This Privacy Policy describes how EIMIO OÜ (registry code 16291654, VAT number EE102557503, address Pirita tee 26f-11, 12011 Tallinn, Estonia, email info@eimio.eu) collects, uses, and protects your personal data when you use our website and services.
1. Data Controller
The data controller is EIMIO OÜ, a private limited company incorporated and registered in Estonia. We process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Estonian law.
2. Data We Collect
2.1 Data you provide directly
- Name and contact information (email, phone number)
- Company name and business details
- Message content submitted via contact forms
- Account registration data (when you create an EIMIO account)
2.2 Data collected automatically
- IP address and browser/device information
- Pages visited and time spent on the site
- Referring URLs
- Cookie data (see Section 7)
2.3 Merit Aktiva integration data
When you connect your Merit Aktiva account to EIMIO, we access General Ledger transaction data of your client companies solely to provide the billing automation service. We do not sell or share this data with third parties.
3. Legal Basis for Processing
- Performance of a contract — when processing is necessary to deliver the EIMIO service you have subscribed to.
- Legitimate interests — for improving our service, security monitoring, and direct marketing to existing customers.
- Consent — for marketing communications and optional cookies.
- Legal obligation — where required by Estonian or EU law.
4. How We Use Your Data
- To provide, operate, and improve the EIMIO platform
- To respond to your inquiries and support requests
- To send service-related notifications
- To send marketing communications (with your consent)
- To comply with legal and regulatory requirements
- To detect and prevent fraud or abuse
5. Data Sharing
We do not sell your personal data. We may share data with trusted service providers who assist us in operating the platform, subject to strict data-processing agreements, including:
- Supabase — database hosting (data stored in the EU)
- Resend / SMTP provider — transactional email delivery
- Vercel — website hosting (EU data centres available)
- Merit Tarkvara OÜ — Merit Aktiva API integration
We may also disclose data if required by law or in response to a lawful request from public authorities.
6. Data Retention
- Account data: retained for the duration of your subscription plus 3 years
- Contact form submissions: retained for 2 years
- Billing and invoice data: retained for 7 years (Estonian accounting law)
- Marketing consent: until withdrawn
7. Cookies
We use strictly necessary cookies (session management, CSRF protection) without consent. We use analytics and preference cookies only with your consent. You can manage cookie preferences via the cookie consent banner.
8. Your Rights
Under GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Erase your data ("right to be forgotten")
- Restrict processing
- Data portability
- Object to processing based on legitimate interests
- Withdraw consent at any time
To exercise your rights, contact us at info@eimio.eu. We will respond within 30 days. You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (AKI).
9. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. All data is transmitted via HTTPS. Access to production systems is restricted to authorised personnel.
10. International Transfers
Your data is stored and processed within the European Union. Where any sub-processor is located outside the EU/EEA, we ensure appropriate safeguards (such as Standard Contractual Clauses) are in place.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or via the platform. The date of the last update is shown at the top of this page.
12. Contact
For privacy-related questions, contact us at: info@eimio.eu
EIMIO OÜ · Pirita tee 26f-11, 12011 Tallinn, Estonia