Publication date: June 2022
Last updated: May 2025
This Privacy Policy has been updated to reflect Machineric's role as a data processor under GDPR.
Machineric Solutions OÜ (“Machineric”, “we”, “us” and “our”) processes data on behalf of our clients (the data controllers) who use our website at www.machineric.com and our mobile applications for iOS or Android (the “Machineric Platform”). The data we process helps enable the provision of services in accordance with instructions from our clients and to improve the user experience on the Machineric Platform.
Machineric’s personal data processing practices are governed by the following Privacy Policy (the “Privacy Policy”), which provides information about the personal data Machineric processes, how we use that data, who has access to it, and what your rights are as a data subject.
Machineric complies with the provisions of General Data Processing Regulation (EU) 2016/679 and the national legislative acts with regard to the processing of personal data.
1. Data Processor and Data Controllers
Machineric Solutions OÜ acts as a data processor, processing personal data only on behalf of and under the instructions of our clients, who act as the data controllers in accordance with the General Data Protection Regulation (EU) 2016/679.
If you have questions about how your personal data is handled, you should contact the data controller (typically, our client who collected your data). However, if your inquiry relates to how Machineric processes data on their behalf, you may contact us at info@machineric.com.
2. Personal data we collect and how we use it
As a data processor, Machineric processes personal data under the direction of its clients (the data controllers). This section explains the categories of personal data we process and the context in which it is processed (and the legal bases as determined by our clients or required under law).
2.1. Subscription and account information
When you as a representative of our client purchase a subscription to the Machineric Platform (“Machineric Subscription”) to use the Machineric Platform and our Services, or when you use the Machineric Platform based on the Machineric Subscription purchased by your employer, we will process personal data, such as name, email address, phone and role, as required by the data controller to provide the Services requested by them.
The legal basis for this processing is determined by the data controller, typically based on their legitimate interest in delivering services through the Machineric Platform.
We may require you or your employer to provide us with your name, mobile phone number, e-mail address, username, employer and position and selected password to establish an account on the Machineric Platform. We may require you to provide us with additional personal data to provide you additional services. We also process information about your user rights on the Machineric Platform.
2.2. Transaction information
When a client purchases a Machineric Subscription, we may process transaction data (e.g., payment method, transaction details) on their behalf. We do not determine the legal basis or purposes for this data processing — these are defined by the data controller.
The legal basis to collect and process transaction information is the data controller's legitimate interest to support service delivery under the data controller’s customer contracts. We may also process this data to fulfil legal obligations applicable to Machineric (e.g. tax or accounting rules). We also process these personal data to fulfil our obligations under applicable accounting and tax laws. In these cases, the processing of personal data is based on mandatory legal provisions which require that we store certain data for accounting purposes.
2.3. Data about your use of Machineric platform
Machineric may process usage data (e.g. IP address, browser type, clicks, scrolls, etc.) as part of our role as a data processor. We collect such information on behalf of the data controller and use it only to provide, maintain, or improve the Machineric Platform under their instructions.
The data controller defines the lawful basis for this processing (such as legitimate interest or consent).
As you navigate through the Machineric Platform, certain information can be collected without you actively providing the information using various technologies, such as cookies, Internet tags or web beacons, and navigational data collection (log files, server logs, clickstream, website scripts). Your internet browser or mobile device automatically transmits some of this information, such as the URL of the website you browse or just came from and the Internet Protocol (IP) address and the browser version your computer or mobile device is currently using; the date and time you access the Machineric Platform and the pages that you access while visiting the Machineric Platform.
We use third party tools to collect and analyse the use of our Platform.
The legal basis for this processing is determined by the data controller (e.g., their legitimate interest or user consent).
2.4. Inquiries and answers
We process personal data you provide in contact forms or by email solely for the purpose of responding to your inquiry, and only in accordance with instructions from the relevant data controller.
2.5. Direct marketing
Machineric does not engage in direct marketing to end users unless explicitly instructed by the data controller. If you subscribe to receive communications, the data controller remains responsible for the legal basis (e.g. your consent).
2.6. Data regarding legal claims
We may be instructed by the data controller to process personal data in the context of legal claims. In rare cases where Machineric is independently involved in legal claims (e.g. contractual disputes), we may also act as an independent controller solely for that processing.
2.7. Cookies
Cookies are used on the Machineric Platform in accordance with our clients’ instructions. Machineric, as a data processor, uses cookie data to support the operation and improvement of the platform. Responsibility for cookie consent and legal compliance lies with the data controller.
What are cookies?
A cookie is a small data file that may written to your device when you browse the Machineric Platform. A cookie enables the Machineric Platform to remember your actions and preferences over a period, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
What cookies do we use?
The Machineric Platform uses cookies to collect your IP address and browsing information, such as the websites you have visited or time you have spent on each page and allow the Machineric Platform to remember your system and preferences.
Other cookies allow us to track Machineric Platform traffic and users’ interaction with the Machineric Platform – we use this data to analyse visitors’ behaviour and to improve the visitors’ experience.
Cookies allow us to:
- give you a better user experience when you visit the Machineric Platform;
- allow you to set personal preferences;
- create statistical information about the use of the Machineric Platform;
- and to measure the effectiveness of advertising.
We use the following categories of cookies on the Machineric Platform:
Functional cookies
These cookies are essential in order to enable you to move around the Machineric Platform and use its features. For example, functional cookies are used to remember your login information.
Performance Cookies
These cookies collect anonymous statistical information on how people use our the Machineric Platform. For example, performance cookies may help us understand how users browse or use the Machineric Platform and highlight areas that are used the most.
Targeted advertising cookies
These cookies collect information about your browsing habits. They are used to make advertising more relevant to you and your interests. We may also use these cookies to limit the number of times you see an advert, and to estimate how the advertisements on the Machineric Platform reach our users. The cookies are usually placed by third party advertising networks to create information about your interests through your online behaviour.
Other third party cookies
We also may have social media cookies on the Machineric Platform. These cookies allow you to share what you’ve been doing on the Machineric Platform on social media. We are not responsible for such cookies. Please read the privacy policies of these third parties carefully.
How long are cookies retained on my device?
The storage time for cookies on your device is divided into two categories.
Session cookies
Session cookies are set per session, meaning that they last until you close your browser. Session cookies are not stored on the hard drive of your device.
Persistent cookies
Persistent cookies are stored on your hard drive until you delete them or they reach their expiry date. We will not store cookie information from persistent cookies for longer than a maximum of 2 years.
Cookies are placed on your device only if you provide your consent, unless cookies are required for strictly technical functioning of the Machineric Platform. However, note that if you do not consent to the use of cookies, certain functions of the Machineric Platform may not function properly or may not function at all.
Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control.
You can control and/or delete cookies as you wish – for details, see http://www.youronlinechoices.com. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.
3. Sharing and transferring your personal data
We put our best efforts to keep your data safe and always require the high level of security and confidentiality from our employees and partners.
We may share certain categories of your personal data:
- with third party sales portals in order to provide you with our Services;
- with our trusted services providers when they provide services to us or to you on behalf of us and under our instructions, such as cloud-based service providers, legal service providers, accounting service providers, etc. We will control and shall remain responsible for the use of your personal data at all times;
- with our partners, who provide us with tools for analytics (who may access statistical browsing data);
- to public authorities if we are required to disclose personal data by law or to comply with a lawful request of authorities;
- in relation to a merger, acquisition or sale of our business or its part(s).
As a rule, we do not transfer your personal data outside of the European Economic Area. However, if we do so, we use adequate safeguards to protect your personal data, such as the standard contractual clauses for transfers established by the European Commission. You can get more information about the transfers of your personal data by contacting us at info@machineric.com.
4. Retention of your personal data
We process personal data only in accordance with the instructions of the data controller and for the duration necessary to fulfil those purposes. Retention periods are determined by the data controller, and we follow their instructions regarding deletion or return of data.
If applicable laws or legal obligations require us to retain certain records (e.g. accounting documents), we will do so securely and only as a data processor.
Most personal data will be retained until the end of the contractual relationship with the data controller, or as otherwise instructed by the controller. However, we may keep some of your personal data for longer, if this is necessary to achieve our legitimate interests or where this is required by law. For example, we keep accounting source documents (such as contracts and invoices) for 7 years as of the end of the financial year when a business transaction was recorded in our ledgers. Personal data relating to contractual relationships may be kept for up to 10 years after the end of the contractual relationship, taking into account the maximum expiry period of claims.
In some cases, personal data may be stored for a longer period if storage of personal data is required in order to protect our or any third parties’ legitimate interests, e.g. in case of a legal dispute.
When the retention of your data is no longer necessary to achieve the purposes of processing, your data will be permanently removed, unless you instruct us otherwise and we agree on the terms on longer storage of your data.
5. Your rights
As a data processor, we do not determine the purposes or legal basis for processing your personal data. Therefore, to exercise your rights (such as access, correction, or erasure), please contact the data controller (typically, our client who collected your data). We will assist the data controller, as required by applicable law, in responding to your request.
6. Security measures
We use reasonable security measures (including physical, electronic and administrative) to protect your personal data from loss, destruction, misuse and unauthorised access or disclosure. For example, we only grant access to your personal data to authorised employees and contractors who need it to perform their duties.
Please note that while we take reasonable steps to protect the security of your personal information, no system completely eliminates all potential security risks.
These measures are implemented in our role as a data processor, to ensure secure processing on behalf of our clients.
7. Updates
From time to time, we may update this Privacy Policy in order to adapt it to any updates that might arise. In such a case, we will notify you via the e-mail that you have communicated with us. This Privacy Policy was last updated as of the “Last updated” date shown above.