Legal - Privacy Policy

lightfulweb OÜ, Sepapaja tn 6, 15551 Tallinn, Estonia (hereinafter “we” or “lightfulweb”) is the controller responsible for the processing of your personal data in accordance with the General Data Protection Regulation (GDPR).

For data protection inquiries, please contact us at [email protected].

We may collect the following categories of personal data:

• Contact information: name, email address, phone number, and company name when you reach out to us via our contact page or email.
• Usage data: information about how you access and use our website, including your IP address, browser type, operating system, referring URLs, and pages visited.
• Communication data: the content of messages you send to us.

We process your personal data for the following purposes:

• To respond to your inquiries (Art. 6(1)(b) GDPR) — processing is necessary to take steps at your request prior to entering into a contract.
• To operate and improve our website (Art. 6(1)(f) GDPR) — we have a legitimate interest in ensuring the functionality and security of our website.
• To comply with legal obligations (Art. 6(1)(c) GDPR) — where required by applicable law.

Our website does not use cookies for tracking or advertising purposes. We do not use any third-party analytics services. Only technically necessary mechanisms may be used to ensure the proper functioning of the website.

We do not sell your personal data. We may share your data with trusted service providers who assist us in operating our website and conducting our business, provided they agree to keep your data confidential. We may also disclose data when required by law.

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Contact inquiries are typically retained for 12 months unless a business relationship is established.

Under the GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate personal data
• Request erasure of your personal data
• Restrict the processing of your personal data
• Data portability
• Object to the processing of your personal data

To exercise any of these rights, please contact us at [email protected]. You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date.