Privacy Policy

How we process personal data on this website.

Last updated: January 2026

Controller

Company: exisia OÜ

Legal form: Private limited company (osaühing)

Managing director / content responsibility: Felix Nagel

Address:
Sepapaja 6
15551 Tallinn
Estonia

Email: contact@exisia.com

Phone: +49 152 23321797

Data controller within the meaning of Art. 4(7) GDPR. Contact details and representative see below.

Purposes and legal bases

Website delivery and security (Art. 6(1)(f) GDPR)

When you access our site, the server temporarily processes data such as IP address, date/time, URL, referrer, and user agent to deliver the site, ensure stability, and detect misuse. The logs are evaluated only for security and troubleshooting.

Hosting and infrastructure (Art. 6(1)(f) GDPR)

We host this site with Hetzner in EU data centers. Connection data (e.g., IP address, timestamps, user agent) is processed to provide the service, prevent abuse, and ensure availability. Basic uptime/monitoring metrics are collected in aggregated form without personal profiles. No third-party analytics are in use.

Contact requests (Art. 6(1)(b) and (f) GDPR)

If you contact us, we process the data you provide to respond to the inquiry and for possible pre-contractual steps. Providing this data is voluntary, but we may be unable to respond without it.

Cookies and tracking

We currently do not use non-essential cookies or third-party trackers. Essential cookies may be used only where technically required (e.g., to remember UI preferences). You can configure your browser to block cookies.

Recipients / processors

  • Hetzner Online GmbH (infrastructure/hosting in EU) acting as processor under Art. 28 GDPR.
  • Service providers we engage for support, maintenance, or communications, bound by confidentiality and instructions.

Transfers to third countries

We host in the EU/EEA (Hetzner). We currently do not transfer personal data to third countries. If this changes, we will ensure an adequate level of protection (e.g., EU Standard Contractual Clauses) and update this notice.

Storage periods

  • Server log files at Hetzner are deleted automatically after up to 30 days unless longer retention is necessary to clarify incidents.
  • Aggregated technical metrics (non-identifying) are kept for service stability for up to 12 months.
  • Contact inquiries are stored as long as necessary to process the request and to comply with statutory retention duties (usually up to 6 years for business correspondence).

Your rights

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to object to processing based on Art. 6(1)(f) GDPR (Art. 21 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to withdraw consent at any time with future effect

Right to lodge a complaint

You may lodge a complaint with a data protection supervisory authority, in particular in the EU/EEA member state of your habitual residence, place of work, or of the alleged infringement. In Estonia, this is the Estonian Data Protection Inspectorate (AKI).

Contact for privacy matters

Use the contact details above for privacy-related requests. We respond without undue delay.