Back

Privacy Policy – NÜVIA OÜ (GDPR-Compliant)

Effective Date:

22 September 2025

Data Controller:

NÜVIA OÜ, Reg. No. 17301668, Estonia

1. Introduction

This Privacy Policy explains how NÜVIA OÜ collects, uses, discloses, and protects your personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. What Data We Collect

We collect the following categories of data:

  • Identity and contact data (e.g., name, email, phone)
  • Technical data (e.g., IP address, device type, browser, OS)
  • Usage data (e.g., pages visited, clicks, time spent)
  • Cookies and tracking IDs (see separate Cookies Policy)
  • Any information voluntarily provided via forms, feedback

3. Legal Basis for Processing (GDPR Article 6)

We process your personal data lawfully, on one or more of the following bases:

  • Consent (Art. 6(1)(a))
  • Contractual necessity (Art. 6(1)(b))
  • Legal obligation (Art. 6(1)(c))
  • Legitimate interests (Art. 6(1)(f)), e.g., fraud prevention, analytics, service improvement

4. Purposes of Processing

  • To provide and improve our services
  • To communicate with users
  • To analyze usage patterns
  • To ensure security and regulatory compliance

5. Data Sharing & Disclosure

We may share your personal data with:

  • Hosting, analytics, and communication service providers
  • Legal authorities where required
  • No sale of personal data occurs under any circumstances
  • Data is only shared with proper contractual safeguards

6. International Data Transfers

Data may be transferred to processors outside the EU/EEA. In such cases, we ensure protection via:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions under Article 45 GDPR
  • Binding corporate rules (BCRs) where applicable

7. Data Retention

We retain your personal data:

  • As long as necessary to fulfill the purposes stated
  • Or as required under Estonian and EU legal retention obligations (e.g., accounting, tax)

8. Your Rights under GDPR

You have the right to:

  • Access your data (Art. 15 GDPR)
  • Rectify inaccurate data (Art. 16)
  • Erase your data ("right to be forgotten", Art. 17)
  • Restrict or object to processing (Art. 18-21)
  • Data portability (Art. 20)
  • Withdraw consent at any time without affecting prior processing
  • Lodge a complaint with a Data Protection Authority

9. Supervisory Authority Contact

You may contact the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) at www.aki.ee

10. Contact

For privacy inquiries:

Email: contact@nuvia.me

Address: Ahtri tn 12, Tallinn 15551, Estonia

Create Next App