Privacy Policy
Effective Date: September 26, 2024
At SELVA! (operating as SELVA OÜ, located at Sepapaja TN 6, 15551 Tallinn, Estonia), we are committed to protecting the privacy of our users and ensuring their data is handled responsibly and in compliance with all applicable laws and regulations, including the General Data Protection Regulation (GDPR). This Privacy Policy outlines how we collect, use, and protect personal information on our website, selva.ee.
For any questions regarding this policy, you can contact us at:
Email: privacy@selva.ee
1. Information We Collect
Personal Data You Provide
We may collect the following types of personal information when you interact with our website and services:
- Contact Information: Name, email address, phone number.
- Payment Information: Payment details, such as credit card numbers or payment service provider details, are processed securely by third-party payment processors (Stripe and Gumroad).
- Booking Details: Information provided when scheduling meetings (via Cal.com), including your name, email, and meeting preferences.
Data Automatically Collected
When you visit our website, certain data is automatically collected:
- Analytics Data: We use Pirsch.io and Umami, which are GDPR-compliant analytics tools, to track website usage data such as page visits, device information, and IP address.
- Visitor Identification Data: We use Instantly.ai to help identify and engage with visitors. Instantly.ai collects IP addresses, device details, and browsing behavior for this purpose. This data is used solely for U.S.-based visitors and is not shared or stored for EU users to comply with GDPR.
Cookies and Similar Technologies
We use cookies to enhance user experience and analyze website traffic. For more details about how we use cookies and your rights regarding them, please refer to our Cookie Policy.
2. How We Use Your Information
We process your personal data for the following purposes:
- To provide services, including booking meetings, facilitating payments, and delivering digital products.
- To analyze website usage and improve user experience.
- To identify visitors and personalize communications using Instantly.ai (only for U.S.-based users).
- To handle payments securely through third parties (Stripe and Gumroad).
- To communicate with you about your bookings, purchases, and inquiries.
3. Legal Basis for Processing
We rely on the following legal bases under GDPR to process your personal data:
- Consent: When you provide explicit consent for marketing or analytics tracking.
- Contractual Obligation: When we need the information to fulfill a contract, such as processing payments or booking meetings.
- Legitimate Interest: To enhance our services, track website usage, and protect the security of our website.
4. Third-Party Services
We share your data with the following third-party services that help us deliver our products and services:
- Analytics: Pirsch.io and Umami for anonymized website analytics.
- Payments: Stripe and Gumroad for secure payment processing.
- Meeting Scheduling: Cal.com to facilitate meeting bookings.
- Visitor Identification: Instantly.ai for U.S.-based visitor identification.
These third-party service providers process your personal data in compliance with GDPR and are bound by confidentiality obligations. We ensure that any transfer of data to third parties is done with the highest level of security.
5. Data Retention
We retain personal data for as long as necessary to provide our services or as required by law. Specifically:
- Payment Data: Processed and stored securely by Stripe and Gumroad in compliance with financial regulations.
- Analytics Data: Stored only for as long as needed to analyze trends and improve our services.
- Visitor Data (via Instantly.ai): Retained according to the data usage agreement and only applicable to U.S.-based visitors.
6. Your Rights Under GDPR
As a user based in the European Economic Area (EEA), you have the following rights regarding your personal data:
- Right to Access: You can request access to the personal data we hold about you.
- Right to Rectification: You can request corrections to any incorrect data.
- Right to Erasure (“Right to Be Forgotten”): You can request the deletion of your data when it is no longer necessary for the purposes for which it was collected.
- Right to Restriction of Processing: You can request the restriction of processing under certain circumstances.
- Right to Object: You can object to the processing of your data in certain situations.
- Right to Data Portability: You can request to receive your data in a machine-readable format.
- Right to Withdraw Consent: You may withdraw your consent for data processing at any time, which will not affect the lawfulness of any processing before your withdrawal.
To exercise any of these rights, please contact us at privacy@selva.ee.
7. Data Security
We implement industry-standard security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. However, please note that no transmission over the internet is entirely secure, and we cannot guarantee complete security of your information.
8. International Data Transfers
As we are based in Estonia, your data may be transferred to and stored on servers located outside your country of residence, including in the United States. We ensure that appropriate safeguards are in place to protect your personal data during such transfers in compliance with GDPR.
9. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or for legal, regulatory, or operational reasons. We will notify users of any changes by updating the effective date at the top of this document.
10. Contact Us
If you have any questions or concerns regarding this Privacy Policy or your personal data, please contact us at:
SELVA OÜ
Sepapaja TN 6
15551 Tallinn, Estonia
Email: privacy@selva.ee