GDPR Compliance

GDPR Compliance Statement

Last updated: October 2025
EU GDPR Compliant

Our Commitment to Data Protection

At Kontorva OÜ, we take data protection and privacy seriously.

This statement explains how we ensure that our Ärikaart platform and all related operations comply with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Estonian Personal Data Protection Act.

Data Protection Overview

Our GDPR Compliance Framework

Comprehensive data protection measures for B2B professionals

User Data

  • Name and company details
  • Business email and phone
  • Billing information
  • Login credentials

Usage Data

  • Access logs and IP addresses
  • Browser and device information
  • Feature usage metrics
  • Activity tracking

B2B Public Data

  • Company registration info
  • Financial data
  • Public contact details
  • Ownership structure

Support Data

  • Help desk communications
  • Feature requests
  • Bug reports
  • Feedback messages

Security & Technical Measures

Industry-standard security protecting your data

Encryption

TLS/SSL in transit, AES-256 at rest

Access Control

Secure credentials & 2FA

EU Hosting

DigitalOcean EU data centers

Regular Audits

Vulnerability scans & assessments

Your Rights

Data Subject Rights Under GDPR

Comprehensive rights regarding your personal data

Right of Access

Request a copy of all personal data we hold about you

Right to Rectification

Correct inaccurate or incomplete information

Right to Erasure

Request deletion of data (Right to be Forgotten)

Right to Restrict Processing

Limit how your data is used

Right to Data Portability

Obtain data in machine-readable format

Right to Object

Object to processing based on legitimate interests

To exercise any of these rights, contact us at privacy@kontorva.com. We will respond to your request within 30 days, as required by GDPR.

Complete GDPR Statement

Full GDPR Compliance Statement

Detailed information about our data protection practices

1

Our Role Under GDPR

2

Lawful Basis for Processing

3

Data We Process

4

Data Sources

5

Data Storage and Security

6

International Data Transfers

7

Data Retention

8

Your Rights Under GDPR

9

Subprocessors

10

Data Breach Procedure

11

Data Protection Officer (DPO)

12

Updates to This Statement

For questions about our GDPR compliance, please contact our Data Protection Officer

Questions About Data Protection?

We're committed to GDPR compliance and protecting your data. Contact our Data Protection Officer for any questions or to exercise your rights.

30-day response time
GDPR Article 6 compliance
EU data residency