Privacy Policy

1. General Provisions

This Privacy Policy (hereinafter referred to as the “Policy”) describes how Funkagency OÜ (registry code 14741645, registered address: Sõpruse pst 145, Tallinn, Estonia) processes the personal data of visitors to the website veebi.ee (including the upd subdomain).

Funkagency OÜ operates in accordance with the EU General Data Protection Regulation (GDPR) and the Estonian Personal Data Protection Act.

2. Data Controller and Contact Information

The Data Controller for personal data is Funkagency OÜ.

For questions regarding the processing of personal data, you may contact us via:

  • E-mail: info@veebi.ee

  • Phone: +372 5621 3281

  • Postal Address: Sõpruse pst 145, 13425, Tallinn, Estonia.

3. What Data We Collect

When visiting the site, technical data may be processed automatically, including:

  • IP address;

  • Device and browser data;

  • Approximate location;

  • Information about pages viewed and time of visit (log files and analytics data).

When sending a feedback form via the “Contact” page, we process your name, e-mail address, the text of your message, and any other data you provide voluntarily.

4. Purposes and Legal Bases for Processing

  • Technical website data is processed to ensure the operation of the site, improve its security, quality, and usability.

    • Legal basis: Legitimate interest of the Controller (Art. 6(1)(f) GDPR).

  • Data submitted via the feedback form is processed to respond to inquiries, prepare service proposals, and for subsequent communication.

    • Legal basis: Performance of a pre-contractual agreement and legitimate interest (Art. 6(1)(b), (f) GDPR).

5. Use of Cookies and Analytics

The site may use cookies and similar technologies to save user preferences, track visit statistics, and improve content.

If third-party web analytics (e.g., Google Analytics or similar) are used, such services receive anonymized technical data in accordance with their own privacy policies. Where necessary, we request consent for the use of analytical and marketing cookies.

6. Data Transfer and Storage

Personal data may be transferred to our service providers—hosting providers, e-mail services, analytics systems, CRM systems, and other IT contractors—with whom data processing agreements have been concluded.

Any transfer of data outside the European Economic Area (EEA), if applicable, is carried out only with appropriate safeguards (such as EU Standard Contractual Clauses or other mechanisms provided for by the GDPR).

7. Retention Periods

  • Technical logs and analytics data are stored for the period necessary to ensure security and statistics (usually up to 24 months), after which they are deleted or anonymized.

  • Correspondence and data received via the feedback form are generally stored for up to 3 years from the moment of the last contact, or longer if necessary to protect legal rights or fulfill legal obligations (e.g., accounting and contractual relations).

8. Rights of Data Subjects

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access;

  • Right to rectification;

  • Right to erasure (“right to be forgotten”);

  • Right to restriction of processing;

  • Right to data portability;

  • Right to object to processing based on legitimate interest.

To exercise your rights, please send a request using the contact details provided in Section 2. We will review the request and respond, generally within one month, in accordance with statutory deadlines.

9. Withdrawal of Consent and Marketing Communications

If specific processing activities are based on your consent (e.g., subscription to newsletters or marketing messages), you may withdraw your consent at any time by following the instructions in the message or by contacting us directly.

Withdrawal of consent does not affect the lawfulness of processing carried out prior to such withdrawal.

10. Data Protection

We implement technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction, taking into account the level of risk and current information security standards.

Access to personal data is restricted to employees and partners who need it to perform their professional duties and who are bound by confidentiality obligations.

11. Complaints and Supervisory Authority

If you believe that your data protection rights have been violated, you may first contact us so that we can resolve the situation.

You also have the right to file a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or the supervisory authority of the EU member state of your residence.

12. Changes to the Policy

We may periodically update this Policy to reflect changes in legislation, our practices, or services. The current version of the Policy is always available on the website veebi.ee; the date of the last update is indicated at the bottom of the page.