Privacy Policy

Last updated: September 13, 2025

1. Introduction

Serokell OÜ ("we," "our," or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

This policy applies to information we collect:

  • On this website
  • In email, text, and other electronic messages between you and this website
  • Through our services

2. Information We Collect

2.1 Personal Information

We may collect and process the following personal information:

  • Contact Information: Name, email address, phone number, company name
  • Project Information: Project details, requirements, budget, timeline
  • Communication Records: Messages, emails, and other communications
  • Technical Information: IP address, browser type, operating system

2.2 Automatically Collected Information

When you visit our website, we automatically collect certain information:

  • Browser and device information
  • Website usage data and analytics
  • Cookies and tracking technologies data
  • Referral source information

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Provision: To provide, maintain, and improve our programming services
  • Communication: To respond to inquiries, provide customer support, and send updates
  • Business Operations: To process transactions, manage projects, and conduct business activities
  • Marketing: To send promotional materials and newsletters (with your consent)
  • Legal Compliance: To comply with legal obligations and protect our rights
  • Website Improvement: To analyze usage patterns and improve our website functionality

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Consent: When you have given clear consent for specific processing activities
  • Contract: When processing is necessary for contract performance
  • Legal Obligation: When we must comply with legal requirements
  • Legitimate Interest: When processing is necessary for our legitimate business interests

5. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties, except in the following circumstances:

  • Service Providers: Trusted third parties who assist in operating our website and conducting business
  • Legal Requirements: When required by law or to protect our rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you have explicitly agreed to the disclosure

6. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services and support
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Achieve the purposes outlined in this policy

Typically, we retain:

  • Contact form submissions: 3 years
  • Project-related data: Duration of project + 7 years
  • Website analytics: 26 months
  • Marketing communications: Until consent is withdrawn

7. Your Rights Under GDPR

If you are a resident of the European Economic Area (EEA), you have the following rights:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of processing activities
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at [email protected].

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • SSL/TLS encryption for data transmission
  • Secure storage systems with access controls
  • Regular security assessments and updates
  • Employee training on data protection
  • Incident response procedures

9. International Data Transfers

As an Estonian company serving CIS countries, we may transfer your data internationally. We ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard contractual clauses
  • Binding corporate rules
  • Certification schemes

10. Cookies and Tracking

Our website uses cookies and similar tracking technologies. For detailed information about our cookie practices, please see our Cookie Policy.

11. Third-Party Services

Our website may contain links to third-party websites or services. This Privacy Policy does not apply to third-party services. We encourage you to review their privacy policies.

12. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware of such collection, we will delete the information promptly.

13. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by:

  • Posting the updated policy on our website
  • Updating the "Last updated" date
  • Sending email notifications for material changes

14. Contact Information

For questions about this Privacy Policy or our data practices, contact us:

Serokell OÜ
Email: [email protected]
Phone: +372 6991531
Address: Harju maakond, Tallinn, Kesklinna linnaosa, Pille tn 11/1-32, 10138, Estonia
Registration Number: 14049961

15. Data Protection Officer

For data protection inquiries, you may contact our Data Protection Officer at [email protected].

16. Supervisory Authority

You have the right to lodge a complaint with the Estonian Data Protection Inspectorate:

Andmekaitse Inspektsioon
Website: www.aki.ee
Email: [email protected]
Phone: +372 627 4135