Everdust OÜ (“the Company”)

Data Request Policy

Effective date: 17.04.2024

Like many other companies, Everdust OÜ, company number 16927064, having its registered address at Harju maakond, Tallinn, Kesklinna linnaosa, Narva mnt 5, 10117, receives requests from Users and government agencies inquiries concerning Personal Data.

This Data Request Policy addresses those issues and outlines our policies and procedures for responding to such inquiries

Terms and headings used in this Data Request Policy that are not defined have similar meanings to those in the Privacy Policy.

This version of the Data Request Policy is valid from the Effective Date.

We may make changes from time to time without your consent. The new version will be valid from the time of the changes noted at the beginning of this Data Request Policy.

Data Request by Users

The User can enforce the following rights using the web form:

to access Personal Data;
to rectification of Personal Data;
to erasure (deletion) of Personal Data;
to restrict processing of your Personal Data;
to Personal Data portability;
to object Processing of Personal Data;
to reject automated individual decision-making (profiling);
to withdraw consent;
to marketing/send out, opt out;
to ask a question and/or make a claim on Personal Data Processing.

The specific verification methods we use include:

request for information;
email verification.

Upon receipt of the completed Data Subject Request form, verification, and review of sufficient details enabling us to locate your Personal Data within our information systems, we will provide the User with information within 30 calendar days. This period may be extended by up to additional 60 calendar days under some circumstances.

If the User fails verification or we have reasonable personality doubts, we shall provide a message stating that we have doubts, why we have these doubts, and why, in this case, we cannot respond.

Data Requests by Authorities

All requests by courts, government agencies, Data Protection Authorities, or parties involved in litigation for User Personal Data disclosures should be sent to support@dust.space and include the following information:

the requesting party,
the relevant criminal, civil, or other matter, and
a description of the specific User's Personal Data being requested, including the relevant User’s name.

All requests should be specific, focused on the specific User’s Personal Data, and prepared in accordance with Estonian laws.

We will only process the request if required to do so by law or on the good-faith belief that such action is necessary to:

conform to applicable law or comply with legal process;
protect and defend our rights or property, the Website, or our Users;
respond to a Third Party that alleges that the User has infringed the intellectual property rights; or
act to protect personal safety of us, Users, or the public.

We will review the legality of any request for disclosure and challenge the request if, after careful assessment, we conclude that there are reasonable grounds to consider the request unlawful under the laws of Estonia and other applicable legal rules.

We will notify the User before disclosing any of the User’s Personal Data so that the User may seek protection from such disclosure unless we are prohibited from doing so or there is a clear indication of illegal conduct or risk of harm to people or property associated with the use of such User’s Personal Data.

We may seek reimbursement for costs in responding to requests as provided by law and may charge additional fees for costs in responding to unusual or burdensome requests.