ENG

Privacy Policy

Last updated: 20 January 2026

1. About This Website

This website (https://www.cdr.ee) is operated by C.D.R OÜ (registration number 16870134, address: Taevavarava tee 6b-24, Lehmja küla, Rae vald, Harju maakond 75306,Estonia).

The website's sole purpose is to present information about our company and our products. No online services are provided directly through this website, and visitors cannot create accounts or interact with the website beyond browsing content or voluntarily contacting us.

Data Controller: C.D.R Technology OÜ is the data controller responsible for your personal data under applicable data protection laws.

-Other applicable Estonian and EU data protection laws

-Estonian Personal Data Protection Act (Isikuandmete kaitse seadus)

2. Personal Data We Collect

We do not actively collect, track, or process personal data from website visitors.

Personal data is processed only when you voluntarily contact us through:

- Contact form submissions

- Quotation request forms

- Direct email to info@cdr.ee

Data you provide may include:

- Full name

- Company name and position

- Email address

- Phone number

- Message content

- Any other information you voluntarily share

3. Legal Basis for Processing

Your personal data is processed based on the following legal grounds:

- Contractual necessity - To respond to your inquiry and fulfill quotation requests

- Legitimate interest - To manage customer relationships and improve our service delivery

- Legal compliance - To comply with applicable laws and regulations

 We rely on legitimate interest as our primary basis for processing contact information and responding to inquiries.

4. How We Use Your Data

Your personal data is used only for:

- Responding to your inquiry or quotation request

- Communicating about your request or our services

- Maintaining business records related to your inquiry

We do NOT use your data for:

- Marketing or promotional purposes

- Behavioral or analytics tracking

- User profiling or segmentation

- Automated decision-making

- Advertising or retargeting

- Selling or sharing with third parties for commercial purposes

5. Data Storage and Retention

Storage locations:

- Contact and quotation requests are processed via Webflow forms and our internal email systems

- Submitted information is delivered to our company email systems and may be stored in business productivity tools (e.g., email servers)

- We do not maintain separate customer databases beyond standard business email retention

Retention periods:

- We retain data only as long as necessary to handle your request, maintain business records, or comply with legal obligations

- Email correspondence may follow your organization's email retention policies

Right to erasure: You may request deletion of your data at any time, except where we have legal obligations to retain it (e.g., tax or contract records requiring longer retention).

6. Cookies and Tracking Technologies

Essential cookies: This website uses only essential technical cookies required for normal operation of the website platform (Webflow).

Cookie types:

- Session cookies (temporary, deleted when you close your browser)

- Platform functionality cookies (Webflow operational cookies)

- Analytics

 What we do NOT use cookies for:

- Advertising or retargeting

- Behavioral profiling or tracking

- Cross-site tracking

Third-party cookies: Webflow may place additional technical cookies. For details, see Webflow Cookie Policy (https://webflow.com/privacy).

Cookie management: You can disable cookies through your browser settings. Essential technical cookies may limit website functionality if disabled.

7. Data Sharing and Processors

We do not sell, rent, trade, or share personal data with third parties for commercial purposes.

Personal data submitted through this website may be accessed only by the following parties, strictly for the purpose of handling your inquiry or quotation request:

  • Webflow, which provides website hosting and form processing services, under a Data Processing Agreement
  • Email service providers, used solely for email delivery and storage, subject to standard confidentiality obligations
  • Our internal team, limited to personnel responsible for request handling and customer communication, with restricted access and confidentiality obligations

All such parties are contractually bound to:

  • process personal data only on our documented instructions
  • maintain confidentiality
  • apply appropriate technical and organizational security measures
  • comply with the General Data Protection Regulation (GDPR) and applicable data protection laws

All personal data is processed within the European Union and is not transferred outside the European Economic Area (EEA).

8. Your Rights Under Data Protection Law

You have the following rights regarding your personal data:

Right to access - You can request a copy of all personal data we hold about you.

 Right to rectification - You can request correction of inaccurate or incomplete data.

Right to erasure - You can request deletion of your data ("right to be forgotten"), except where we have legal obligations to retain it.

Right to restrict processing - You can request that we limit how we use your data while you investigate concerns.

Right to data portability - You can request your data in a portable, machine-readable format (e.g., CSV) to transfer to another service.

Right to object - You can object to processing based on legitimate interest.

Right to not be subject to automated decision-making - We do not use automated profiling or decisions that affect you legally or significantly.

How to exercise your rights:

Submit your request to: info@cdr.ee

Include:

-Your full name

-Details of the information you seek

-Specific right you're exercising

-Your preferred format for a response

 Response timeline: We will respond to your request within 30 days of receipt. If your request is complex, we may extend this to 60 days and will notify you.

Right to lodge a complaint: If you believe we have violated your rights, you have the right to lodge a complaint with the Estonian Data Protection Inspectorate:

-Website: https://www.aki.ee

-Email: info@aki.ee

-Telephone: +372 6274 135

9. Data Security

We apply appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse, including:

-Secure transmission: Data transmitted through contact forms uses SSL/TLS encryption

-Access controls: Only authorized personnel can access personal data

-Email security: Internal email systems use standard business security protocols

-Regular reviews: We regularly review our security practices

10. Contact and Privacy Requests

For privacy-related questions, requests, or concerns:

Email: info@cdr.ee  

Website: https://www.cdr.ee

Organization: CDR OÜ

Registration Number: 16870134

Address: Taevavarava tee 6b-24, Lehmja küla, Rae vald, Harjumaakond 75306, Estonia

Response time: We aim to respond to privacy inquiries within 5business days.

11. Policy Changes

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes by:

-Publishing the updated policy on this website

-Updating the "Last updated" date at the top of this policy

Continued use of the website following the publication of changes constitutes your acceptance of the updated Privacy Policy.

12. Applicable Law

ThisPrivacy Policy is governed by:

-GDPR (EU Regulation 2016/679)

-Estonian Personal Data Protection Act (Isikuandmete kaitse seadus)

-Other applicable Estonian and EU data protection laws

Last updated: 19 January 2026