Personal Data Protection

On this page you will find links to all documents and pages on the Zone’s website concerning the protection of personal data and information security.

We will update this page as issues arise.

Personal data of the customer and/or users of the Zone services

Privacy Notice of Zone Media OÜ primarily concerns personal information we ask for in connection with the provision of our services, such as when creating a central user account (ZoneID) and registering domains, and may also include personally identifiable information such as IP addresses in logs and other solutions used to ensure the reliability and security of our services. The Privacy Notice also covers users of our web and other marketing channels and the personal data and analytics associated with them.

Zone Media OÜ’s data processors are a list of third parties we use who may come into contact with personal data.

Authorised processor and controller, i.e. customer information assets on Zone servers

The Zone Media OÜ Terms of Service, to which customers agree when creating a central user account (ZoneID), is the written agreement under which the service is provided.The confidentiality clause set out therein also covers information uploaded or generated by the customer on Zone servers for which the customer is the responsible party and the Zone’s authorised processor.

For the sake of clarity, we have written paragraphs 7. CONFIDENTIALITY and 11. PROCESSING OF PERSONAL DATA of the Agreement at length, using wording consistent with the General Regulation.

For most customers, we do not see the need for an additional agreement on the processing of personal data, but it may be reasonable if you use our server services to provide services to other companies, your auditors or lawyers. We have prepared a Agreement on Personal Data Processing that is compatible with our services and processes, which can be digitally signed after data entry and sent to for digital signing by us (we will add a note about the agreement to the company’s user account(s)).

Information Security Principles of Zone Media OÜ provide an overview of our information security management system aligned with the ISO27001:2014 standard, and enable the customer to perform due diligence when selecting a service provider and understand the boundary where the infrastructure Zone secures and manages transitions to an application layer under the customer’s responsibility.

As of 17.05.2018, the server services provided by Zone do not involve the processing of customer data outside the European Union/European Economic Area or their transfer to third parties.

In the case where Zone is only acting as an intermediary for a third party service (e.g., the protection of the customer’s data and the relationship between the data controller and the third party service provider will be governed by the contract and/or the terms of use concluded with the third party service provider when subscribing to the service.