Get in Touch

Privacy Policy and Personal Data Processing of HyggeSoftware OÜ

Edition dated November 12, 2024

This Privacy Policy describes how https://hygge.software (hereinafter referred to as the Website, Service, Platform, “HyggeSoftware OÜ,” “we,” “us,” “our”) collects, uses, and transfers information gathered by us or provided by you during your visit to the Website hosted at https://hygge.software and/or in the course of providing services to you and/or interacting with our service, including any electronic correspondence containing your personal data.
This Privacy Policy also explains your rights and options regarding your personal data and how you can contact us to make changes to your personal data or to address any questions you may have about our privacy practices. The provisions of this Privacy Policy may be updated in the future. Whenever we make changes to this Privacy Policy, we will publish the updated version on this page and indicate the date of the new edition.

We act as the controller of your personal data, as we independently determine the purposes for which we need it and select the services and tools for its processing.

Please read the provisions of this Privacy Policy carefully and contact us via the email address provided in this document if you have any questions. By using the Website, receiving services, completing the relevant forms, sending us electronic messages (including but not limited to email), or checking the box in the corresponding field (“I agree with the Privacy Policy”), you agree to all the terms of this Privacy Policy, confirm that you have read and understood its provisions, and provide your free and explicit consent for us to use your personal data in accordance with this Policy.

If you don’t agree with the terms of this Privacy Policy, please do not access or use the website https://hygge.software. If you wish to stop receiving marketing materials from HyggeSoftware OÜ, click the “Unsubscribe” button in the marketing email you received from us.

Who We Are

  • https://hygge.software

    The website https://hygge.software belongs to a company that provides custom software development services and acts as a reliable IT service provider for clients in Europe, the USA, Canada, and Australia

  • Data Controller

    • HyggeSoftware OÜ
    • Harju maakond, Tallinn, Kesklinna linnaos, Tornimäe tn 7-26, 10145, Estonia

  • Data Protection Officer

    • Artem Petrov
    • +48 889 041 233
    • gdpr@hygge.software

Definition of Terms

Personal Data – information or a set of information about an individual who is identified or can be specifically identified.

Non-Personal Data – information and details that, on their own, do not allow for the direct identification of a specific individual.
Information – both Personal and Non-Personal Data.

User – an individual who accesses the Website https://hygge.software or the Service in general, uses it, and/or places an order for the relevant services.

Processing – any actions performed on personal data, including but not limited to access, provision, distribution, collection, systematization, storage, accumulation, recording, transfer, blocking, deletion, clarification, updating and/or modification, anonymization, and other uses of personal data carried out by the Service.

GDPR – General Data Protection Regulation.

1. General Provisions

We process your personal data in accordance with the law, solely for the purpose of processing your request, instructions, and providing necessary information about its status, participating in promotional activities of our Service, when you contact customer support, as well as when you subscribe to our newsletters, participate in surveys, or leave feedback about our services.

The information provided by you is confidential and will not be shared with third parties, except when necessary to fulfill your request, instructions, or in other cases as required by law.

The provisions of this Privacy Policy apply only to the Website https://hygge.software. The Service does not control and is not responsible for third-party websites that the User may visit through links available on the Website.

Please note that the Service does not verify the accuracy of the information provided by the User.

Your information is processed from the moment you access the website and begin using the Site, as well as from the moment our company’s employee receives your personal data sent via email, through the website, or provided through other means of communication.

We do not use services that automate decision-making, and we do not use your personal data to evaluate aspects of your personality (automated profiling).

2. Information We May Collect Or Receive

When you visit our web pages, the following data is collected:

  • – IP address
  • – The hostname of the computer accessing the site
  • – Location and time of visit
  • – The resource from which you accessed this website
  • – A list of websites providing third-party services based on your preferences
  • – Date and duration of your visit
  • – Notification of whether the visit was successful
  • – Data transfer size
  • – Information about browser identification data and the operating system you are using.

The temporary storage of this data is necessary during your visit to the website to provide you with access. Further storage in log files is carried out to ensure the website’s functionality and our IT systems’ security. Therefore, the legal basis for processing the aforementioned categories of data is Article 6(1)(f) of the EU General Data Protection Regulation (GDPR). We have a legitimate interest in processing this data in relation to these purposes, particularly to ensure security and seamless connection establishment.

The Service collects and uses only the personal data of users that are necessary for the preliminary order of the service. For the User, this includes your full name, email address, and phone number.

Data such as city and postal address are considered personal data, and the legal basis for their processing by us is the existing contract (Article 6(1)(b) GDPR) and our legitimate interest in presenting our offer as accurately as possible (Article 6(1)(f) GDPR).

Other information may be provided by the user solely at their discretion (unless such information is required to ensure the performance of the contract or its provision is mandated by law).

Additionally, we use “cookies” to collect additional data about website usage and to improve the website’s performance and the quality of our services. The processing of data through technically necessary cookies is based on our legitimate interest according to Article 6(1)(f) GDPR.

Cookies are small files that the Website, network software services, or service providers place on your device through your web browser (if permitted by you), allowing the website or service providers to recognize your browser and store and remember certain information.

Using cookies, we may process information such as:

Device data:

  • -hardware model,
  • -unique device identifiers
  • -MAC address
  • -IP address
  • -operating system version and device settings

Information from Log-files:

  • -time and duration of website usage
  • -search queries
  • -location information
  • -any other information stored in cookies that allows for the unique identification of your browser or account

Other data:

Information about your usage of the website that we may process if you visit or use third-party websites or applications to communicate with us, and how you interact with content posted on the Website.

We use cookies for actions such as helping you log in and improving your experience on our website or services. We may use cookies to better understand how you interact with the website, track the overall number of website users and web traffic routing on the site, enhance the website and our services, understand your preferences based on past or current activity on the website, and/or provide you with top-quality services.

We do not collect and ask you not to provide any information that is subject to specific restrictions and requirements under the law, namely: information about racial or ethnic origin, political, religious, or philosophical beliefs, membership in political parties or trade unions, criminal convictions or suspicions of criminal offenses, as well as data related to health, sexual life, biometric and genetic data. You can read our detailed Cookie Policy here.

3. How We May Use Personal Data

We may use the information we collect, as described above, for the following purposes:

Contractual relations.

We may process your personal data to fulfill contractual obligations — for reviewing and/or processing your application, order, and preparing a commercial offer, or contract. The legal basis is Article 6(1)(b) GDPR. Additionally, you voluntarily provide data to communicate with us, so your consent is another legal basis, Article 6(1)(a) GDPR.

Inquiries and other communications.

If you have contacted us through our contact forms and/or via email/phone/messenger, we may process the information you provided to be able to respond to your question, complaint, or request.

Marketing.

We may use the information received from you (e.g., your email address) for marketing purposes. For example, by subscribing to our newsletter, you will receive posts and announcements directly to your email. We may send you promotional materials regarding our services, special offers, or other information that we believe may be of interest to you.

You can opt out of receiving our marketing emails (either fully or partially) by clicking the “unsubscribe” link in the emails you receive from us. Additionally, to unsubscribe, you can contact us at any time by sending a message to the email address provided in this Privacy Policy – gdpr@hygge.software.

We may also use the information obtained through cookies for marketing research purposes, to analyze the characteristics of website users, evaluate the effectiveness of our marketing communications, adapt to current trends, plan future marketing campaigns, conduct business analytics, and personalize services and communications for you. The legal basis is Article 6(1)(f) GDPR.

Information sharing.

HyggeSoftware OÜ may disclose your personal information to the following categories of recipients:

  • -To companies/contractors within its group, professional advisors, third-party service providers, and partners who provide data processing services for HyggeSoftware OÜ (e.g., for supporting delivery, providing functionality, or assisting in enhancing the security of the HyggeSoftware OÜ website), or who otherwise process personal data for purposes described in this Privacy Policy or as communicated to you when we collect your personal data. A list of current companies/contractors of HyggeSoftware OÜ is available upon request.
  • -To any competent law enforcement authority, regulatory authority, government agency, court, or other third party, if HyggeSoftware OÜ believes that disclosure of information is necessary (a) in accordance with applicable law or regulation, (b) for the establishment, exercise, or defense of its legal rights, or (c) to protect your vital interests or the vital interests of any other person.
  • -To any other person with your consent for disclosure.

Protection of our interests and security.

We may use your personal data when we deem it necessary to take measures to prevent potential liability, for conducting investigations and defending the Service against any claims or accusations from third parties, investigating and protecting the Service from fraud, ensuring the security or integrity of the Website, and protecting the property rights of our Service, users, and/or partners. The legal basis for this is Article 6(1)(d) of the GDPR.

Compliance with Legal Requirements.

We may also use/disclose the information we collect to comply with legal requirements, industry standards, and our policies. We may disclose your information in situations that we believe:
(1) involve emergencies related to a potential threat to the physical safety of any person or property, if we believe your information is related to such a threat;
(2) are related to illegal or inappropriate use of the Website and/or services, in our opinion. The legal basis is Article 6(1)(c) GDPR.

Processing of information includes:

The collection, accumulation, storage, adaptation, verification, modification, restoration, use, anonymization, and destruction of personal data, including through information (automated) systems.

The collection of personal data may occur orally, in writing, and/or electronically, through requests or self-provision of the necessary information and documents by you. Personal data is accumulated and stored in written and/or electronic form.

4. How We May Transfer Personal Data

We pay special attention to the confidentiality and protection of your personal data. The information you provide is confidential and will not be shared with third parties, except as necessary to fulfill or provide services, and in cases required by law.
The user agrees that the website has the right to transfer personal data to third-party contractors solely for the purpose of providing the relevant service.
Third-party contractors-processors: who process data and are contractually obligated to maintain strict confidentiality in accordance with Article 28 of the GDPR.

We may disclose your personal data if required by law or to fulfill a legal obligation, or if we are confident that such actions are necessary for:

– Investigating, responding to, and defending against claims; if necessary in legal proceedings (including court subpoenas) to protect the rights and property of the Service or third parties; to prevent potential liability;

– Public safety or the safety of individuals;

– To prevent or stop any illegal, unethical, fraudulent, offensive, or other activities that could result in negative legal consequences;

– For the integrity and security of the website, our services, or any equipment used to operate the website and provide services; to comply with applicable laws and regulations.

5. How We Store And Protect Your Personal Data

The protection of your personal data is extremely important to us, and we take all necessary measures to ensure it. We store users’ personal data in secure conditions. Your personal data is protected from unauthorized access, disclosure, use, alteration, or destruction.
The service continuously monitors the measures taken to ensure security.

We will retain your personal data for as long as necessary to provide you with access to the site and/or to fulfill our legal obligations (such as processing your requests and providing services, tax and/or financial reporting), resolving disputes, and ensuring compliance with our policy.

The retention period is determined based on the type of information collected and the purpose for which it was collected, depending on the situation and the need to delete outdated or unnecessary information as quickly as possible.

After you stop using the Website and/or our services by deleting your account on the Website (if such registration is provided), your Personal Data will also be automatically deleted, except in cases where we are required to retain such data to comply with obligations established by applicable law and these Terms of Use.

6. Your Rights

Regarding your personal data, you have the right to:

– Contact the data controller at any time with any questions or complaints regarding the processing of personal data, as well as to inquire whether your personal data is being processed and the contents of such data;

– Request free access to your personal data;

– Request at any time that the data controller cancel or restrict the processing of your personal data, as well as request amendments to your personal data if there are inaccuracies or if they have become outdated;

– Request at any time that the data controller delete your personal data to the extent that it is no longer needed to achieve the purposes stated in this notice, or for other purposes for which the data controller must continue processing, or when the data controller no longer has the legal right to process it;

– Withdraw your consent to the processing of personal data at any time;

– File complaints regarding the processing of personal data;

– Know the sources of collection, the location of your personal data, the purpose of its processing, the location of the data controller or data processor, or give appropriate instruction to authorized persons to obtain this information, except where otherwise required by law;

– Receive information about the conditions under which personal data is accessed, including information about third parties to whom the personal data is transferred;

– Submit a reasoned objection to the data controller regarding the processing of your personal data;

– Ensure protection of your personal data against unlawful processing and accidental loss, destruction, or damage, in connection with deliberate concealment, failure to provide, or untimely provision of such data, as well as protection against providing inaccurate data or data that defames the honor, dignity, and business reputation of the individual;

– Exercise legal remedies in case of a violation of personal data protection laws;

– Make reservations regarding the limitation of the right to process your personal data when giving consent;

– Know the mechanism of automated processing of personal data;

– Ensure protection from automated decisions that have legal consequences for the individual.

If you wish to exercise any of the above rights or obtain further information, please contact us using the details provided below in this Privacy Policy.

However, please note that these rights are not absolute and may be subject to certain limitations imposed by regulatory requirements and our legitimate interests.

To respond to your request, we must verify your identity to ensure that your information is not provided to an unauthorized person.

The service must provide you with information about the actions taken in response to your request within ten days of receiving it. The final response to your request must be provided within 10 days from the date of receipt. However, for third parties, the response time may be extended up to 30 days from the date of receiving the request.

If you learn that someone has unlawfully provided us with your personal data, please notify us as soon as possible using the contact details provided in this Privacy Policy. Upon your request, we will delete your personal data as soon as possible, but in any case, no later than one month from the date of receiving your request. We will retain only those copies of the information that may be necessary for us to comply with legal requirements in such cases.

Additionally, you can at any time modify (update, supplement, or delete) the personal data you have provided by contacting us with a relevant request.

7. Children

We understand how important it is to take additional measures to protect the privacy and security of children using the Website. Children under the age of 18 are not allowed to use our Website and receive our services unless their parents have given consent, which must be confirmed with appropriate evidence. We do not intentionally collect Personal Data from children under the age of 18. If we learn that we have received Personal Data of a child under the age of 18, except under the circumstances mentioned above, we will take all necessary steps to delete such information as soon as possible, unless we are required to retain such data for compliance with legal obligations. The legal basis is Article 8 of the GDPR.

8. Updating this Privacy Policy

Each time we make changes to this Privacy Policy, the new version will be available on the Website with an updated revision date.

You can access the new version of the Privacy Policy starting from the day it comes into effect, giving you time to decide whether to continue using the site and to submit any objections regarding changes to the processing of your personal data. A draft of the new Privacy Policy may be published in advance.

9. Questions and Complaints

If you have any questions, concerns, or complaints regarding our methods of collecting and processing your personal data, or if you have any suggestions or questions about this Privacy Policy, please contact us using the contact details provided in the “Responsible Party” section.

10. We use the following services:

Our website is hosted on https://wpengine.com The hosting servers are located in the EU, and USA, as well as in Japan, Canada, and Australia. The data you provide is securely processed, encrypted, and all necessary actions are taken to protect it from unauthorized access, disclosure, or destruction. More details about GDPR compliance can be found here.

We use Google Analytics – a web analytics service. Address: Google LLC, 1600 Amphitheatre
Parkway Mountain View, California, 94043 USA. More information can be found here.

The CRM system Pipedrive is used for storing customer personal data. Pipedrive OÜ is located at Mustamäe tee 3a, 10615 Tallinn, Harju County, Estonia, with registration number 11958539.
For more details about the Pipedrive CRM system, visit their official website https://www.pipedrive.com/en/about