Bisnode Estonia AS (hereinafter Bisnode) proceeds from the Personal Data Protection Act and guidelines of Data Protection Inspectorate in its services, including when displaying the data on the website krediidiraportid.ee.
Data collection and sources
Bisnode collects data from different public sources, such as Commercial Register, Tax and Customs Board, official publication Ametlikud Teadaanded, collection companies and other public online sources and updates these data as often as possible. Bisnode will do its best to guarantee the correctness and timeliness of the data and corrects inaccurate data at the earliest opportunity.
Sensitive personal data
Bisnode does not display sensitive personal data on the website Krediidiraportid.ee and is not processing such data in its databases.
The following are sensitive personal data:
1) data revealing political opinions or religious or philosophical beliefs, except data relating to being a member of a legal person in private law registered pursuant to the procedure provided by law;
2) data revealing ethnic or racial origin;
3) data on the state of health or disability;
4) data on genetic information;
5) biometric data (above all fingerprints, palm prints, eye iris images and genetic data);
6) information on sex life;
7) information on trade union membership;
8) information concerning commission of an offence or falling victim to an offence before a public court hearing, or making of a decision in the matter of the offence or termination of the court proceeding in the matter.
Data of the members of the management board and owners of the company
Data Protection Inspectorate: disclosure of the data of the member of the management board of the company as the information related to entrepreneurship of the person does not constitute excessive breach of privacy. It is publicly known that the Commercial Register and information therein, incl data on the members of the management board, is public. Entrepreneurship is an activity directed outside, meant for the general public. The legislator has found that the general public has the right to know the data of the owners and members of the managing bodies of the companies and also economic results of the companies and thus the information in the Commercial Register has made publicly available (decision of Tallinn Circuit Court of 28 August 2014 in the administrative case no 3-13-703). The Supreme Court has also accepted that by recording the business-related information the data of the member of the management board are displayed (decision of the Supreme Court of 21 December 2010 in the civil case no 3-2-1-67-10)
Use of personal identification codes
Data Protection Inspectorate: personal data are any data on the person established or to be established, including certainly the name, date of birth and personal identification code of the person.
It is essential to know that personal identification codes are not belonging under sensitive personal data. Personal identification codes are common personal data and no more restrictions have been set for their use than e.g. for using the name or date of birth of the person.