← Back to home

Privacy Policy

1. Data controller

The controller of your personal data is SimilarGroup OÜ, a private limited company registered in the Estonian Commercial Register under registry code 16794249, VAT number EE102648250, with its registered seat at Katusepapi tn 4/2, 11412 Tallinn, Lasnamäe linnaosa, Harju maakond, Estonia (hereinafter: the "Controller" or the "Company").

Contact regarding personal data matters:

• Email: similargroupou@gmail.com
• Postal address: Katusepapi tn 4/2, 11412 Tallinn, Estonia

2. Legal basis

The processing of your personal data is carried out in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data ("GDPR") and the Estonian Personal Data Protection Act (Isikuandmete kaitse seadus).

3. Purposes and legal bases of processing

a) Contact via the form

Data provided in the contact form (full name, email, phone number, company name, message content) is processed in order to respond to your enquiry, based on your consent (Art. 6(1)(a) GDPR) and the legitimate interest of the Controller consisting in handling enquiries (Art. 6(1)(f) GDPR).

b) Contract performance and business cooperation

If you are our counterparty or represent a counterparty, we process data necessary for the conclusion and performance of the agreement (Art. 6(1)(b) GDPR) and to fulfil legal obligations imposed on the Controller, including tax and accounting obligations under Estonian law (Art. 6(1)(c) GDPR).

c) Establishing or defending claims

Data may be processed on the basis of the legitimate interest of the Controller consisting in establishing, pursuing or defending legal claims (Art. 6(1)(f) GDPR).

d) Analytical and statistical purposes

Subject to your consent, we may process data regarding your use of the website in order to improve its functioning (Art. 6(1)(a) GDPR).

4. Retention period

• Contact-form data — for the duration of the correspondence and up to 12 months thereafter.
• Contract-related data — for the duration of the contract and for the period required by law. Accounting documents are retained for 7 years in accordance with the Estonian Accounting Act (Raamatupidamise seadus).
• Data processed on the basis of consent — until consent is withdrawn.

5. Recipients of data

Your personal data may be disclosed to the following categories of recipients:

• providers of IT, hosting and email services;
• the contact-form service provider (Web3Forms — a third-party form-processing service);
• logistics and courier companies, to the extent necessary for order fulfilment;
• accounting, tax and legal service providers;
• public authorities, where required by law.

6. Transfers outside the EEA

In connection with the use of third-party service providers (including Web3Forms and Google Fonts), your data may be transferred to countries outside the European Economic Area. Such transfers are carried out on the basis of standard contractual clauses approved by the European Commission or another mechanism provided for in the GDPR.

7. Your rights

In connection with the processing of your personal data you have the following rights:

• the right of access to your data and to receive a copy thereof;
• the right to rectification;
• the right to erasure ("right to be forgotten");
• the right to restrict processing;
• the right to data portability;
• the right to object to processing;
• the right to withdraw consent at any time — without affecting the lawfulness of processing carried out before withdrawal;
• the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon), Tatari 39, 10134 Tallinn, Estonia.

8. Voluntary nature of providing data

Providing data is voluntary but necessary to achieve the selected purposes (e.g. to respond to an enquiry or to conclude a contract). Failure to provide the required data may prevent contact or service delivery.

9. Automated decision-making

The Controller does not take decisions in an automated manner, including profiling, within the meaning of Art. 22 GDPR.

10. Changes to the Privacy Policy

The Controller reserves the right to amend this Privacy Policy. The current version is always published at this address.

11. Cookies

The rules for the use of cookies are described in a separate document — see the Cookie Policy.