Privacy Policy

Processing of Personal Data

CareMate OÜ (registration code 14385848), located at Tartu mnt 52-3, Tallinn, 10112, Estonia, is the data controller and has appointed a data protection officer (info@caremate.ee).

1. What Personal Data We Process

• Name, email address, phone number, place of residence.
• Geographical location data.
• Health information (including the severity of physical and mental health conditions).
• Ratings for service providers and their efficiency.
• Criminal record extract, personal image (photo), profession, training details, and identification documents.

2. Purpose of Processing Personal Data

• Personal data is processed to enable clients and service providers to efficiently receive or offer services.
• Geographical location data is processed to analyze service usage areas and provide recommendations based on this information. If a service provider does not want their geographical location to be displayed, they must remove it in the CareMate application.
• Profession, training details, identification documents, and criminal record are processed to ensure that the service provider meets legal requirements and is suitable for the profession.
• In the CareMate application, the service provider's photo, name, additional information, availability, service areas, price, services, and difficulty levels are displayed so that the client can select an appropriate service provider when placing an order.
• Both the service provider and client receive an order summary via the CareMate portal, which includes service efficiency and customer ratings for the service provider. These ratings are essential for ensuring reliable services for clients.

3. Legal Basis

• Personal data is processed to fulfill the contract with the platform user.
• The use of the service requires the processing of the service provider’s and client’s identity verification, geographical location, availability, services, and difficulty levels.
• Personal data may also be processed on the basis of legitimate interest for investigating and detecting fraud related to payments.
• Criminal record data is processed to comply with legal requirements.
• Data processing necessary to ensure data security is conducted to comply with General Data Protection Regulation (GDPR) requirements.

4. Recipients of Personal Data

• The client's personal data is shared only with the service provider who has received the client’s order. In such cases, users can see the client’s first name, availability, service area, additional information, level of assistance required, phone number, photo, and geographical location.
• Users can also see summaries of orders that have been placed, canceled, or completed.
• CareMate OÜ employees, who provide customer support, process the platform users’ personal data.

5. Security of Personal Data and Data Access

• Personal data is stored on Zone Media OÜ and/or DigitalOcean Inc. servers, which are located within the territory of a European Union member state.
• Access to personal data is granted only to employees who need to review the data to resolve technical or customer support issues.
• Inquiries regarding personal data may be submitted, within their competence and in accordance with the law, by a pre-trial investigative authority in a criminal case or by a court during legal proceedings.

6. Processing of Clients' Personal Data

• Service providers may not process clients' personal data, except to the extent necessary for providing the service.
• The service provider may not contact clients for non-service-related matters or collect, store, share, access, use, or process personal data obtained from clients or via the CareMate platform beyond what is necessary for the service.
• Service providers and clients must comply with the rules and conditions of personal data processing. The platform user is responsible for ensuring compliance with personal data processing regulations.
• If a service provider violates personal data processing rules, their account may be suspended, and they may be required to compensate for damages caused by the violation.

7. Reviewing, Storing, Deleting, Correcting, and Transferring Personal Data

• Personal data can be reviewed and corrected via the CareMate platform.
• User data is stored as long as the account remains active and for an additional 3 years after account deletion.
• Accounting-related data is stored for 7 years.
• In cases of suspected crime, fraud, or false information, data may be stored for 10 years.
• In case of disputes, data will be stored until the claim is fulfilled or until the limitation period expires.