Legal · Last updated 9 July 2026
Privacy,handled properly.
This policy explains how we process personal data when you visitiweb.eu or contact us. We keep it short because we collect very little — this site has no tracking cookies, no advertising pixels and no analytics profiling. We wrote this policy to comply with Regulation (EU) 2016/679 (GDPR) and the Estonian Personal Data Protection Act (isikuandmete kaitse seadus).
1. Who is responsible (data controller)
E-Interactive OÜ
Registry code: 12702552 · VAT no: EE102309007
Registered in the Estonian Commercial Register (Äriregister)
Vana-Tartu mnt 22c, Järveküla, Rae vald, 75304 Harju maakond, Estonia
Email: hello@iweb.eu
E-Interactive OÜ operates iweb.eu and is the data controller for the processing described here. We are not required to appoint a Data Protection Officer; for anything related to personal data, write to the email above.
2. What data we process, why, and on what legal basis
2.1 When you contact us
If you email us or use the contact form (which opens your own email client — we do not store form submissions on a server), we receive the data you choose to send: typically your name, email address, company and the content of your message.
- Purpose: responding to your enquiry, preparing a quote, negotiating and performing a contract.
- Legal basis: Art. 6(1)(b) GDPR (steps prior to entering into a contract) and Art. 6(1)(f) GDPR (our legitimate interest in responding to business enquiries).
2.2 When you become a client
We process contact and billing details needed to deliver our services and issue invoices.
- Purpose: performing the contract, invoicing, accounting.
- Legal basis: Art. 6(1)(b) GDPR (contract) and Art. 6(1)(c) GDPR (legal obligations, incl. the Estonian Accounting Act).
2.3 Technical data when you browse this site
Our hosting and content-delivery infrastructure processes IP addresses and standard request metadata (browser type, pages requested, timestamps) in short-lived server logs. This is necessary to deliver the site and protect it against abuse.
- Purpose: serving the website, security, fraud and abuse prevention.
- Legal basis: Art. 6(1)(f) GDPR (legitimate interest in running a secure website).
We do not use these logs to identify visitors, build profiles or make automated decisions. See the Cookie Policy for details on cookies (spoiler: we currently set none).
3. Who receives your data
We do not sell or rent personal data. We share it only with service providers who help us run the business, under data processing agreements:
- Hosting / CDN: our website is served through an edge hosting provider (Cloudflare, Inc.), which processes technical request data.
- Email: correspondence is handled by our email service provider.
- Accounting: invoicing data may be visible to our accountant and, where required, to Estonian authorities.
Where a provider processes data outside the EU/EEA, transfers rely on an adequacy decision of the European Commission or Standard Contractual Clauses (Art. 46 GDPR).
4. How long we keep data
- Enquiries that don't lead to a contract: up to 1 year after our last exchange.
- Client correspondence and contracts: up to 3 years after the end of the relationship (general limitation period).
- Accounting records: 7 years, as required by the Estonian Accounting Act.
- Server logs: retained by our infrastructure providers for short periods (typically days to weeks).
5. Your rights
Under the GDPR you can, at any time:
- request access to the personal data we hold about you (Art. 15);
- have inaccurate data corrected (Art. 16);
- request erasure (Art. 17) or restriction of processing (Art. 18);
- receive your data in a portable format (Art. 20);
- object to processing based on legitimate interest (Art. 21).
To exercise any of these, emailhello@iweb.eu. We respond within one month. If you believe we process your data unlawfully, you can lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon,aki.ee) or the supervisory authority of your EU member state.
6. Security
The site is served over HTTPS only. We follow the principle of data minimisation — the less we collect, the less can go wrong — and apply appropriate technical and organisational measures to what we do process.
7. Changes to this policy
If we start processing data differently — for example, add analytics or a server-side contact form — we will update this policy and the date at the top before the change takes effect.