PRIVACY POLICY

1. INTRODUCTION

Welcome to ELYSEIN's Privacy Policy. ELYSEIN ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

By accessing or using our services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access our website or use our services.

2. INFORMATION WE COLLECT

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

  • Fill out contact forms on our website

  • Request information about our services

  • Subscribe to our newsletters or marketing communications

  • Engage with us for consulting or professional services

  • Create an account or register for our services

  • Communicate with us via email, phone, or other channels

This personal information may include:

  • Full name

  • Email address

  • Company name

  • Job title

  • Phone number

  • Business address

  • Project details and requirements

  • Payment and billing information

  • Any other information you choose to provide

2.2 Information Automatically Collected

When you visit our website, we automatically collect certain information about your device and browsing activity, including:

  • IP address

  • Browser type and version

  • Operating system

  • Device type (desktop, mobile, tablet)

  • Referring website addresses

  • Pages viewed and time spent on pages

  • Date and time of visits

  • Clickstream data

  • Geographic location (country/city level)

  • Language preferences

2.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities. Cookies are small data files stored on your device that help us:

  • Recognize you when you return to our website

  • Remember your preferences and settings

  • Understand how you use our website

  • Improve our website functionality and user experience

  • Deliver targeted advertising

Types of cookies we use:

Essential Cookies: Required for the website to function properly. These cannot be disabled.

Functional Cookies: Remember your preferences and choices to enhance your experience.

Analytics Cookies: Help us understand how visitors use our website through aggregated data analysis.

Marketing Cookies: Track your browsing activity to deliver relevant advertisements.

You can control cookie preferences through your browser settings. However, disabling certain cookies may limit website functionality.

2.4 Information from Third Parties

We may receive information about you from third parties, including:

  • Business partners and service providers

  • Public databases and sources

  • Social media platforms (if you interact with our social media presence)

  • Professional networking sites

  • Marketing and analytics providers

3. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

3.1 Service Delivery

  • Provide, maintain, and improve our IT solutions and services

  • Process and fulfill service requests

  • Communicate with you about projects and deliverables

  • Provide customer support and respond to inquiries

  • Manage user accounts and access

3.2 Business Operations

  • Process payments and maintain financial records

  • Conduct internal business operations and administration

  • Manage contracts and service agreements

  • Perform accounting, auditing, and billing activities

  • Maintain business records and documentation

3.3 Communication

  • Send administrative information, updates, and notices

  • Respond to your questions and requests

  • Provide technical support

  • Send newsletters and marketing communications (with your consent)

  • Notify you about changes to our services or policies

3.4 Marketing and Analytics

  • Conduct market research and analysis

  • Understand user preferences and behavior

  • Improve our website, services, and user experience

  • Develop new products and services

  • Deliver targeted advertising and promotional content

  • Measure the effectiveness of our marketing campaigns

3.5 Legal and Security

  • Comply with legal obligations and regulatory requirements

  • Protect against fraud, security threats, and illegal activities

  • Enforce our Terms of Use and other agreements

  • Resolve disputes and investigate complaints

  • Protect our rights, property, and safety, and that of our users

  • Respond to legal processes and government requests

3.6 With Your Consent

  • Any other purpose for which you provide explicit consent

4. LEGAL BASIS FOR PROCESSING (UK GDPR)

Under UK GDPR, we process your personal data on the following legal bases:

Contractual Necessity: Processing necessary to perform our contract with you or take steps at your request before entering into a contract.

Legitimate Interests: Processing necessary for our legitimate business interests, such as improving services, fraud prevention, and direct marketing, provided these interests do not override your rights.

Legal Obligation: Processing necessary to comply with legal requirements, such as tax and accounting obligations.

Consent: Where you have given explicit consent for specific processing activities, such as marketing communications.

Vital Interests: In rare cases, processing necessary to protect your vital interests or those of another person.

You have the right to object to processing based on legitimate interests. See Section 9 for details on your rights.

5. HOW WE SHARE YOUR INFORMATION

We do not sell, rent, or trade your personal information to third parties. We may share your information in the following circumstances:

5.1 Service Providers

We engage trusted third-party service providers to perform functions on our behalf, including:

  • Cloud hosting and infrastructure providers

  • Payment processors and financial institutions

  • Email and communication services

  • Customer relationship management (CRM) systems

  • Analytics and data analysis providers

  • Marketing and advertising platforms

  • IT security and cybersecurity services

  • Professional advisors (lawyers, accountants, consultants)

These service providers have access to your information only to perform specific tasks and are obligated to protect your information and use it solely for the purposes we specify.

5.2 Business Transfers

If ELYSEIN is involved in a merger, acquisition, asset sale, reorganization, or bankruptcy, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

5.3 Legal Requirements

We may disclose your information when required by law or in response to:

  • Court orders, subpoenas, or legal processes

  • Government or regulatory requests

  • Requests from law enforcement authorities

  • Legal claims or disputes

  • Protection of our rights, property, or safety

  • Prevention of fraud or illegal activities

5.4 With Your Consent

We may share your information with third parties when you provide explicit consent for us to do so.

5.5 Aggregated or Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you, for research, analytics, marketing, or other business purposes.

6. INTERNATIONAL DATA TRANSFERS

ELYSEIN operates primarily in the United Kingdom. However, we may transfer your personal data to countries outside the UK and European Economic Area (EEA) where our service providers or business partners are located.

When we transfer your data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO)

  • Adequacy decisions recognizing equivalent data protection standards

  • Binding Corporate Rules for intra-group transfers

  • Your explicit consent where required

Countries outside the UK/EEA may not provide the same level of data protection. We take steps to ensure your data receives adequate protection wherever it is processed.

7. DATA SECURITY

We implement appropriate technical and organizational security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction, including:

Technical Measures:

  • Encryption of data in transit and at rest

  • Secure socket layer (SSL) technology

  • Firewalls and intrusion detection systems

  • Regular security assessments and vulnerability testing

  • Access controls and authentication mechanisms

  • Secure data backup and disaster recovery procedures

Organizational Measures:

  • Employee training on data protection and security

  • Confidentiality agreements with staff and contractors

  • Access controls limiting data access on a need-to-know basis

  • Regular review and updating of security policies

  • Incident response and breach notification procedures

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your data to the best of our ability.

8. DATA RETENTION

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

Client Information: Retained for the duration of the business relationship and for up to 7 years after termination to comply with legal, tax, and accounting obligations.

Marketing Communications: Retained until you unsubscribe or request deletion, after which we may retain minimal information to honor your opt-out preferences.

Website Analytics: Typically retained for 26 months for analysis purposes.

Financial Records: Retained for 7 years in accordance with UK tax and accounting requirements.

Legal Claims: Information related to legal claims retained until the claim is resolved and any appeal periods have expired.

When personal information is no longer needed, we securely delete or anonymize it in accordance with our data retention and disposal policies.

9. YOUR RIGHTS UNDER UK GDPR

Under UK data protection law, you have the following rights regarding your personal data:

9.1 Right of Access

You have the right to request a copy of the personal information we hold about you, along with information about how we use it.

9.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal information.

9.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal information in certain circumstances, such as:

  • The data is no longer necessary for the purposes for which it was collected

  • You withdraw consent (where processing is based on consent)

  • You object to processing and there are no overriding legitimate grounds

  • The data has been unlawfully processed

  • Legal obligations require erasure

9.4 Right to Restriction of Processing

You have the right to request restriction of processing in certain situations, such as:

  • You contest the accuracy of the data

  • Processing is unlawful but you prefer restriction to erasure

  • We no longer need the data but you need it for legal claims

  • You have objected to processing pending verification of legitimate grounds

9.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible.

9.6 Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests.

9.7 Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or significantly affect you. We do not currently engage in automated decision-making that produces such effects.

9.8 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time. This does not affect the lawfulness of processing before consent was withdrawn.

9.9 Right to Lodge a Complaint

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your data properly:

Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF

Telephone: 0303 123 1113 Website: www.ico.org.uk

9.10 Exercising Your Rights

To exercise any of these rights, please contact us using the details in Section 15. We will respond to your request within one month, though this may be extended by two additional months for complex requests. We may request additional information to verify your identity before processing your request.

10. CHILDREN'S PRIVACY

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information promptly.

If you believe we have collected information from a child, please contact us immediately using the contact details in Section 15.

11. THIRD-PARTY WEBSITES AND SERVICES

Our website may contain links to third-party websites, applications, and services that are not operated by us. This Privacy Policy does not apply to third-party websites or services.

We are not responsible for the privacy practices, content, or security of third-party websites. We recommend reviewing the privacy policies of any third-party websites you visit.

When you interact with third-party services integrated into our website (such as social media plugins, analytics tools, or payment processors), those third parties may collect information about you subject to their own privacy policies.

12. MARKETING COMMUNICATIONS

12.1 Consent

We may send you marketing communications about our services, industry insights, and promotional offers if:

  • You have given explicit consent

  • You are an existing client and we are marketing similar services

  • We have a legitimate interest and you have not opted out

12.2 Opting Out

You can opt out of marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email

  • Updating your communication preferences in your account settings

  • Contacting us using the details in Section 15

Even if you opt out of marketing communications, we may still send you transactional and administrative messages related to our services.

13. DO NOT TRACK SIGNALS

Some web browsers include a "Do Not Track" (DNT) feature that signals to websites you visit that you do not want your online activity tracked. Currently, there is no standard for how DNT signals should be interpreted, and our website does not respond to DNT signals at this time.

14. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy

  • Notify you via email or prominent notice on our website

  • Obtain your consent where required by law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Your continued use of our services after changes to this Privacy Policy constitutes your acceptance of the updated policy.

15. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

ELYSEIN

Email: info@elysein.com

We will respond to your inquiry as promptly as possible, typically within 30 days.

16. SPECIFIC PROVISIONS FOR UK USERS

16.1 UK GDPR Compliance

This Privacy Policy is designed to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

16.2 Data Controller

ELYSEIN is the data controller responsible for your personal data processed in connection with our services.

16.3 ICO Registration

ELYSEIN is registered with the UK Information Commissioner's Office (ICO). [Registration number to be added upon registration]

16.4 Lawful Bases

We have identified the lawful bases for processing your personal data as set out in Section 4 of this Privacy Policy, in accordance with Article 6 of UK GDPR.

16.5 Sensitive Personal Data

We do not generally process special categories of personal data (such as health information, racial or ethnic origin, political opinions, religious beliefs, or biometric data) unless specifically required for service delivery and with your explicit consent or as otherwise permitted by law.

16.6 Accountability

We maintain appropriate documentation of our data processing activities and implement privacy by design and by default principles in our services and operations.

ACKNOWLEDGMENT

BY USING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND AGREE TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR INFORMATION AS DESCRIBED HEREIN.

elysein.com is owned by Elysein Limited OÜ, registration number 17379660, address: Harju maakond, Tallinn, Kesklinna linnaosa, Vesivärava tn 50-201, 10152, Estonia

© 2025 Elysein Limited OÜ. All rights reserved.

Privacy Policy : Terms of Use