ET EN FI
Get a quote

Privacy Policy

Home / Privacy Policy
GDPR

Last updated: 9 June 2026

SKW Eesti OÜ (address Mere 2, Aseri 43401, Estonia) is the data controller of this website under the European Union General Data Protection Regulation (GDPR, 2016/679) and the Estonian Personal Data Protection Act. This policy explains what data we collect about you, how we use it, and what your rights are.

1. Data Controller

SKW Eesti OÜ
Mere 2, Aseri 43401, Lääne-Virumaa, Estonia
Email: janner@skw.ee
Phone: +372 5146774

2. What data we collect

2.1 Contact form input

When you use our contact form, we collect:

  • Name: to address you
  • Email address: to reply to you
  • Message content: to understand your inquiry

Messages are forwarded via the email service provider FormSubmit.co (Florida, USA: Standard Contractual Clauses) to our email address janner@skw.ee.

2.2 Website usage information (analytics)

If you give consent, we use Google Analytics 4, which collects anonymous data: page views, navigation patterns, browser, device, approximate location (city level, IP-anonymized), session duration. GA4 does not collect name, email, or other directly identifying information.

2.3 Cookies

We use the following cookies:

  • skw_consent (essential, 1 year): stores your consent choice
  • skw_session (essential, until session end): admin login
  • _ga, _ga_* (analytics, 2 years): Google Analytics, ONLY after consent

3. Legal basis (GDPR Art 6)

  • Contact form: consent (Art 6(1)(a)) + pre-contractual measures (Art 6(1)(b))
  • Analytics: consent (Art 6(1)(a))
  • Session cookie (admin): legitimate interest (Art 6(1)(f))
  • Server logs (security): legitimate interest (Art 6(1)(f))

4. Data retention

  • Contact form messages: until resolved, but no longer than 3 years from inquiry
  • Analytics (GA4): 14 months of anonymous aggregate (Google default)
  • Server logs: 30 days (for security)
  • Consent cookie: 1 year, then we ask again

5. Third parties (data recipients)

We share your data only with the following service providers whose services we use:

  • FormSubmit.co (USA): contact form email forwarding
  • Google Analytics 4 (EU/USA): analytics, only with consent
  • Google Maps Embed (EU/USA): contact page map
  • Google Fonts (EU/USA): loading the Montserrat typeface
  • Zone Media OÜ (Estonia): site hosting

We do not sell or rent your data to third parties.

6. Your rights (GDPR Art 15-22)

You have the right to:

  • Access the data we hold about you (Art 15)
  • Rectify incorrect data (Art 16)
  • Erase data: "right to be forgotten" (Art 17)
  • Restrict data processing (Art 18)
  • Data portability in machine-readable format (Art 20)
  • Object to processing based on legitimate interest (Art 21)
  • Withdraw consent at any time (Art 7(3))
  • Lodge a complaint with the Data Protection Inspectorate

To exercise your rights, contact: janner@skw.ee. We respond within 30 days.

7. Data security

  • HTTPS (TLS) for all traffic
  • Admin password bcrypt hash (cost 12)
  • IP-based brute-force protection
  • CSRF protection on forms
  • Sensitive files (.env, database) outside the web root

8. Children (under 16)

This site is not directed at children under 16. We do not knowingly collect data from children.

9. Changes to this policy

We may update this policy from time to time. Significant changes will be marked above with the "Last updated" date.

10. Contact

For privacy questions: janner@skw.ee

Estonian Data Protection Inspectorate: www.aki.ee, info@aki.ee, +372 627 4135