Privacy Policy

1. Introduction

Flowrigin OÜ ("we", "our", "us") is committed to protecting and respecting your privacy. This privacy policy explains how we collect, use, share, and protect your personal information in accordance with the General Data Protection Regulation (GDPR) and applicable Estonian data protection laws (Isikuandmete kaitse seadus).

2. Data Controller

3. Data We Collect

3.1 Data you provide to us

• Identification information: first name, last name, email address
• Professional information: company name, job title, industry sector
• Contact information: phone number, postal address
• Communication data: messages sent via our contact forms

3.2 Data collected automatically

• Navigation data: IP address, browser type, pages visited
• Cookies and similar technologies: session identifiers, preferences
• Technical data: operating system, screen resolution
• Analytics data: visit duration, user journey

4. Purposes of Processing

We use your personal data to:

• Service provision: respond to your requests, provide our AI services
• Communication: send you information about our products and services
• Improvement: analyze usage to improve our services
• Security: detect and prevent fraud and abuse
• Legal obligations: comply with our regulatory obligations
• Marketing: inform you of our news (with your consent)

5. Legal Basis for Processing

We process your data on the following legal bases:

• Consent: for marketing and non-essential cookies
• Contract performance: to provide our services
• Legitimate interest: to improve our services and ensure security
• Legal obligation: to comply with applicable legislation

6. Data Sharing

We may share your data with:

• Service providers: web hosting, email services, analytics
• Technology partners: AI and cloud infrastructure providers
• Legal authorities: if required by law or to protect our rights

We never sell your personal data to third parties. All our service providers are subject to strict confidentiality and security obligations.

7. International Transfers

Some of our data may be processed outside the European Union. In such cases, we ensure that appropriate safeguards are in place (standard contractual clauses, Privacy Shield, etc.) in accordance with GDPR.

8. Data Retention

We retain your personal data:

• Account data: for the duration of your account + 3 years
• Billing data: 10 years (accounting obligations)
• Analytics cookies: 13 months maximum
• Contact data: 3 years after last contact

9. Your Rights

Under GDPR and Estonian data protection law, you have the following rights:

• Right of access: obtain a copy of your personal data
• Right to rectification: correct inaccurate data
• Right to erasure: delete your data ("right to be forgotten")
• Right to restriction: limit the processing of your data
• Right to data portability: receive your data in a structured format
• Right to object: object to the processing of your data
• Right to withdraw consent: withdraw your consent at any time
• Right to lodge a complaint: file a complaint with the Andmekaitse Inspektsioon (AKI)

To exercise your rights, contact us at: [email protected]

10. Cookies

Our site uses the following cookies:

10.1 Essential cookies

Necessary for the site's operation (session, security). These cookies do not require your consent.

10.2 Analytics cookies

To measure audience and improve our services (Google Analytics, etc.). Require your consent.

10.3 Cookie management

You can manage your cookie preferences via our consent banner or your browser settings.

11. Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, destruction, or accidental disclosure:

• SSL/TLS encryption for data transmissions
• Strict access controls and authentication
• Regular security monitoring and audits
• Staff training on data protection

12. Minors

Our services are not intended for persons under 16 years of age. We do not knowingly collect personal data from minors. If you believe we have collected data from a minor, contact us immediately.

13. Changes

We may modify this privacy policy at any time. Significant changes will be communicated by email or via a notice on our site. The date of last update will always be indicated at the top of this page.

14. Contact