CyberONE OÜDigital Growth StudioBook a call
Privacy Policy

How we handle personal data.

This policy explains what CyberONE OÜ collects through cyberonedigital.com, how we use it, and how to exercise your privacy rights.

Last updated: 27 June 2026. These pages are written for the public website and should be reviewed against internal operations before publication.

Who we are

The data controller for this website is CyberONE OÜ, Harju maakond, Tallinn, Kesklinna linnaosa, Tartu mnt 67/1-13b, 10115 Estonia. You can contact us about privacy matters at support@cyberonedigital.com.

What this website collects

This public website is intentionally light on data collection. It does not provide account registration, checkout forms, file uploads or a customer portal. It uses first-party consent storage so optional cookies and similar technologies can be controlled by category.

Data sourceWhat may be involvedWhy
Consent managementConsent category choices, anonymous consent ID, policy version, CMP version, region signal and GPC signal.To remember and audit privacy choices for this browser.
Email/contact briefName, email, company, phone, selected services and message.To respond to your enquiry and prepare a proposal.
Website hosting logsIP address, browser, device, requested URL, time and security events.To operate, secure and debug the website.
Font deliveryBrowser requests to font infrastructure may include IP and browser metadata.To render the visual design of the website.
Client workInformation shared during discovery, audits, implementation and support.To deliver agreed IT and marketing services.

Contact form behavior

The website brief form collects the details you choose to submit so we can review your enquiry and respond. Do not include passwords, credentials, payment card details, or highly sensitive information in website messages.

How we use information

We use personal data only for clear business purposes:

PurposeLegal basis under GDPR
Responding to enquiries and preparing proposalsLegitimate interests and steps before entering a contract
Delivering agreed servicesContract necessity
Maintaining security and preventing misuseLegitimate interests
Saving and applying cookie and privacy choicesLegal obligation, consent, and legitimate interests in compliance
Accounting, tax, legal and compliance recordsLegal obligation
Optional marketing communicationsConsent or legitimate interests where permitted by law

Cookies and similar technologies

We use a first-party consent management platform with Necessary, Functional, Analytics and Marketing categories. Necessary consent storage is always active. Optional categories are applied according to your region, your choices, and any Global Privacy Control signal.

No optional third-party analytics, advertising, chat, review or testimonial vendor is configured on this website at launch. See our Cookie Policy for the current category table.

Sharing and processors

We do not sell personal information. We may share data with service providers only where needed to operate the website, communicate with you, deliver services, comply with law, or protect our rights.

Typical recipients may include hosting providers, email providers, professional advisers, and client-approved tools used for SEO, advertising, analytics, email or IT implementation work. Client project processors are handled through the relevant proposal, statement of work or data processing terms.

International transfers

We are based in Estonia. Some providers or client-selected tools may process data outside the EEA. Where required, we use appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, data processing agreements or equivalent safeguards.

Retention

Data typeTypical retention
Consent recordsStored in your browser until cleared, policy version changes, or the CMP version changes. Server-side consent log events may be retained for compliance evidence.
Unsuccessful enquiriesUp to 24 months after the last interaction, unless deletion is requested.
Client records and project communicationsFor the contract term and as needed for legal, accounting and dispute records.
Invoices and accounting recordsAs required by applicable accounting and tax law.
Security and server logsShort operational periods unless needed to investigate abuse or security events.

Your rights

If GDPR applies to you, you may request access, correction, deletion, restriction, portability, objection to certain processing, and withdrawal of consent where processing is based on consent.

If California privacy laws apply to you, you may request to know, access, correct or delete personal information, and to opt out of sale, sharing or targeted advertising. Use Your Privacy Choices in the footer to open the Marketing opt-out controls. We do not currently configure advertising pixels or retargeting vendors on this public website.

If your browser sends Global Privacy Control, the website treats it as an opt-out of sale, sharing and targeted advertising for this browser and keeps Marketing turned off.

To exercise rights, email support@cyberonedigital.com. We may need to verify your identity before acting on a request.

Security

We use practical technical and organizational safeguards appropriate to a small B2B consultancy, including HTTPS, access controls, limited internal access, vendor review, and data minimisation. See Trust & Security for more.

Children

This website and our services are intended for business users and are not directed to children. We do not knowingly collect personal information from children.

Contact and complaints

Contact us at support@cyberonedigital.com or by post at Harju maakond, Tallinn, Kesklinna linnaosa, Tartu mnt 67/1-13b, 10115 Estonia. If you are in Estonia or the EEA, you may also contact your local data protection authority.