1. Who is the Data Controller?
Registry code: 16912884
Address: Harju maakond, Tallinn, Kesklinna linnaosa, Tornimäe tn 5, 10145
Email: [email protected]
2. What Personal Data Do We Collect?
Depending on your interaction with our website (contact forms, newsletter subscription, feedback, talent submission, or appointment booking), we may collect the following categories of personal data:
a) Identification Data
- Full name
- Email address
- Phone number
b) Professional Data
- Company name
- Job title
- Skills, experience, contract preferences
c) Project-Related Data
- Project descriptions
- Objectives, challenges, expectations
d) Feedback Data
- Opinions, suggestions, preferences
e) Technical & Browsing Data
- Cookie data (see Cookie Policy)
- IP address (limited use – see Section 3)
3. Why Do We Use Your Data?
We process your data for the following purposes:
- To respond to your contact requests or project submissions
- To connect talents and companies through human and AI-powered matching
- To manage advisory, consulting, and collaboration projects
- To send curated content (articles, insights, invitations), where consent has been given
- To improve our services through feedback analysis
- To manage appointment scheduling and communication
Specific use of IP address
In the context of appointment booking, we collect the IP address solely to:
- Determine the user’s time zone
- Ensure that confirmation and reminder emails display the correct local date and time
4. What Is the Legal Basis for Processing?
Depending on the context, processing is based on one or more of the following legal grounds (Article 6 GDPR):
- Your explicit consent (e.g. newsletter subscription, talent submission)
- Performance of a contract or pre-contractual measures (e.g. advisory services, appointment scheduling)
- Legitimate interest in providing a professional, secure, and properly coordinated consulting and matchmaking service
5. Data Retention Period
Personal data is retained for a maximum period of 3 years after the last contact, except in the following cases:
- A conflicting legal obligation
- A contractual relationship justifying extended retention
Technical data such as the IP address used to determine the time zone is:
- Either not retained
- Or deleted or anonymized once the purpose has been fulfilled
6. Who Has Access to Your Data?
- Access is strictly limited to authorized DigitalFin Advisor personnel
- Data is never sold
- Data is not shared with third parties without your consent, except:
- Where required by law
- Where strictly necessary for service delivery (e.g. secure hosting providers), under GDPR-compliant agreements
7. What Are Your Rights?
In accordance with the GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate or incomplete data
- Request erasure of your data (“right to be forgotten”)
- Restrict or object to processing
- Withdraw consent at any time
- Request data portability
Access is strictly limited to authorized DigitalFin Advisor personnel
8. How Is Your Data Protected?
We implement appropriate technical and organizational security measures, including
- Secure hosting environments
- Access controls and authentication mechanisms
- Data minimization principles
- Protection against unauthorized access, loss, or misuse
9. Cookies Policy
For more information on the use of cookies and similar technologies, please consult ourcookie policy
10. Updates to This Policy
- This privacy policy may be updated periodically to reflect legal, technical, or operational changes
- The most recent version will always be available on our website