Privacy Policy

1. Data Controller

The controller of your personal data is:

This privacy policy explains how we collect, use, store, and protect your personal data in accordance with the European Union General Data Protection Regulation (GDPR) and the Estonian Personal Data Protection Act (IKS).

2. Data We Collect

We may collect and process the following personal data:

• Contact data: name, email address, phone number
• Company data: company name, registry code, address
• Order data: ordered services, files, project descriptions
• Technical data: IP address, browser type, visit time
• Communication data: correspondence, feedback, inquiries

3. Legal Basis and Purposes of Data Processing

We process your personal data on the following bases (GDPR Article 6):

• Contract performance (Art. 6(1)(b)): provision of services, fulfillment of orders, preparation of quotations, issuing invoices
• Legal obligation (Art. 6(1)(c)): accounting, tax reporting
• Legitimate interest (Art. 6(1)(f)): website improvement, analytics, ensuring customer service quality, preparing marketing materials
• Consent (Art. 6(1)(a)): newsletters and marketing communications (only with your consent)

4. Data Retention

We retain your personal data only as long as necessary to fulfill the purpose for which it was collected or to comply with legal obligations.

• Customer data: up to 3 years after the last transaction
• Accounting documents: 7 years as required by law
• Technical logs: up to 1 year
• Marketing consent: until withdrawal of consent

5. Data Sharing and Third Countries

We do not sell, rent, or share your personal data with third parties, except in the following cases:

• Partners necessary for service delivery (e.g., payment services, courier services)
• Legal obligations (e.g., tax authority, court orders)
• Your explicit consent

For website analytics, we use Umami, whose servers are located in the EU. We do not transfer personal data to third countries outside the European Economic Area (EEA).

6. Your Rights

Under the GDPR, you have the following rights:

• Right of access: right to obtain information about your data
• Right to rectification: right to request correction of inaccurate data
• Right to erasure: right to request deletion of data ("right to be forgotten")
• Right to restriction: right to restrict data processing
• Right to data portability: right to receive your data in a structured format
• Right to object: right to object to data processing
• Withdrawal of consent: where processing is based on consent, you may withdraw it at any time

To exercise your rights, please contact us at .... We will respond to your request within 30 days.

7. Automated Decisions

We do not use automated decision-making or profiling that would have legal consequences for you.

8. Cookies

Our website may use cookies to improve user experience. Cookies are small text files stored on your device.

We use the following cookies:

• Essential cookies: to ensure basic website functionality
• Analytical cookies: to collect visitor statistics (Umami — privacy-friendly analytics that does not track personal data)

You can manage cookies through your browser settings. Disabling cookies may affect website functionality.

9. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes the use of SSL encryption for data transmission.

10. Changes

We may update this privacy policy from time to time. In case of significant changes, we will notify you through our website. We recommend regularly visiting this page.

11. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to file a complaint with the Estonian Data Protection Inspectorate: