Privacy Policy

1. Data Controller

The data controller responsible for your personal data is:

2. Information We Collect

We collect information that you provide directly to us, including:

• Contact Information: Name, email address, phone number, company name when you contact us or request our services
• Project Information: Details about your business needs, project requirements, and technical specifications
• Communication Data: Records of correspondence with our team
• Payment Information: Billing details for invoicing purposes (processed through secure payment providers)

Automatically Collected Information

When you visit our website, we may automatically collect:

• IP address and general location data
• Browser type and version
• Pages visited and time spent on our website
• Referring website addresses

3. How We Use Your Information

We use your personal data for the following purposes:

• To provide and deliver our services
• To communicate with you about projects and inquiries
• To process payments and send invoices
• To improve our website and services
• To comply with legal obligations
• To send occasional updates about our services (with your consent)

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill our contractual obligations to you
• Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our services
• Consent: Where you have given explicit consent for specific processing activities
• Legal Obligations: Processing required to comply with applicable laws

5. Cookies and Tracking

Our website uses cookies and similar technologies to enhance your experience. These include:

• Essential Cookies: Required for the website to function properly
• Analytics Cookies: Help us understand how visitors use our website
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality.

6. Data Sharing

We do not sell your personal data. We may share your information with:

• Service Providers: Third-party vendors who assist in delivering our services (hosting, payment processing, analytics)
• Legal Requirements: When required by law or to protect our legal rights
• Business Transfers: In connection with a merger, acquisition, or sale of business assets

All third-party service providers are required to maintain the confidentiality and security of your data.

7. International Data Transfers

As an Estonian company operating within the EU, your data is primarily processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal and accounting requirements. Project-related data is typically retained for 7 years following project completion. Contact form submissions are retained for 2 years unless a business relationship is established.

9. Your Rights

Under the GDPR, you have the following rights:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data (“right to be forgotten”)
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at privacy@synapseengine.ee.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption, access controls, and regular security assessments.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the updated policy on our website with a new “Last updated” date.

12. Supervisory Authority

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with the Estonian Data Protection Inspectorate:

13. Contact Us

For any questions about this Privacy Policy or our data practices, please contact: