Privacy Policy

Last updated: October 1, 2025

This Privacy Policy describes how 0xawaz OÜ ("we," "our," or "us") collects, uses, and protects your personal information when you visit our website and use our services. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and Estonian data protection regulations.

1. Company Information

Company Name: 0xawaz OÜ
Registration Number: 16453235
Address: Harju maakond, Tallinn, Kesklinna linnaosa, Ahtri tn 12, 15551, Estonia
Email: [email protected]
Business Email: [email protected]

2. Information We Collect

2.1 Personal Information You Provide

When you contact us or use our services, we may collect the following personal information:

• Name and contact details (email address, phone number)
• Company name and business information
• Project requirements and technical specifications
• Communication preferences
• Any other information you voluntarily provide through our contact forms or communications

2.2 Automatically Collected Information

When you visit our website, we may automatically collect:

• IP address and browser information
• Pages visited and time spent on our website
• Referring website information
• Device and technical information

2.3 Cookies and Similar Technologies

We use cookies and similar technologies to enhance your browsing experience. For detailed information about our cookie usage, please refer to our Cookie Policy.

3. How We Use Your Information

We use your personal information for the following purposes:

• Service Provision: To provide React development consulting services and respond to your inquiries
• Communication: To communicate with you about your projects, send updates, and provide customer support
• Business Operations: To manage our business relationships and improve our services
• Legal Compliance: To comply with legal obligations and protect our legitimate business interests
• Marketing (with consent): To send you information about our services and industry updates, only if you have opted in

4. Legal Basis for Processing

Under GDPR, we process your personal information based on the following legal grounds:

• Contract Performance: To fulfill our contractual obligations when providing services
• Legitimate Interest: For business operations, communication, and service improvement
• Consent: For marketing communications and optional data processing
• Legal Obligation: To comply with applicable laws and regulations

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

• Service Providers: With trusted third-party service providers who assist in our business operations (email services, hosting providers)
• Legal Requirements: When required by law, court order, or government authorities
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Protection of Rights: To protect our rights, property, or safety, or that of our clients

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Secure data transmission using SSL/TLS encryption
• Access controls and authentication procedures
• Regular security assessments and updates
• Staff training on data protection practices

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Typically:

• Contact Information: Retained for 3 years after last contact for business relationship purposes
• Project Data: Retained for the duration of the project plus 5 years for legal and warranty purposes
• Marketing Data: Retained until you withdraw consent or for 2 years of inactivity

8. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of Access: Request information about how we process your personal data
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data under certain circumstances
• Right to Restrict Processing: Request limitation of processing under certain conditions
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing based on consent

9. International Data Transfers

As we provide services to clients across CIS countries, your personal information may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other appropriate safeguards recognized under applicable data protection laws

10. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated Privacy Policy.

12. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal information, please contact us:

13. Supervisory Authority

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the relevant supervisory authority. In Estonia, this is the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).

Estonian Data Protection Inspectorate
Website: www.aki.ee
Email: [email protected]