Legal
Privacy Policy
1. Introduction
Entear OÜ ("Entear", "we", "us", or "our") is a company registered in Estonia and operating under the laws of the European Union. We are committed to protecting the personal data of individuals who interact with our website, services, and products.
This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights as a data subject under the General Data Protection Regulation (GDPR) (EU) 2016/679.
By using our website at https://entear.com, booking a discovery call, or engaging our services, you acknowledge that you have read and understood this policy.
2. Data Controller
The data controller responsible for your personal data is:
| Company | Entear OÜ |
| Registered address | Estonia, European Union |
| privacy@entear.com | |
| Website | https://entear.com |
As an Estonian-registered entity, Entear OÜ is subject to Estonian law and EU data protection legislation, including the GDPR.
3. Data We Collect
We collect personal data only where necessary and proportionate to the purpose.
3.1 Data you provide directly
- Name and email address when you contact us or book a discovery call
- Company name, job title, and project details shared during consultation
- Any information you include in messages sent via our contact form or email
3.2 Data collected automatically
- IP address and browser type when you visit our website
- Pages visited, time spent, and referring URLs (via analytics tools)
- Cookie data — see Section 8 for full details
3.3 Data from third-party platforms
- Booking data from Cal.com when you schedule a discovery call
- Payment information processed by our payment providers (we do not store card details)
4. Legal Bases for Processing
We process your personal data only where we have a valid legal basis under Article 6 of the GDPR:
- Contractual necessity (Art. 6(1)(b)): To deliver services you have engaged us for, fulfil a contract, or take steps prior to entering into a contract.
- Legitimate interests (Art. 6(1)(f)): To operate and improve our website, respond to enquiries, and conduct business development — where these interests are not overridden by your rights.
- Consent (Art. 6(1)(a)): Where we send marketing communications or use non-essential cookies. You may withdraw consent at any time.
- Legal obligation (Art. 6(1)(c)): Where we must retain data to comply with EU or Estonian legal requirements, including tax and accounting obligations.
5. How We Use Your Data
- Responding to enquiries and booking discovery calls
- Delivering and managing project-based or retainer services
- Sending project updates, invoices, and service communications
- Improving our website and understanding how visitors use it
- Complying with legal and regulatory obligations
- Sending marketing communications where you have opted in
We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.
6. Data Retention
We retain personal data only for as long as necessary for the purposes described in this policy, or as required by law.
| Data type | Retention period |
|---|---|
| Contact and enquiry data | Up to 2 years from last contact |
| Client project data | Up to 7 years after contract completion (Estonian accounting law) |
| Website analytics data | Up to 26 months |
| Marketing data | Until you withdraw consent or unsubscribe |
When data is no longer required, we securely delete or anonymise it.
7. Data Sharing and Third Parties
We do not sell your personal data. We may share data with trusted third-party service providers under binding data processing agreements:
| Provider | Purpose |
|---|---|
| Cal.com | Discovery call scheduling |
| Email service providers | Transactional and communication emails |
| Analytics providers | Website analytics (see Section 8) |
| Cloud infrastructure providers | Hosting and storage |
Where we transfer data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.
8. Cookies
Our website uses cookies to function properly and to help us understand how visitors use the site.
8.1 Types of cookies we use
| Type | Purpose | Consent required |
|---|---|---|
| Strictly necessary | Required for the website to operate | No |
| Analytics | Page views, session duration, site usage | Yes |
| Marketing | Personalise content, track campaigns | Yes |
8.2 Managing cookies
You can manage your cookie preferences at any time via the cookie settings banner on our website, or through your browser settings. Withdrawing consent for non-essential cookies does not affect the lawfulness of prior processing.
9. Your Rights Under GDPR
As a data subject under the GDPR, you have the following rights:
| Right | Article | What it means |
|---|---|---|
| Access | Art. 15 | Request a copy of the personal data we hold about you |
| Rectification | Art. 16 | Request correction of inaccurate or incomplete data |
| Erasure | Art. 17 | Request deletion where no lawful basis for retention applies |
| Restriction | Art. 18 | Request that we limit how we process your data |
| Portability | Art. 20 | Receive your data in a structured, machine-readable format |
| Object | Art. 21 | Object to processing based on legitimate interests or direct marketing |
| Withdraw consent | — | Withdraw at any time without penalty |
To exercise any of these rights, contact us at privacy@entear.com. We will respond within 30 days. In complex cases we may extend this by a further two months, with notice.
10. Right to Lodge a Complaint
If you believe we have not handled your personal data in accordance with the GDPR, you have the right to lodge a complaint with a supervisory authority.
As an Estonian-registered company, our lead supervisory authority is:
Andmekaitse Inspektsioon (Estonian Data Protection Inspectorate)
Website: www.aki.ee · Email: info@aki.ee
You may also contact the supervisory authority in your country of residence or place of work within the EU.
11. Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or damage. These include:
- Encrypted data transmission (TLS/HTTPS)
- Access controls and authentication on all systems handling personal data
- Regular review of data handling practices
- Data minimisation — we collect only what we need
In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, notify affected individuals without undue delay.
12. Children's Data
Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at privacy@entear.com and we will delete it promptly.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The "Last updated" date at the top of this document indicates when the policy was last revised.
Where changes are material, we will notify you via email or via a prominent notice on our website.
14. Contact Us
For any questions, requests, or concerns regarding this Privacy Policy or how we handle your personal data:
Entear OÜ
Email: privacy@entear.com · Website: entear.com
We aim to respond to all data protection enquiries within 5 business days.
Entear OÜ · Registered in Estonia · European Union · © 2026