Privacy Policy

Effective date: Jul 15, 2026 1:32 PM


1. TERMS

Platform - online platform “COVERE²” that can be accessed through the website https://covere2.eu and underlying web pages and associated Content, which offer you the possibility to purchase Resources.

ELEKS - Eleks Holding OÜ, an Estonian Company with Reg. No. 12995761, having its principal place of business at: Kursi st 3, North-Tallinn district, Tallinn, Harju County, 10415, Estonia. You can find more information about Eleks on the website https://eleks.com/. ELEKS is a controller of personal data processed via Platform.

User - anyone, who access and use the Platform and whose Personal Data is processed by Eleks.

Client - legal entity on behalf of which the User access and use the Platform.

info@covere2.eu - ELEKS contact email you can reach any time you have questions concerning this Privacy Notice.

Any other capitalized terms used in this Privacy Notice have the meanings assigned to them in the COVERE² Platform Terms of Use (“Terms”), available by the link Terms of Service.

2. GENERAL INFORMATION

We at ELEKS respect your personal data and want to be GDPR-friendly. That is why we have tried to make information in this Privacy Notice understandable and clear, while boring only to the extent, required by the law. This Privacy Notice describes ELEKS practices regarding the collection, use, and disclosure of the information ELEKS collects from and about Users of the Platform.

3. THE COLLECTION AND USE OF INFORMATION

ELEKS processes Users’ personal data based on an agreement with Client or User as specified in the Terms, to enable the usage of the Platform, selling Resources and offer Professional Services. We will not use or share information with anyone except as described in this Privacy Notice.

COVERE² collects the following data about the Users:

#Data CategoryPurpose for processingLegal Basis
1First Name - First name specified by a user on the Profile registrationIdentification of a User in order to fulfil the contractContract
2Middle Name -Middle name specified by a user in the Profile (optional)Used for identification of a user in order to fulfil the contractContract
3Last Name - Last name specified by a user on the Profile registrationIdentification of a user in order to fulfil the contractContract
4Phone Number - Phone number specified by a user in the Profile (optional)User supportContract
5Email Address - Email address specified by a user on the Profile registrationUsername on login, Notifications, User support, Product analytics , Advertising and marketing, Multi-factor authenticationContract, Legitimate interest for analytics, Consent for advertising and marketing
6Job Title and Industry - Job Title and Industry of work specified by a user in the Profile (optional)Used to provide services relevant for the user's job title.Contract
7Country - Country name specified by a user in the Profile (optional)Used to provide services related to the user's physical location.Contract
8City/Town - Name of a city or town specified by a user in the Profile (optional)Used to provide services related to the user's physical location.Contract
9Team Name - Specified by a user for Team Profile registrationTeam Name may match the Company the User work for or other Name and used to provide services, namely identify a group of Users that will share purchased Resources withing the Team Profile.Contract
10Team Size, Team Website, Team Industry, Location - Specified by a user in the Team Profile (optional)Used to provide services related to the user's occupation and professional interest.Contract
11Full Name, Email, Organization Name - Details provided when submitting “Contact Us" or “Book a Demo” FormsData used to be able to contact the User and promote the Services relevant for such User.Legitimate interest

4. PROTECTING INFORMATION

Microsoft Azure environment

The COVERE2 instance is hosted in a Microsoft Azure environment situated in the Azure North Europe data centre. ELEKS has established efficient Information Security controls in line with ISO27001 and SOC 2 standards in order to protect the COVERE2 environment. Those controls include Azure web application firewall, collection/analysis of logs using Azure Application & Containers Insights, periodical vulnerability scanning.

Identity access management

Identity access management The Platform uses a secure, custom-built authentication and authorization system to manage user access. This system ensures that only authorized users can access protected areas of the Platform and that all authentication data is handled in a safe and compliant manner.

Since the Platform is a public web site, it uses multi-factor authentication (MFA).

The chosen data centre location is in Northern Europe — this means that the COVERE2 data is geographically stored in Europe.

Data encryption.

The PII stored in the database is protected with an encryption.

User inactivity.

If a user becomes inactive for 90 days, user Profiles will be permanently deleted.

Project-level security measures

Platform development is performed in line with ISO 27001 compliant ELEKS Secure Software Development Life Cycle (SSDLC). Periodical security testing of the Platform includes Static Application Security Testing (SAST, code review) and Dynamic Application Security Testing, activities.

Company-level security measures

ELEKS Group is ISO-27001 and SOC 2 certified organization. On an organizational level, ELEKS has implemented the principles and controls of ISO 27001, an information security management system (ISMS) standard. The core ELEKS information security principles are:

  • Management commitment to information security
  • Security is part of our company culture
  • Proactive response to information security threats
  • Continuous information security education
  • Lead the research and innovations in the Information Security domain

ELEKS defines, implements, and continuously improves ISMS Policies, which are mandatory and apply to the whole organisation. ELEKS specialists, as well as consultants, contractors, and all other persons who can have authorized access to information resources, are familiar with and obliged to follow ELEKS ISMS Policies. The aforementioned policies apply to all information stored on physical or electronic data carriers, as well as any software and hardware that data processor possesses or temporarily uses. ISMS-related documents are reviewed at least annually.

5. USER RIGHTS

  1. The right to be informed.
  2. The right of the access.
  3. The right to rectification.
  4. The right to erasure ("right to be forgotten").
  5. The right to restrict processing.
  6. The right to data portability.
  7. The right to object.
  8. Your rights in relation to automated decision-making and profiling.
  9. The right to withdraw your consent.
  10. The right to lodge a complaint with a supervisory authority.

You have the right to complain either to a supervisory authority in the Member State where you live/work or to the Estonian Data Protection Authority.

For more information about your rights and how to exercise them we recommend visiting this perfect resource from the European Commission, which is available in many languages.

6. SHARING INFORMATION

ELEKS Group We may disclose your information to our affiliates or subsidiaries, which may be engaged in the data processing activities.

Service Providers We may disclose your data to third-party vendors, and service providers (Microsoft Azure, who perform some functions on our behalf, such as hosting, identity and access management, technical support, identity and access management, product analytics, legal and professional advisers. We’ll make sure that they treat it as protective as we do.

7. PLACE OF PROCESSING THE DATA

Your data will be processed and stored in the EU and may be accessed from Ukraine or the US by Eleks specialists, affiliates, etc. Nevertheless, your data will always be safe and under GDPR protection, despite where it is processed.

We treat your data as protective as the GDPR requires from the moment we’ve received it. If we transfer your data inside or outside ELEKS Group, we’ll use appropriate safeguards for personal data not to get outside of the GDPR scope.

8. PERIOD OF DATA PROCESSING

ELEKS will not store or otherwise process Users’ data for an “unlimited period”. Users’ data will be kept as long as we have a binding agreement with the User as specified in the Terms and no more than 1 year after the end or termination of such agreement. This rule does not apply to data that may be necessary for protecting legal claims or fulfilling legal obligations.

The Platform may contain links to third-party websites/systems, which are owned and operated independently of ELEKS. Therefore, any information you provide to those websites/systems will be governed by their own privacy notice principles and data collection practices. ELEKS assumes no responsibility or liability for information handling procedures and/or policies of such independent sites and systems.

10. COOKIES

Cookies are small pieces of text that are stored on your device when you visit a website. During your further visits to that website, the information stored in the cookie is sent back to the site. This allows the website to recognize you and tailor its content to your needs.

The Platform uses: •       Essential cookies – required for the Platform to work (e.g. login, security, session). These do not require your consent. •       Analytics cookies (Google Analytics) – used only with your consent to understand how visitors use the Platform and to improve it. We use the following analytics cookies:

− _ga (Google LLC). What it does: helps us see how many people visit the Platform and how they use it. What we collect: general information about usage, such as pages viewed, time spent on the Platform, device type and approximate location. How long it stays on your device: up to 2 years.

− _ga <id> (Google LLC). What it does: helps us group your actions into a single visit (session). What we collect: information about your activity during one visit. How long it stays on your device: up to 2 years.

These cookies do not identify you directly. They are only used if you agree to analytics cookies in the cookie banner. You can change your cookies preferences at any time in your browser settings.

11. CHANGES OF THIS NOTICE

We reserve the right to change this Privacy Notice at any time. We will post these changes here, along with the date of the last change, and inform the User by email. Changes become effective as soon as they are posted.

12. CONTACT US

You can reach us at info@covere2.eu, if you:

  1. Want to know more about privacy of your information
  2. Want to make any kind of claim or request with regard to your personal data
  3. Want to say that we are wrong in any privacy issue
  4. Want to share your thoughts on how we could make our privacy practices better