Privacy Policy

Last modified: 22.02.2024

We value your right to privacy and data protection. We want you to know for which purposes and how we collect and use your personal data (also known
as personal information) and which rights you have. You will find important information about the processing of your personal data in this privacy
notice (hereinafter: Privacy Notice). This Privacy Notice describes the Personal Data Processing done by SEG, which takes place only within the
framework of the management, use and provision of this Website. This Website contains links that might direct you to webpages administered by SEG
and/or Third Parties. This Privacy Notice does not describe the Personal Data Processing which occurs from the moment you are directed to a
dedicated Ephemeris Suite application webpage or a Third Party webpage, for which dedicated Privacy Notices are applicable.

This Privacy Notice applies to the processing of personal data by SEG EU OÜ (a limited liability company incorporated in the Republic of Estonia
with the registration number 16255825 and registered address at Narva mnt 5, 10117 Tallinn, Estonia; hereinafter SEG, we or us). This Privacy Notice
is supplemented by the Website’s Cookie Notice available on
Cookie Policy.

1. Definitions

The following terminology is used in this Privacy Notice in the following meaning:

• Data Subject is a natural person who has visited the Website and on who SEG has data or information that can be used to identify
  the natural person;
• Personal Data is any information relating to an identified or identifiable Data Subject, particularly information that SEG has
  gathered as a result of the Data Subject visiting the Website;
• GDPR is the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural
  persons about the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC;
• Third Party is a natural or legal person, public authority, agency or body, and any person other than the Data Subject, SEG, an
  authorized employee of SEG, or a person who may process the Personal Data of the Data Subject under the authority of SEG or Processor of SEG;
• Website is a webpage administered by SEG under the URL
  https://ephemeris.app, which is a webpage dedicated to showcase the
  different products in the Ephemeris Suite lineup;
• Processing means any operation or set of operations, which is performed on Personal Data, such as collection, recording,
  organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise
  making available, alignment or combination, restriction, erasure, or destruction, regardless of the method of operation or the used means;
• Processor means a natural or legal person, public authority, agency, or other body which Processes Personal Data on behalf of
  SEG, the controller.

2. What Security Measures Does SEG Implement?

SEG takes the security of all data in its possession very seriously. SEG ensures the confidentiality of Personal Data under applicable law and
implements appropriate technical and organisational measures to protect Personal Data from unauthorized access, unlawful Processing or disclosure,
accidental loss, alteration, or destruction.

SEG may use Processors for Processing of Personal Data. In such cases, SEG will ensure that the Processing of Personal Data is carried out in
accordance with SEG’s instructions and in accordance with the applicable law and this Privacy Notice. We apply contractual and appropriate security
measures to protect your Personal Data and maintain confidentiality.

As soon as we receive your data, we implement reasonable security measures and procedures to avoid unauthorised access from any Third Party.
However, transmission of such data over the Internet using personal computers or mobile devices is not completely safe and, therefore, we cannot
guarantee absolute security of all information submitted to our Website and/or to us. Any transmission of such information and documents is at your
own risk.

3. How Do We Collect Your Personal Data?

SEG collects Personal Data primarily in the following ways:

• Personal Data disclosed by the Data Subject as a result of the intended use of the Website and any subsequent processing, e.g. data disclosed
  during e-mail correspondence, emerged as a result of normal communication between the Data subject and SEG, data disclosed by the Data Subject
  when expressing his/her interest in receiving additional information about different Ephemeris Suite applications (e.g. newsletter) and data
  disclosed during the registration of the user account and data disclosed as a result of the Data Subject expressing interest in applying to the
  vacant positions advertised on the Website;
• by automatic means when using our Website and/or services (e.g., tracking the Data Subject use of our Website and services; see also our Cookie
  Notice how and which cookies and similar technologies are used, which includes any information on Personal Data received from Third Parties).

Which Personal Data Do We Process?

The categories of Personal Data that SEG mainly, but not exclusively, collects and processes are the following:

• Data entered into the contact form of the Website (e.g., name, phone number, e-mail address and any data disclosed in the content of the message);
• Data entered into the job application form of the Website (e.g, name, phone number, e-mail address, the position you are applying for, your CV and
  any Personal Data disclosed in the CV, and any data disclosed in the content of the message);
• Data disclosed by the Data Subject during e-mail correspondence (e.g. the e-mail address and associated communications data transmitted from the
  e-mail address);
• Data disclosed by the Data Subject in one of the placeholder subpages of the Website dedicated to the different Ephemeris Suite applications (e.g.
  e-mail address);
• Data disclosed by the Data Subject during the registration of the user account and the subsequent use of the account (e.g. name, e-mail address,
  password);
• Data provided by you and gathered by SEG for the processing of your job application, including personal identification data (details of the
  identification document), medical information and any other Personal Data that is necessary for the assessment of the candidate for the position
  that the candidate is applying for;
• Data automatically gathered from the use of the Website (e.g., the Internet Protocol (IP) address and other identification data necessary for the
  functioning of the Website).

In addition to the categories of Personal Data explicitly stated in this Privacy Notice, SEG may collect additional and other Personal Data in
accordance with the law, if needed.

5. For Which Purposes And On Which Legal Basis Do We Process Your Personal Data?

SEG processes your Personal Data primarily:

• to administrate and to ensure the functioning of the Website, based on: SEG’s legitimate interests to prevent, limit and
  investigate any misuse or unlawful use or disturbance of the Website and/or services;
• to analyse the usage of the Website and to make improvements to the Website, based on: consent of the Data Subject or the
  legitimate interest of SEG to improve the usage and content of the Website;
• to answer to your requests, e.g. to identify the person who made the request and to ask for any additional information necessary
  to answer your question, based on: the performance of a contract (including any pre contractual processing necessary for entering into a contract)
  or the legitimate interest of SEG;
• to create and provide access to your user account, based on: the performance of a contract (including any pre contractual
  processing necessary for entering into a contract);
• to establish, exercise, and defend legal claims, such as keeping records of communication you have had with SEG, based on: SEG’s
  legitimate interests to exercise and defend against legal claims;
• to provide you with the newsletter service, based on SEG’s legitimate interests;
• to comply with the legal obligations that SEG may be subject to, based on: SEG being subject to a legal obligation.

In the case that we are going to use your personal data for other purposes as provided above, we will communicate it to you in a timely manner.

6. To Whom Do We Transfer Your Personal Data?

SEG transfers Personal Data to the following recipients:

• employees authorised by SEG for such purpose;
• public authorities (e.g., law enforcement agencies, courts, bailiffs, tax authorities, and supervisory authorities);
• persons related to the provision of the Website and it’s associated services (e.g., designers, payment intermediaries, providers of communication,
  Website hosting service provider, IT, data backup, translation etc);
• auditors, accounting service providers, financial consultants, SEG subcontractors or other SEG’s consultants;

7. Where Your Personal Data Is Being Processed?

Generally, Processing of Personal Data takes place within the European Union / European Economic Area (EU/EEA). If there is a need to Process
Personal Data outside EU/EEA (e.g. for utilizing subcontractors), the transfer will only take place if the appropriate legal basis stated in chapter
5 of the GDPR applies. Examples of appropriate legal bases include:

• an adequate level of data protection is in place in the country outside of the EU/EEA in accordance with the decision of the European Commission;
• existence of a valid agreement containing standard contract clauses developed by the EU or approved codes of conduct or certifications or other
  similar things that comply with the GDPR.

In cases where SEG acts as a data controller, we will provide more information about the transfer of Personal Data outside the EU/EEA upon your
request. You can contact us by e-mail: info@segeuou.com.

8. How Long Do We Store Your Personal Data?

SEG does not Process Personal Data for longer than it is necessary for the purposes related with such data and/or to comply with the statutory data
storing obligations. The retention period may also be based on SEG’s legitimate interest or applicable law (e.g., legislation about accounting or
limitation period). The retention period for cookies is noted in the Cookie Policy of the Website.

Data, including Personal Data, are generally processed for the duration of the service provided, until consent is withdrawn or until the Data
Subject has raised an objection to the processing of Personal Data in the event that the Processing of Personal Data is based on the legitimate
interest of SEG.

The processing of personal data may be extended in cases where the Processing is necessary for the preparation, presentation or defence of possible
claims, and after this period only within the time prescribed by law. After the end of the processing period, the data is deleted or anonymized.

9. Which Rights Do You Have?

The Data Subject has the following rights in connection with the Processing of his/her Personal Data:

• to obtain information about the Processing of their Personal Data and the right to request a copy of the Personal Data being Processed;
• to request the rectification of their Personal Data if it has changed or is otherwise inaccurate;
• to object to the Processing of their Personal Data if the Processing of Personal Data is based on a legitimate interest;
• to request restriction of the Processing of their Personal Data, for example at a time when SEG assesses whether the Data Subject is entitled to
  delete its Personal Data;
• to withdraw their consent for Processing of Personal Data. Upon withdrawal of the consent, SEG will no longer Process the Personal Data of the
  Data Subject for the purpose of the respective consent. The consent is valid until it is withdrawn;
• to receive the personal data concerning him or her, which he or she has provided to SEG, in a structured, commonly used and machine-readable
  format and have the right to transmit those data to another controller without hindrance from SEG to which the personal data have been provided
  (data portability right);
• to request deletion of their Personal Data, for example, if SEG has no right to Process such data or if the Processing of Personal Data is based
  on a consent and the consent has been withdrawn. Such right does not apply (or to such an extent) if Processing of Personal Data that is requested
  to be deleted has also been Processed for other legal bases or for the performance of legal obligations;
• to contact us at any time regarding the use of their Personal Data. To do so, please send us an e-mail. You also have the right to lodge a
  complaint to the Estonian Data Protection Inspectorate (website:
  https://www.aki.ee) or to a competent court.

The Data Subject can exercise its rights by contacting us at info@segeuou.com. We will
respond to the request without delay, but not later than within one month from receiving the request. To protect the integrity and security of the
Personal Data SEG holds, we may ask that the Data Subject follows a defined access procedure, which may include steps to verify Data Subject´s
identity.

Please note that the Data Subject´s rights are not absolute and are subject to such considerations as allowed under the applicable law.

10. Validity And Changes to Privacy Notice

SEG has the right to unilaterally amend the Privacy Notice at any time in accordance with the applicable law.

SEG will notify the Data Subject of any changes to the Privacy Notice via the Website and by the e-mail at least one month before the changes take
effect, except if the Privacy Notice is amended because of changes in legislation.