Privacy Policy

1. Who is responsible for your data

The controller of your personal data is WebWay OÜ, an Estonian company (registry code 17529905), located in Tallinn, Estonia. For any privacy question you can reach us at info@webway.ee.

2. What this policy covers

This policy applies to the website webway.ee and to the way we handle requests and communication that come to us by the website form, email, phone or messaging apps. It does not cover third-party websites we may link to.

3. What personal data we collect

We only collect data we actually need. Depending on how you use the site, this may include:

• Data you give us directly: your name, email address, phone number, company name and the contents of your message when you fill in a form or write to us.
• Technical data collected automatically: IP address, device and browser type, language, the pages you view and the time of your visit, recorded in server logs and analytics.
• Preferences stored in your browser, such as the chosen interface theme and language.

4. Why we process your data and on what legal basis

We process personal data for the following purposes and legal bases under Article 6 of the GDPR:

• To answer your enquiry, prepare a quote and take steps at your request before entering into a contract — performance of a contract or pre-contractual steps (Art. 6(1)(b)).
• To operate, secure and improve the website — our legitimate interest (Art. 6(1)(f)).
• To send you information you have asked for — your consent (Art. 6(1)(a)), which you can withdraw at any time.
• To meet accounting and other legal obligations — compliance with a legal obligation (Art. 6(1)(c)).

5. Cookies and local storage

The site uses the minimum storage required to work — for example, remembering your theme and language preference. We may also use privacy-friendly analytics to understand how the site is used in aggregate.

You can clear or block cookies and local storage in your browser settings. Disabling essential storage may affect how the site works.

6. Service providers we share data with

We do not sell your personal data. We share it only with trusted service providers who process it on our behalf and under a contract — namely our website hosting provider, our email-delivery provider and our analytics provider. They may access data only to the extent needed to provide their service.

We may also disclose data where required by law or to protect our legal rights.

7. International data transfers

Some of our service providers may process data outside the European Economic Area (for example in the United States). Where that happens, the transfer is protected by appropriate safeguards such as the European Commission’s Standard Contractual Clauses or an adequacy decision.

8. How long we keep your data

We keep personal data only as long as needed for the purpose it was collected for. Enquiry and correspondence data is kept for the duration of our relationship and a reasonable period afterwards; data tied to accounting documents is kept for 7 years as required by the Estonian Accounting Act (Raamatupidamise seadus). After that, data is deleted or anonymised.

9. Your rights

Under the GDPR you have the right to:

• Access the personal data we hold about you and receive a copy of it.
• Have inaccurate data corrected and incomplete data completed.
• Have your data erased (“right to be forgotten”) where the law allows.
• Restrict or object to processing, and request data portability.
• Withdraw consent at any time, without affecting prior lawful processing.

10. How to exercise your rights and complain

To exercise any of these rights, email us at info@webway.ee and we will respond within the time set by law. If you believe we process your data unlawfully, you may lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon, www.aki.ee).

11. How we protect your data

We apply appropriate technical and organisational measures — including encrypted connections (HTTPS), access controls and trusted providers — to protect your data against loss, misuse and unauthorised access. No method of transmission over the internet is fully secure, but we work to keep your data safe.

12. Links to other websites

Our site may contain links to third-party websites. We are not responsible for their content or privacy practices and encourage you to read their policies.

13. Changes to this policy

We may update this policy from time to time. The current version, with its “last updated” date, is always available on this page. Significant changes will be highlighted on the site.