. Data disclosure
Personal data is disclosed only if it is necessary for the provision of the service or required by law.
Possible recipients:
– Töötukassa;
– Sotsiaalkindlustusamet;
– specialists involved in the service (e.g. psychologist, social worker, physiotherapist);
– IT and software service providers.
8. Data processors and systems
Authorized processors are used in the processing of personal data, including:
– Rehasoft (client data management and documentation);
– Töötukassa portal (client data management and documentation);
– Sotsiaalkindlustusamet portal (client data management and documentation).
Data processing agreements (DPAs) have been concluded with all processors.
9. Data retention
Personal data is stored:
– in accordance with the needs of service provision;
– in accordance with statutory retention periods;
– in accordance with funders’ requirements.
As a general rule, service-related documents are retained for 3–5 years. After the retention period expires, the data is deleted or anonymized.
10. Data security
We implement the following security measures:
– access restrictions (role-based access);
– secure information systems;
– data encryption and backup;
– employee confidentiality obligation.
11. Data subject rights
You have the right:
– to access your personal data;
– to request rectification of data;
– to request deletion of data (where permitted by law);
– to restrict processing;
– to object to processing;
– to withdraw consent.
Requests should be submitted by email: info@clarente.ee
You also have the right to lodge a complaint with the Andmekaitse Inspektsioon.
12. Cookies
The website uses cookies for the following purposes:
– website functionality;
– collection of usage statistics;
– improving user experience.
The user has the right to restrict the use of cookies in their browser settings.
13. Changes to the Privacy Policy
Clarente OÜ reserves the right to modify the privacy policy.
The current version is always available on the website.