Privacy Policy

How transtorm.ai processes personal data

Last updated: 2026-02-16

1. Data Controller

The controller of personal data is transtorm.ai .

  • Address: Harju maakond, Tallinn, Kesklinna linnaosa, Pärnu mnt 88b, 10131
  • E-mail: info@transtorm.ai

2. Data We Collect

Depending on your interactions with our website and services, we may collect:

  • Identity and contact details (name, e-mail, company)
  • Billing and transaction data (where applicable)
  • Technical data (truncated IP address, device type, browser, logs)
  • Usage data (visited pages, navigation events)
  • Communications (messages sent via forms and e-mails)

We do not seek to collect sensitive personal data (including health data) through this website.

3. Purposes of Processing

We process personal data to:

  • Provide, operate, and improve our AI automation services
  • Respond to requests and provide customer support
  • Manage contracts, billing, and administrative follow-up
  • Ensure security, prevent fraud, and maintain service continuity
  • Analyze website performance and improve user experience
  • Send service and marketing communications where legally permitted

We rely on the following legal bases:

  • Performance of a contract or pre-contractual steps
  • Compliance with legal obligations
  • Legitimate interests (security, service improvement, operations)
  • Consent, where required (for example, certain cookies)

5. Cookies and Tracking Technologies

We use cookies and similar technologies, including:

  • Strictly necessary cookies
  • Analytics cookies
  • Preference cookies
  • Marketing cookies, only when required by law and after consent

You can manage cookie preferences in your browser settings and, where available, via our consent banner.

6. Data Recipients

We may share personal data with:

  • Technical service providers (hosting, maintenance, analytics, support tools)
  • Payment service providers (if you purchase paid services)
  • Professional advisers, auditors, and public authorities when required by law

Those parties receive only data necessary for their tasks and are bound by confidentiality and security obligations.

7. International Transfers

If some providers are located outside the EU/EEA, we apply appropriate safeguards, such as the European Commission Standard Contractual Clauses, plus suitable technical and organizational measures.

8. Retention Periods

We keep personal data for no longer than necessary for the stated purposes, then delete or anonymize it.

Indicative retention periods:

  • Contact data: up to 3 years after last active contact
  • Contractual and billing data: according to legal obligations
  • Technical logs: limited period proportionate to security and operations

9. Your Rights

Under GDPR, you have rights including:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to object
  • Right to data portability
  • Right to withdraw consent at any time (where consent is the legal basis)

To exercise your rights, contact: info@transtorm.ai

10. Security

We apply reasonable technical and organizational measures to protect personal data against loss, unauthorized access, alteration, or disclosure.

11. Supervisory Authority

You have the right to lodge a complaint with a competent data protection authority, including in Estonia:

Andmekaitse Inspektsioon (Estonian Data Protection Inspectorate).

12. Updates

We may update this Privacy Policy to reflect legal, technical, or operational changes. The current version is published on this page with its update date.