This Privacy Policy explains how Tuuriowholes OÜ ("we", "our", "us"), registered in Estonia, collects, uses, stores, and protects personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Estonian Personal Data Protection Act.
1 Data Controller
The data controller responsible for your personal data is:
- Tuuriowholes OÜ
- Registered in Estonia (EU)
- Tallinn, Estonia
- info@tuuriowholes.com
- tuuriowholes.com
2 Data We Collect
We collect personal data only when you voluntarily provide it to us or when it is generated through your use of our website. This includes:
Contact Form Data
- Full name
- Company name
- Email address
- Service interest selection
- Message content
Automatically Collected Data
- IP address (anonymised where possible)
- Browser type and version
- Pages visited and time spent
- Referring URLs
- Cookie data (see our Cookie Policy)
3 How We Use Your Data
We use collected personal data solely for the following purposes:
- Responding to enquiries submitted via our contact form
- Providing export intermediation services and related communications
- Sending relevant business information you have requested
- Improving our website performance and user experience
- Complying with legal obligations under Estonian and EU law
We do not use your data for automated decision-making or profiling.
4 Legal Basis for Processing
Under GDPR Article 6, we process your data based on the following legal grounds:
- Legitimate interest – responding to business enquiries and managing client relationships
- Contractual necessity – fulfilling service agreements with clients
- Consent – for any optional marketing communications (which you may withdraw at any time)
- Legal obligation – compliance with applicable Estonian and EU regulations
5 Data Sharing & Third Parties
We do not sell, rent, or trade your personal data. We may share data only in the following limited circumstances:
- Service providers – trusted processors such as hosting, analytics, or email platforms acting under data processing agreements
- Legal requirements – when required by law, court order, or competent authority
- Business transfers – in the event of a merger, acquisition, or sale of assets, subject to equivalent data protection commitments
All third parties are contractually bound to protect your data and use it only for specified purposes.
6 Data Retention
We retain personal data only for as long as necessary for the purposes described in this policy:
- Contact enquiries – retained for up to 3 years from last contact
- Client data – retained for the duration of the business relationship plus 5 years for legal compliance
- Website analytics – aggregated data retained for up to 26 months
After the retention period, data is securely deleted or anonymised.
7 Your Rights Under GDPR
As a data subject in the EU/EEA, you have the following rights:
- Right of access – request a copy of the personal data we hold about you
- Right to rectification – request correction of inaccurate or incomplete data
- Right to erasure – request deletion of your data ("right to be forgotten")
- Right to restriction – request that we limit how we process your data
- Right to portability – receive your data in a structured, machine-readable format
- Right to object – object to processing based on legitimate interests
- Right to withdraw consent – at any time, for consent-based processing
To exercise any of these rights, contact us at info@tuuriowholes.com. We will respond within 30 days. You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (aki.ee).
8 Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These include:
- HTTPS encryption for all data transmission
- Access controls limiting data access to authorised personnel only
- Regular security reviews and updates
- Data processing agreements with all third-party processors
9 International Data Transfers
As an Estonian company operating within the EU, most of our data processing occurs within the European Economic Area. Where data is transferred outside the EEA (e.g. to certain service providers), we ensure adequate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.
10 Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, technology, or our business practices. The "Last updated" date at the top of this page will always reflect the most recent version. We encourage you to review this policy periodically. Continued use of our website after any changes constitutes acceptance of the updated policy.
11 Contact Us
For any questions, requests, or concerns regarding this Privacy Policy or your personal data, please contact:
- Tuuriowholes OÜ
- Tallinn, Estonia
- info@tuuriowholes.com
Have questions about your data?
We are happy to help. Reach out to our team directly.
info@tuuriowholes.com