Valid from: 7 July 2025
Welcome to the website kytt.eu (hereinafter referred to as the "Website"). Your privacy is important to us. This Privacy Policy explains how Kytt.eu OÜ ("we") collects, uses, shares and protects personal information when you visit our website or use our related services (the "Services"). We also describe your rights under EU General Data Protection Regulation (GDPR) and other applicable laws.
1. Who we are
| Data Controller | Kytt.eu OÜ |
|---|---|
| Registered at | Padriku tee 5/2-2, 11912 Tallinn, Harju maakond, Estonia |
| Registration number | 12926688 |
| info@kytt.eu |
We have not appointed a Data Protection Officer (DPO) or an EU representative.
2. Scope of the policy
This Privacy Policy applies to all personal data processed through our website and services. It does not apply to third party websites or services to which we may link.
3. Personal data collected
| Category | Examples | Source from |
| Information provided by the user | Name, email, postal address, payment information, customer support queries. | Directly from you (forms, orders, emails) |
| Automatically collected data | IP address, browser, OS, referring sites, page views, cookies | Automatically via cookies and logs |
| Third party data | Social media profiles, analytics, marketing partners | Through integrated services |
We do not collect sensitive (special categories of) personal information unless it is voluntarily provided by the user with explicit consent.
4. Legal basis for processing
Our basis for processing personal data is:
- Performance of the contract (Art 6(1)(b) GDPR) - fulfilling orders and providing services.
- Consent (Art. 6(1)(a)) - marketing, cookies, etc.
- Legitimate interest (Art 6(1)(f)) - fraud prevention, service improvement, analytics.
- Legal obligation (Art 6(1)(c)) - accounting, taxation and other legal obligations.
5. What we use personal data for
- Provision and management of website and services
- Processing and fulfilling orders
- Providing customer support and responding to enquiries
- Sending out administrative notices and (subject to consent) marketing materials.
- Website improvement and analysis
- Identifying and preventing security risks
- Enforcing terms and conditions and other contracts
6. Cookies and similar technologies
We use both first and third party cookies, pixels and local storage to:
- Keeping user preferences in mind
- Perform analytics (e.g. Google Analytics, Plausible)
- Offer personalised content
You can manage cookies in your web browser settings or via our cookie banner. See our about the cookie policy.
7. Sharing and publishing data
We do not sell your data. We only share it:
| Receiver | Purpose | Safeguards |
| Service providers (e.g. hosting, payments, email, analytics) | Provision of services | Contracts and confidentiality |
| Legal advisers (e.g. lawyers, auditors) | Legal obligations, settlement of claims | The professional secret |
| Institutions and authorities | Legal requirements | Legal basis |
| For commercial transactions | Transfer of assets or business | Prior information and safeguards |
8. Transmission of data outside the EU
If we transfer data outside the European Economic Area (EEA):
- We do this for the European Commission decision on competence on the basis of or
- We use standard contractual clauses (SCCs) or
- Other legal mechanisms with the necessary safeguards
9. Retention periods
We will only keep personal data for as long as necessary for the purposes described or as required by law (e.g. for accounting purposes). At the end of the retention period, the data will be deleted or anonymised.
10. Security
We use technical and organisational security measures (e.g. TLS encryption, firewalls, access restrictions, training). Transmission over the Internet is never 100% secure, but we will do everything reasonable to ensure that your information is protected.
11. Your rights
Under the GDPR, you have the following rights:
- Accessed at - get a copy of your data
- Correction - correcting inaccuracies
- Deletion ("right to be forgotten") - deletion of data in certain cases
- Restriction of processing - temporary suspension of processing
- Data transfer - receiving data in machine-readable form
- Objection to processing - for legitimate interest and marketing
- Withdrawal of consent - at any time, without prejudice to the validity of the previous processing.
To exercise your rights, write to us at info@kytt.eu. We may ask for confirmation of identity. We will reply within 1 month at the latest.
If you think your data has been compromised, you can contact your national data protection supervisory authority. Our supervisory authority is:
Data Protection Inspectorate
Tatari 39, 10134 Tallinn
Tel: +372 627 4135
E-mail: info@aki.ee
12. Automated decisions and profiling
We will not use your personal data to make automated decisions that would have legal or significant consequences.
13. Children's privacy
We do not knowingly collect data from children under the age of 16. If you think a child has provided information, please let us know so we can delete it.
14. Third party links
The website may contain links to other sites. We are not responsible for the privacy practices or the content of such sites. Please review the privacy policy of each third party separately.
15. Policy changes
We may renew this policy from time to time. Changes will be published on this page and will be marked with a new 'effective from' date. Significant changes will be notified by email or website.
16. Contact
If you have any questions or queries regarding the processing of personal data, please contact:
E-mail: info@kytt.eu
Address: Kytt.eu OÜ, Padriku tee 5/2-2, 11912 Tallinn, Estonia
Last updated: 7 July 2025