Privacy Policy

Last updated: 12 April 2026

1. Data Controller

OBEXDATA OÜ
Harju maakond, Tallinn, Kesklinna linnaosa, Tartu mnt 67/1-13b, 10115, Estonia
Email: info@obexdata.io

2. What Data We Collect

We collect personal data only when you voluntarily provide it through our contact form:

• Name — to address you personally
• Email address — to respond to your inquiry
• Message content — to understand your request

We do not use cookies, analytics, or any tracking technologies on this website.

3. Legal Basis for Processing

We process your personal data based on:

• Article 6(1)(b) GDPR — processing necessary to take steps at your request prior to entering into a contract (responding to your inquiry)
• Article 6(1)(f) GDPR — legitimate interest in communicating with prospective clients

4. How We Use Your Data

Your data is used solely to:

• Respond to your inquiry
• Follow up on potential business engagements

We do not sell, rent, or share your personal data with third parties for marketing purposes.

5. Third-Party Processors

Contact form submissions are processed through FormSubmit (formsubmit.co), which forwards the data to our email. FormSubmit does not store submissions permanently. For details, refer to FormSubmit's privacy policy.

6. Data Retention

We retain your contact data for as long as necessary to fulfill the purpose for which it was collected, typically no longer than 12 months after your last communication with us, unless a business relationship is established.

7. Data Transfers

Your data may be transferred to servers outside the European Economic Area (EEA) through our email and form processing services. Where such transfers occur, they are protected by appropriate safeguards including Standard Contractual Clauses (SCCs) or adequacy decisions.

8. Your Rights

Under the GDPR, you have the right to:

• Access — request a copy of the personal data we hold about you
• Rectification — request correction of inaccurate data
• Erasure — request deletion of your data ("right to be forgotten")
• Restriction — request we limit processing of your data
• Data portability — receive your data in a structured, machine-readable format
• Object — object to processing based on legitimate interests

To exercise any of these rights, contact us at info@obexdata.io. We will respond within 30 days.

9. Supervisory Authority

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon):

Tatari 39, 10134 Tallinn, Estonia
Website: aki.ee

10. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date.