Terms of Data Processing


Terms of Data Processing

The collection of personal data by Direct Messenger OÜ is based on law and the data is collected to the extent necessary for the performance of the concluded contracts and for the best service of the Clients.


Data processing – any act performed on personal data, including its collection, storage, organization, preservation, modification, use, transmission, deletion, destruction or several of the above operations, irrespective of the manner in which the operations are performed and the means used.

Client – a natural or legal person who uses or has expressed a wish to use the services offered by Direct Messenger OÜ.

Data subject – the person whose data is processed.

Controller – a natural or legal person who determines the purposes and means of processing personal data. Direct Messenger OÜ is the Controller in contractual relations with the Client.

Authorized Processor – a natural or legal person who processes personal data on behalf of the Controller. Direct Messenger OÜ is the Authorized Processor in contractual relations with the Clients using the messaging service and the statistics environment.


1. General Data Processing Principles:

The Principle of Legality – the data is processed only in a fair and lawful manner.

The Principle of Purposefulness – The data is collected only for specified and legitimate purposes. It is not processed in a way that is not consistent with the purpose of the treatment.

The Principle of Minimality – data is collected only to the extent necessary to achieve the specified objectives.

The Principle of Security – Personal data is processed in a manner that ensures security, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage by implementing appropriate technical or organizational measures.

Company details – Direct Messenger OÜ, reg. number 11981389, Toompuiestee 18, Tallinn 10149,

tel +372 5302 5691, support(at)messenger.ee


2. Purpose of Data Processing:

performance of contractual relations;

providing messaging services;

conducting consumer campaigns or games.


3. The Composition of Data:

Data of the objects of the contract;

Data provided by Clients;

We implement the Google Analytics web analytics tool on our external website, which collects general information about how the visitor uses our site. For example, Google Analytics collects data about the geographic location of visitors, the computer’s browser and version of the operating system, the time and duration of visit and the number of visits to external website pages and movement between them. The data collected is not associated with personally identifiable information and we use it in compiling website statistics.


4. Data Security

Direct Messenger OÜ uses HTTPS connection, which means that the computer connection with our system is encrypted. The green field of the Internet browser with a padlock icon indicates a secure connection. To verify the authenticity of the certificate press the padlock icon.

Databases with personal information is stored electronically on servers protected by firewalls, passwords and other necessary technical solutions. Security copies of databases are held in locked locations accessible only by authorized persons.

Direct Messenger OÜ employees are aware of the principles of personal data protection and the obligation of keeping confidential information in secrecy and are responsible for violating the above obligations.

The Client of messaging platform/statistics platform undertakes to keep the user ID and password necessary for entering the website in secrecy and in such a way that it does not fall into the hands of third parties, unless he or she has authorized a third party to use his or her user ID and password for messaging services.

The Client of messaging platform/statistics platform must immediately notify Direct Messenger OÜ if his/her username or password has been lost or fallen into the hands of third parties in order to ensure timely implementation of the relevant measures to ensure the security of personal data.

Direct Messenger OÜ is not responsible for violations of security requirements arising from the Client’s own actions / inactions.


5. Data Transmission

Direct Messenger OÜ does not disclose personal information to third parties unless the obligation to provide information arises from a contract or by law. For example, Direct Messenger OÜ has agreements with all Estonian mobile operators to provide messaging services.

Transfer of personal data to third countries (i.e., countries which are not Members of European Union or not incorporated in the Agreement on the European Economic Area) is only allowed with the consent of the Controller unless otherwise provided by law.


6. Data Subject Rights:

– to request access to data collected on them;

– to require the correction, deletion, transfer of data collected on them;

– to refuse in whole or in part of the data being processed.

In order to exercise the rights of the data subject, a corresponding digitally signed application must be sent to the address: dpo(at)messenger.ee

In case of violation of rights, the data subject has the opportunity to file a complaint with the data protection supervisory authority – the Data Protection Inspectorate.


7. Data Retention Period

Data is retained until a legitimate aim is attained.