Privacy Policy

Privacy Policy

This Privacy Policy explains how Estalara processes personal data of users of our website and application.

1. Data controller

The controller of your personal data is Estalara (the "Controller"). Detailed contact information is provided in the contact section of the service and in the terms of use.

2. Scope of processed data

Depending on how you use the service, we may process in particular:

  • identification data (e.g. name, surname, username),
  • contact data (e.g. e-mail address, phone number),
  • account and usage data related to your activity in the service,
  • transaction and billing data,
  • technical and statistical data (e.g. IP address, cookies).

Your data may be processed for the following purposes:

  • creating and operating your user account - performance of a contract (Art. 6(1)(b) GDPR),
  • providing services offered via the platform - performance of a contract (Art. 6(1)(b) GDPR),
  • fulfilling legal obligations (e.g. tax, accounting) - legal obligation (Art. 6(1)(c) GDPR),
  • analytics, statistics, security and service improvement - legitimate interest of the Controller (Art. 6(1)(f) GDPR),
  • marketing activities (including newsletters) - based on your consent (Art. 6(1)(a) GDPR), where given.

4. Data recipients

Your data may be shared with entities that support us in providing our services, such as IT providers, payment providers, hosting and analytics providers, as well as with entities authorized by law.

5. Data transfers outside the EEA

Where data is transferred outside the European Economic Area in connection with the use of external tools (e.g. cloud services), such transfers take place only with appropriate safeguards required by the GDPR.

6. Data retention period

We store personal data for as long as necessary to achieve the purposes for which it was collected or for as long as required by law (e.g. limitation periods for claims or accounting obligations).

7. Your rights

You have, among others, the right to:

  • access your data and obtain a copy of it,
  • rectify (correct) your data,
  • erase your data in cases provided by law ("right to be forgotten"),
  • restrict processing,
  • data portability,
  • object to processing based on the Controller's legitimate interest,
  • withdraw consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal),
  • lodge a complaint with the supervisory authority.

8. Cookies

Details on how we use cookies are provided in a separate Cookie Policy.

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The current version will always be available on this page.

Estalara legal documents section