Privacy Policy

Last updated: December 28th, 2025

Data Controller

Estonian company (registry code: 16837541), located at Lai tn 3-11, Tallinn, Estonia ("Rise," "we," "our," or "us") is the data controller responsible for your personal data. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website (https://risedigital.ee, https://risedgtl.com) and services.

What Information We Collect

We collect the following personal data when you contact us, request a quote, or engage our services:

  • Name
  • Email address
  • Phone number
  • Company name (if applicable)
  • Project details you share with us

We also automatically collect certain technical data when you visit our website:

  • IP address
  • Browser type and version
  • Pages visited and time spent
  • Referring website

Providing your name, email, and project details is necessary to enter into a contract with us. If you do not provide this information, we cannot respond to your inquiry or deliver our services.

Under the GDPR, we process your personal data based on the following legal grounds:

  • Contract performance: To provide our web development services, communicate about projects, and fulfill our contractual obligations to you.
  • Legitimate interests: To improve our website and services, ensure network and information security, respond to inquiries from potential clients, and protect against fraud. These interests include website analytics to understand how visitors use our site, and communicating with existing clients about relevant services. Our legitimate interests do not override your fundamental rights and freedoms.
  • Legal obligations: To comply with applicable laws, such as tax and accounting requirements.
  • Consent: For marketing communications, which you can withdraw at any time.

How We Use Your Information

We use your personal data to:

  • Respond to your inquiries and provide quotes
  • Deliver web development, design, and software services
  • Communicate about ongoing projects
  • Send invoices and process payments
  • Improve our website and services
  • Comply with legal and regulatory obligations
  • Send marketing communications (only with your consent)

Who We Share Your Data With

We only share your personal data when necessary:

  • Service providers: Hosting providers, email services, and payment processors who help us operate our business. These providers are bound by data processing agreements and may only use your data to provide services to us.
  • Professional advisors: Accountants and legal advisors, as required for business operations.
  • Legal requirements: Government authorities or law enforcement when required by law or to protect our legal rights.

We do not sell your personal data or share it with third parties for their marketing purposes.

International Data Transfers

Rise is based in Estonia, a member of the European Economic Area (EEA). If we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Transfers to countries with an EU adequacy decision
  • Standard Contractual Clauses approved by the European Commission
  • Other legally approved transfer mechanisms

You may request a copy of the safeguards we use by contacting us.

Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy:

  • Client project data: For the duration of our business relationship plus 7 years, as required by Estonian accounting regulations.
  • Inquiry data: Up to 2 years if you do not become a client, unless you request earlier deletion.
  • Website analytics data: Up to 26 months.
  • Marketing consent records: Until you withdraw consent, plus a reasonable period to demonstrate compliance.

When data is no longer needed, we securely delete or anonymize it.

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your data when it is no longer necessary or when you withdraw consent.
  • Restriction: Request that we limit how we use your data in certain circumstances.
  • Data portability: Receive your data in a structured, commonly used format and transfer it to another controller.
  • Object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Withdraw consent: Withdraw consent for processing at any time, without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at [email protected]. We will respond within one month.

Right to Lodge a Complaint

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon):

  • Website: https://www.aki.ee
  • Email: [email protected]
  • Address: Tatari 39, 10134 Tallinn, Estonia

How We Protect Your Information

We implement appropriate technical and organizational measures to protect your personal data, including:

  • SSL/TLS encryption for data in transit
  • Secure hosting with access controls
  • Regular security assessments
  • Limited access to personal data on a need-to-know basis

While we take reasonable precautions, no method of transmission or storage is completely secure. We cannot guarantee absolute security of your data.

Cookies

We use cookies to improve your experience on our website. Cookies are small text files stored on your device.

Essential cookies: Required for the website to function properly. These cannot be disabled.

Analytics cookies: Help us understand how visitors use our website. We use privacy-focused analytics that do not track you across other websites.

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality.

Children's Privacy

Our services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on you.

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to read the privacy policies of any website you visit.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy on our website with a new effective date. Your continued use of our services after changes take effect constitutes acceptance of the updated policy.

Governing Law

This Privacy Policy is governed by the laws of Estonia. Any disputes shall be subject to the exclusive jurisdiction of the Estonian courts.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us:

Privacy Policy - Rise | Rise