Privacy Policy

This privacy policy explains how Visibilion OÜ processes personal data that website visitors, clients and people sending enquiries provide to us, or that is collected during the use of the website.

Visibilion OÜ processes personal data in accordance with applicable data protection requirements, including the European Union General Data Protection Regulation, or GDPR. Under the GDPR, the data subject must be provided, among other things, with information about the controller, the purposes of processing, the legal basis, the retention period and their rights.

1. Controller

The controller of personal data is:

If you have any questions about the processing of your personal data, you can contact us by email at info@visibilion.ee.

2. What personal data do we process?

We process only the personal data that is necessary for responding to enquiries, providing services, managing client communication, analysing website performance and improving marketing activities.

We may process the following data:

• name;
• company name;
• email address;
• phone number;
• website address;
• content of the message or enquiry;
• information provided about a service or project;
• billing data if a client relationship is created;
• technical data related to website use, such as IP address, device information, browser information and cookie-related data;
• aggregated data collected through marketing and analytics tools.

We do not knowingly collect special categories of personal data, such as health data, political opinions, religious beliefs or other sensitive data, unless the user voluntarily provides such information in their message.

3. How do we collect personal data?

Personal data is mainly collected when you:

• fill in a contact form on the website;
• send us an email;
• contact us by phone or through another communication channel;
• order a service from Visibilion;
• use our website;
• give consent for the use of cookies or marketing tools;
• communicate with us through social media or advertising channels.

When using the website, technical data may also be collected through cookies, analytics tools and advertising tools.

4. For what purposes do we process personal data?

We process personal data for the following purposes:

• responding to enquiries;
• contacting a potential client;
• preparing a consultation or offer;
• providing services and managing client relationships;
• planning and carrying out projects;
• invoicing and accounting;
• improving the website user experience;
• analysing website traffic and marketing results;
• measuring and optimising advertising campaigns;
• carrying out email marketing where there is a suitable legal basis;
• protecting legitimate interests, such as resolving disputes or ensuring service quality;
• fulfilling legal obligations.

We do not use personal data for purposes that are not related to Visibilion’s services, client communication, marketing, analytics or legal obligations.

5. Legal basis for processing personal data

When processing personal data, we rely on an appropriate legal basis. Data protection terms must specify the basis on which personal data is processed.

Performance of a contract or pre-contractual steps

If you send an enquiry, ask for an offer or start cooperation with us, we process your data in order to respond to the enquiry, prepare an offer, provide a service or fulfil an agreement.

Legitimate interest

We may process personal data on the basis of legitimate interest, for example to manage client communication, improve service quality, ensure website security, organise business communication and analyse marketing results. In the case of legitimate interest, we assess that our interests do not disproportionately harm the rights and freedoms of the data subject.

Consent

In certain cases, we process data on the basis of consent, for example when using marketing cookies, a newsletter or certain advertising tools. Consent can be withdrawn at any time.

Legal obligation

We also process data when it is necessary to fulfil accounting, tax or other legal obligations.

6. Contact forms and enquiries

If you fill in a contact form on the Visibilion website, we process the data you provide in order to respond to your enquiry and contact you. In such cases, we usually process your name, email address, phone number, company name, website address and the content of the enquiry.

Sending an enquiry does not automatically add you to a newsletter or marketing list, unless you have given separate consent for this or further communication takes place on another valid legal basis.

7. Email marketing

We may use email marketing to introduce our services, articles, offers or cooperation opportunities. If we send newsletters or marketing emails on the basis of consent, you can withdraw your consent at any time.

In communication with business clients, we may in certain cases also rely on legitimate interest if the communication is related to the company’s field of activity, previous cooperation or potential business interest. In such cases, the recipient always has the opportunity to opt out of further communication.

8. Cookies and analytics

The Visibilion website may use cookies and similar technologies to ensure that the website functions correctly, to improve user experience and to measure marketing and website performance.

Cookies may include:

• essential cookies that are necessary for the website to function;
• analytics cookies that help understand website use;
• marketing cookies that help measure and optimise advertising campaigns;
• third-party cookies, for example through Google or Meta tools.

We may use tools such as Google Analytics, Google Search Console, Google Ads, Meta Pixel or other analytics and advertising tools. These tools may collect information about website use, device, browser, visit source and user actions on the website.

Where consent is required by law, we ask for consent to use cookies through a cookie banner.

9. Third parties and service providers

We may transfer or make personal data available to third parties only when this is necessary for providing the service, website functionality, marketing measurement, invoicing, fulfilling legal obligations or protecting our legitimate interests.

Such parties may include, for example:

• web hosting service providers;
• email and communication service providers;
• accounting and invoicing service providers;
• analytics and advertising tool providers;
• CRM or form solution providers;
• IT and web development partners;
• public authorities where the transfer of data is required by law.

We do not sell personal data to third parties.

10. Transfer of personal data outside the European Economic Area

Some of the service providers or tools we use may process data outside the European Economic Area. In such cases, we use appropriate safeguards, such as European Commission adequacy decisions, standard data protection clauses or other mechanisms permitted under the GDPR. The European Commission treats measures such as adequacy decisions and standard contractual clauses as safeguards for data transfers to third countries.

11. How long do we retain personal data?

We retain personal data only for as long as necessary to fulfil the purpose for which the data was collected, or for as long as required by law.

In general:

• contact form enquiries are retained for a reasonable period in order to respond to the enquiry and manage possible further cooperation;
• client data is retained during the client relationship and after that within the retention periods required by law;
• accounting data is retained for the period prescribed by law;
• marketing consents are retained until consent is withdrawn or until the purpose of processing ends;
• analytics data is retained according to the retention periods set in the tools.

If personal data is no longer needed, we delete it or anonymise it.

12. Rights of the data subject

You have the right to receive information about how your personal data is processed and to exercise the rights arising from the GDPR. The GDPR covers the data subject’s rights, including the right to be informed, access data, request rectification, erasure and restriction of processing.

You have the right to:

• ask whether and what personal data we process about you;
• access your personal data;
• request correction of inaccurate data;
• request deletion of data where there is a legal basis for doing so;
• restrict the processing of personal data;
• object to processing where processing is based on legitimate interest;
• withdraw consent where processing is based on consent;
• request data portability where applicable;
• file a complaint with a supervisory authority.

To exercise your rights, write to us at info@visibilion.ee.

13. Filing a complaint

If you believe that the processing of your personal data does not comply with applicable data protection requirements, you have the right to contact us at info@visibilion.ee.

You also have the right to file a complaint with a supervisory authority. In Estonia, the supervisory authority is the Estonian Data Protection Inspectorate.

14. Data security

We apply reasonable technical and organisational measures to protect personal data from unauthorised access, alteration, disclosure or destruction.

Access to personal data is limited to the people and service providers who need it to perform a specific task, service or obligation.

15. Changes to the privacy policy

We may update this privacy policy from time to time if our services, website functions, tools used or legal requirements change.

The updated version will be published on the Visibilion website. We recommend reviewing the privacy policy from time to time.