There are legal grounds necessary for the processing of personal data and we count on them to process your personal data. We use the main four grounds to process your personal data: consent, contract, legal obligation, and legitimate interests.
Consent – the freely given, informed, and unambiguous indication of your wishes to the processing of your personal data for a specific purpose which signifies agreement to the processing of personal data.
Contract – a legal ground for the processing of your personal data necessary for us to perform a contract or terms and conditions to which you are a party or in order to take steps at your request prior to entering into the contract or terms and conditions.
Legal obligations – a legal ground for the processing of your personal data when it is necessary for compliance with a legal obligation to which we are subject;
Legitimate Interests – a legal ground for the processing of your personal data when it is based on our legitimate interests or the legitimate interests of a third party, provided that those interests are not outweighed by your rights and interests and those interests have a specific purpose, they are necessary, and they are balanced.
Applicable laws have other legal grounds for the processing and when they are applicable we will count on such grounds.
If you have given consent to the processing of your data you can freely withdraw such consent at any time by contacting us.
If you do withdraw your consent, and if we do not have another legal basis for the processing of your data, then we will stop the processing of your personal data and will delete in specific situations, including in case if you request the deletion of your personal data and we are obliged to delete your personal data according to the applicable law.
If we have another legal basis for the processing of your data, then we will continue to do so, subject to your legal interests and rights.
When we process personal data, we have obligations according to the applicable laws. We act as a data controller when we determine the purposes and means of the processing of your personal data.
We process personal data when you interact with our website (the “Website”) or use our services, especially when:
We collect the following categories of personal data:
We never collect sensitive data. We do not use automated decision making or any kind of automated profiling. The recipients of the collected data are (1) the highest management level of our company for whom it is necessary to process personal data for the functionality of the company and (2) third-party service providers indicated below.
We process the data for:
You can exercise the following rights by contacting us.
You have the right to access information about you, especially:
The right to access information may be performed only by you or your legal representative. In case if you request the right to access information via a legal representative, you have to provide proof of whether such a person may represent you.
You have the right to make us correct any inaccurate personal data about you.
You have the right to the data portability of your data to another service or website. We will give you a copy of your data in a readable format so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the data to the other service for you.
You can object to using your personal data for profiling you or making automated decisions about you. We may use your data to determine whether we should let you know the information that might be relevant to you.
You have the right to be “forgotten”. You may ask us to erase any personal data about you if it is no longer necessary for us to store the data for purposes of your use of the Website.
You have the right to lodge a complaint regarding the use of your data by us. You can address a complaint to your national regulator (the list of the regulators are accessible via https://edpb.europa.eu/about-edpb/board/members_en).
Once we receive any of your requests we will consider and decide on it within one month unless there is a justified requirement to provide such information faster. This term may be extended according to the applicable law.
We may request specific information from you to confirm your identity when necessary and reasonable. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
You do not need to pay a fee to access information or other rights but we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive or refuse to comply with your request in these circumstances.
We have security and organizational measures and procedures to secure the data collected and stored and to prevent it from being accidentally lost, used, altered, disclosed, or accessed without authorization. We allow disclosure of your personal data only to those employees and companies who have a business need to know such data. They will process the personal data on our instructions and they are obliged to do it confidentially.
You acknowledge that no data transmission is guaranteed to be 100% secure and there may be risks. You are responsible for your login information and password. You shall keep them confidential. In case if your privacy has been breached, please contact us immediately. We have procedures in place to handle any potential data breach and we will inform a regulator of a breach if we are legally required to do so.
The personal data is collected and processed by the company incorporated in Estonia and the servers are located in Germany.
There are the following third parties:
LinkedIn, Twitter, YouTube, Telegram, GitHub, Discord, medium, Reddit.
We store personal data as long as we need it and the retention practice depends on the type of data we collect, regulatory burden, and how we use the personal data. The retention period is based on criteria that include legally mandated retention periods, pending or potential litigation, tax and accounting laws, intellectual property or ownership rights, contract requirements, operational directives or needs, and historical archiving.
In some circumstances, we may anonymize your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you. For the purposes of the KYC/AML, we will store and process your personal data for 5 (five) years.
If you still have any question or need clarification with regard to our privacy practice, please contact us: Guardarian OÜ, a private limited company incorporated in Rotermanni 2, 10111, Tallinn , Estonia. Email: [email protected]