Cookie and privacy policy

Source: Joosep Martinson

Cookie and privacy policy

This Privacy Policy sets out the principles of the processing of the personal data of users (hereinafter referred to as the User) of the website of the Estonian Tourist Board of Enterprise Estonia at www.visitestonia.com/www.puhkaeestis.ee (hereinafter referred to as the Website). The controller of personal data is Enterprise Estonia (hereinafter referred to as EAS; registry code 90006006, address Lasnamäe 2, 11412 Tallinn, e-mail info@eas.ee). Further information on the pan-organisation privacy policy of EAS can be found here.

In order to review data or materials, please submit a request for information to info@visitestonia.com or info@eas.ee.

If you have any questions about the processing of personal data, please contact the Data Protection Specialist of EAS at andmekaitse@eas.ee.

Note: The Privacy Policy set out below does not apply to the processing of the data of legal persons and institutions and their representatives/employees who are natural persons if their data are processed as a result of the economic activities of the legal person, including the professional obligations and duties of the person. If you contact us on behalf of a legal person or institution, please list your business contact details rather than your personal ones.

Identification data

We process your personal data while carrying out our work in instances such as when you contact us or use the services of Visit Estonia. We may collect your personal data in multiple ways, including when you visit or register on our Website or fill in a form or survey, as well as in connection with any other actions, services, functions or resources made available on the Website that you might take or use. You may be asked to provide your name, e-mail address and telephone number where necessary. However, you can also visit our Website anonymously. We only collect your personal data if you transmit them to us voluntarily.

We may collect anonymous and statistical data about you at any time during your use of our Website. This may include the name of your web browser, the type of computer you are using and technical data on your connection to our Website, such as data on your operating system and Internet service provider and other similar data.

How we use the personal data we collect

The Estonian Tourist Board of EAS may collect and use your personal data in order to:

  • run and administer our Website. We may need your data in order to accurately display the content of our Website; 
  • improve customer service. The data you submit helps us to respond to the requests of our customers and better support their needs;
  • personalise the User experience. We may use aggregate data to get a better picture of the ways in which Users of our Website as a whole use the services and resources available on the Website;
  • improve our Website. We may use your feedback to improve our products and services;
  • organise advertising, competitions and surveys and serve other functions of the Website; 
  • send information to you with your consent on topics we think might be of interest to you;
  • send regular e-mails. We may use your e-mail address to send you information and updates related to your subscription. Additionally, we use your e-mail address to answer your questions and/or respond to other queries;
  • send out newsletters. We regularly update the list of newsletter recipients in order to ensure you receive high-quality newsletter content. Should you opt out of receiving the newsletter, your contact details will be automatically deleted from the list;
  • If we organise and carry out a campaign that requires the processing of personal data, we only collect and use such data in accordance with the terms and conditions of the campaign for the purpose of carrying out the campaign, for instance, in order to contact the winner and draw and deliver the prize.

How we protect your personal data

We follow and take appropriate data collection, retention and processing practices and security measures in order to protect your personal data, User ID, password and other data saved on our Website from unauthorised access, modification, disclosure or destruction.

We take organisational, physical and information technology measures in order to ensure the security of data processing. Appropriate guidelines and rules have been established, and our employees only process your personal data to the extent necessary to perform their duties. Should we involve a processor, we require them to ensure at least the same level of security.

Your rights and access to data

You have the right to receive information about the processing of your personal data at any time by submitting a written application to us. Before responding, we always make sure that the applicant has the right to receive data or request an action. You have the right to:

  • request access to your personal data;
  • request the rectification of your personal data by informing us and sending us accurate data;
  • request the erasure of your personal data. Said right does not apply if the personal data you are requesting be erased are processed on another legal basis or if the obligation to retain the data derives from law;
  • request the restriction of the processing of your personal data;
  • request the forwarding of your personal data;
  • withdraw your consent for the processing of your personal data;
  • lodge a complaint with a supervisory authority (the Estonian Data Protection Inspectorate, info@aki.ee, 627 4135);
  • withdraw your consent at any time, including opting out of receiving the newsletter. Withdrawing consent does not affect the lawfulness of processing based on consent prior to its withdrawal.

Recipients of personal data

We do not sell, exchange, rent out, transmit or make your personal data in any way available to third parties. We may share general aggregate demographical or statistical data that do not enable identification of visitors and Users with recipients like business partners and reliable processors in order to fulfil the purposes set out above. We may use third-party service providers to assist us in administering our business and Website or for them to take action on our behalf, such as sending out newsletters or surveys. We may share your data with such third parties for limited purposes, provided that you have given us permission to do so. We do not disclose your data more than is necessary to fulfil the relevant purpose, taking into account the provisions of legislation regulating data protection.

Retention of personal data

We process as little personal data as possible. Your personal data are retained no longer than is necessary for personal data processing for the purposes for which the personal data were required, for preparing, filing and defending legal claims after the termination of the contractual relationship or if such an obligation derives from law. We update your data where necessary. For example, we retain correspondence for five (5) years and personal data processed under campaigns in accordance with the terms and conditions of the campaign until the end of the campaign. All documents and information exceeding the deadline are destroyed.

Electronic newsletters

Should you decide to join our mailing list, you will be sent news from the Estonian Tourist Board of EAS, information on products and services, etc. Should you wish to opt out of receiving e-mails in the future, you will find detailed instructions on how to cancel your subscription at the end of each letter. You can also contact us via our Website for the same purpose. We may use third-party service providers to assist us in administering our business and Website or for them to take action on our behalf, such as sending out newsletters or surveys. We may share your data with such third parties for limited purposes, provided that you have given us permission to do so.

References to other websites

You may find advertisements and other content on our Website that direct you (via links) to the websites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. The content and links displayed on such websites are outside of our control, and we are not responsible for the practices of websites linked from our own Website (or linking to our Website). Additionally, such websites or services, including their content and links, may constantly change. Such websites may have their own distinctive privacy and customer service policies, and they are therefore not subject to our Privacy Policy. Browsing and communication on any other website, including websites containing a link to our Website, are regulated by the policies of that website.

Amendments to Privacy Policy

The Estonian Tourist Board of EAS has the right to update this policy at any time. Should we do so, we will post an appropriate notice thereof on the home page of our Website. We recommend that you visit this page regularly to keep up to date on how we help to protect the personal data we collect. It is essential that you are aware of your obligation to review this Privacy Policy from time to time and to keep yourself up to date on any amendments thereto.

Cookie Policy

What are cookies?

As is the norm with professional websites, our Website uses cookies – small files that are downloaded to your computer in order to provide a better User experience on the Website. On this page, we describe what information the cookies collect, how we use it and why it is necessary to occasionally save these cookies. We also explain how you can decline to save cookies, although this may restrict or impede the performance of certain functions of the Website.

How we use cookies

We use cookies for a number of reasons as described below. In most cases, there are unfortunately no standard ways of declining cookies without fully impeding the use of the functions of the Website enabled by the cookies. You can set your web browser to decline cookies or notify you of the transmission of cookies.

You can decline cookies in the settings of your web browser. (More detailed instructions can be found in the Help section of your web browser.)Please bear in mind that declining cookies will affect the functions of this and many other websites you visit. Declining cookies usually also blocks certain functions of this Website. If you are uncertain whether you would like to allow or decline cookies, it is recommended to allow all cookies, since they are utilised to provide the service you are using.

Cookies used by us

If you create an account on our Website, we use cookies to guide the registration process and for overall management. Such cookies are usually deleted after you log out, but in some cases they may be retained in order to remember your preferences after you log out.

We use cookies while you are logged in to remember this fact. In this way, you do not have to log in again each time you visit the Website. These cookies are generally removed or deleted when you log out in order to ensure that only logged-in Users of the Website have access to its limited functions and areas.

The services provided on this Website include newsletter and e-mail subscriptions, wherein cookies may be used to remember whether you have already registered and whether certain notices that may only apply to subscribed/unsubscribed Users should be displayed.

Occasionally, we offer you surveys to respond to in order to collect useful information and utilise better tools in the future or to get a better picture of the Users of our Website. In connection with the surveys, cookies may be used in order to remember who has already responded to the survey and to display accurate results after you have moved on to the next page.

If you submit data via a form on the contact page or in the comment section, cookies may be used in order to retain your User data for further correspondence.

In order to offer you an outstanding User experience on this Website, we have enabled a function that allows you to adjust the settings of the Website according to your preferences. In order to remember your preferences, we have to set cookies in such a way that this information can be used at any time when communication with the Website is affected by your preferences.

Third-party cookies

In some exceptional cases, we also use cookies provided by reliable third parties. The cookies which may be used on our Website are detailed below.

This website uses Google Analytics, which is one of the most common and reliable analytical tools on the web and which helps us to understand how Users use our Website and how we can improve their User experience. These cookies may, for example, keep track of how much time you spend on the Website or on the webpages you visit, which in turn helps us to display content that is of interest to you.

Occasionally, we try out new functions and modify the structure of the Website. During the testing of new functions, cookies may be used to ensure a consistent visitor experience on our Website, all the while helping us to understand which optimisation measures the Users of our Website find the most valuable. To this end, we use a tool called Hotjar.

You can use direct links on our Website that direct you to third-party websites where you can purchase services or products. Since it is important to us to understand which products and services to display on our Website and how many visitors to our Website use such direct links, we use cookies that keep track of how many people click on these links.

The content of our Website and information on our activities are displayed by various partners, and tracking cookies enable us to see whether Users have reached our Website via one of our partner websites, so that we can work more closely together.

We also use social media buttons and/or plugins (AddThis) on this Website in order to enable you to connect to your social networking sites in various ways. For this to work, multiple social networking sites make use of cookies via our Website, which may be used to improve your profile on their website or supplement any data they have collected in accordance with their privacy policy. Such social networking sites include Facebook, Twitter, Instagram, Pinterest and LinkedIn.


The following is a more detailed overview of the cookies used on our Website: 

_ga (2 years) 

Creates a unique ID of your visit, under which it collects statistics on visitor behaviour. 

_gat (24 h) 

Creates a unique ID of your visit, under which it collects statistics on visitor behaviour. 

_collect (session) 

Used in order to identify your web browser, operating system and the page you landed from. 

AWSELB (session) 

Used in order to distribute incoming traffic between servers and increase Website speed. 

AWSELBCORS (session) 

Registers which server you keep using after a server has been assigned by the previous cookie for you to use. 

rc::c (session) 

Used in order to differentiate human Users from robots. 

__utmt 

Used in order to restrict demand. 

_at.cww (constant) 

Used by the AddThis module in order to measure article-sharing via social media channels. 

_fbp (3 months) 

Used by Facebook in order to collect statistical data on your activities on the web. 

ads/ga-audiences (session) 

Used by Google Ads in order to redisplay advertisements for you if you have shown interest in the content of our Website. 

IDE (1 year) 

Used by Google DoubleClick in order to measure your activities on the web and thereby assess the effectiveness of advertisements. 

Loc (1 year) 

Used in order to detect your physical location and thereby simplify the consumption of web content. 

plumbr_user_tracker (permanent cookie) 

Counts how many times a page is visited from a certain device. Even if the page is visited by the same person but from three separate devices, it counts as three separate people.

Further information:

Hopefully you have found this section helpful. If you are uncertain whether to allow or decline the use of cookies, we recommend allowing it in order to ensure that none of the functions of the Website are restricted. 

Personal data breach

In the event of a personal data breach that constitutes a likely threat to your rights and freedoms, we will prepare any relevant documents thereon. We will definitely take measures to bring the breach to an immediate end.

If the breach results in a potentially serious threat to your rights and freedoms, we will also notify you of this. The purpose of the notice is to enable you to take the necessary precautions to mitigate the situation.

Contacting us

If you have any questions about this Privacy Policy or personal data, the practices of this Website or other topics related to the use of the Website, please do not hesitate to contact us.

•            If you have any questions about the Website, please e-mail us at info@visitestonia.com.

•            If you have any questions about personal data, please e-mail the Data Protection Specialist of EAS at andmekaitse@eas.ee.

Last update: 24.07.2020

Last updated : 24.07.2020
Newsletter