Loading
Skip to content
Kliendikeskkond Võta ühendust
+372 5835 6356 info@hicare.ee
© 2026 HiCare

Privacy Policy

Last updated: 19.01.2026 Effective: 01.02.2026
🇪🇪 Eesti 🇬🇧 English

1 General Information & Data Controller

This Privacy Policy describes how HiCare OÜ (registry code 17240582) collects, uses, stores, and protects your personal data in accordance with the European Union General Data Protection Regulation (GDPR) and the Estonian Personal Data Protection Act.

Data Controller

HiCare OÜ
Registry Code: 17240582
Email: info@hicare.ee
Phone: +372 5835 6356
Website: hicare.ee

Our Principle: We only collect data that is necessary for providing our services. Your privacy is important to us and we process all data responsibly.

2 What Data We Collect

2.1 Data You Provide

  • Contact Information: name, email address, phone number, company name
  • Login Credentials: username, password (encrypted)
  • Communication Data: content of messages sent to us, conversation history
  • Project Data: website address, technical requirements, preferences
  • Application Data: CV, cover letter, education, work experience

2.2 Automatically Collected Data

  • Device Data: IP address, browser type and version, operating system, screen resolution
  • Usage Data: pages visited, time spent on page, clicks, scrolling behavior
  • Referral Data: where you came from (search engine, social media, direct link)
  • Location Data: country and city (based on IP address, not precise location)

2.3 Data Received from Third Parties

  • Publicly available business information (registry data)
  • Social media profiles (only with your consent)

3 Our Tools and Services

HiCare uses various tools and systems that may collect data:

Free Website Analysis

We analyze your website's technical condition, SEO aspects, and performance.

Data collected: Website URL, email address, analysis results, IP address

Chat Lenne (AI Assistant)

AI-based chat assistant providing information about our services.

Data collected: Conversation content, questions, session ID, timestamp

Client Portal

Secure environment for project management, communication, and document sharing.

Data collected: Account data, project info, documents, messages, login history

HiCare Analytics

Internal analytics system for understanding website usage.

Data collected: Visit statistics, page views, click heatmaps, session data

Booking System

Tool for booking consultations and meetings.

Data collected: Name, email, phone, booking time, project description

Email Marketing

Newsletters and marketing messages with your consent.

Data collected: Email address, preferences, open and click statistics

4 Purposes of Data Processing

Purpose Data Legal Basis
Service Delivery
Providing ordered services and project management		 Contact data, project data, communication Contract Performance
Customer Support
Answering questions and solving problems		 Contact data, conversation history Legitimate Interest
Marketing
Newsletters and personalized offers		 Email, preferences, behavioral data Consent
Analytics
Website and service improvement		 Usage data, device data Consent
Security
Preventing fraud and attacks		 IP address, login history Legitimate Interest
Legal Obligations
Accounting, taxation		 Billing data, transactions Legal Obligation
Recruitment
Candidate evaluation and employment contracts		 CV, cover letter, contact data Pre-contractual Relationship

6 Cookies and Tracking Technologies

6.1 What Are Cookies?

Cookies are small text files that a website stores on your device. They help us provide a better user experience and understand how our site is used.

6.2 Cookies We Use

Cookie Name Type Purpose Duration
hicare_cookie_consent Necessary Stores your cookie consent choice 1 year
hicare_session Necessary Session management Session
hicare_analytics_* Analytics Visit statistics (anonymous) 30 days
hicare_visitor_id Analytics Unique visitor counting 1 year

6.3 Managing Cookies

You can manage cookies:

  • Through our cookie banner – on first website visit
  • In browser settings – you can disable or delete cookies
  • By contacting us – we'll help change cookie settings

Note: Analytics cookies are used ONLY with your consent. Without consent, our analytics system does not track your activity.

7 Data Sharing

7.1 Who We Share Data With

We may share your data with the following parties:

  • Service Providers: Server hosting (in EU), email services, payment services
  • Business Partners: Only to the extent necessary for project execution
  • Law Enforcement: To fulfill legal obligations

7.2 Our Service Providers

Service Provider Purpose Location
Zone.ee / Web Hosting Server hosting Estonia / EU
Gmail / Google Workspace Email services EU (data centers)
Stripe / Montonio Payment processing EU

7.3 What We DO NOT Do

  • We do not sell your data to third parties
  • We do not share data with advertising networks
  • We do not transfer data outside the EU without appropriate safeguards

8 Data Security

We implement appropriate technical and organizational measures to protect your data:

8.1 Technical Measures

  • SSL/TLS Encryption: All data is transmitted encrypted (HTTPS)
  • Secure Servers: Data is stored in secure data centers in the EU
  • Password Encryption: Passwords are stored as bcrypt hashes
  • Firewall and Intrusion Detection: Automatic protection against attacks
  • Regular Backups: Daily backup copies

8.2 Organizational Measures

  • Limited access to data (need-to-know basis)
  • Employee training on data protection
  • Confidentiality obligations
  • Regular security audits

Data Breach: In case of a data breach, we will notify you and the Data Protection Inspectorate within 72 hours in accordance with GDPR requirements.

9 Data Retention

We retain data only as long as necessary to achieve the purposes of processing:

Data Type Retention Period Justification
Client project data Up to 7 years after project end Accounting obligations, warranty claims
Marketing consent Until consent is withdrawn Consent-based processing
Analytics data 12 months Statistics and service improvement
Chat logs (Chat Lenne) 6 months Service quality assurance
Application data 6 months after recruitment ends Possible future applications
Billing data 7 years Accounting Act

10 Your Rights

Under the GDPR, you have the following rights:

Right of Access

Find out what data we process about you

Right to Rectification

Request correction of inaccurate data

Right to Erasure

Request deletion of your data ("right to be forgotten")

Right to Restriction

Restrict certain processing operations

Right to Portability

Receive your data in machine-readable format

Right to Object

Object to processing of your data

How to Exercise Your Rights?

To exercise your rights, contact us at info@hicare.ee. We respond to requests within 30 days. We may request additional information to verify your identity.

Filing a Complaint

If you believe your rights have been violated, you have the right to file a complaint with the Data Protection Inspectorate:

  • Website: www.aki.ee
  • Email: info@aki.ee
  • Phone: +372 627 4135

11 Client Account and Portal

11.1 Account Creation

To use the Client Portal, we create an account for you. During account creation, we collect:

  • Name and email address
  • Company information (if applicable)
  • Contact phone
  • Your chosen password (stored encrypted)

11.2 Account Usage

In the Client Portal, we store:

  • Your project info and history
  • Documents and files
  • Messages and communication history
  • Login history (for security purposes)

11.3 Account Security

  • We use strong authentication
  • Two-factor authentication (2FA) is available
  • We notify you of suspicious logins
  • Passwords are encrypted with bcrypt algorithm

11.4 Account Deletion

You may request account deletion at any time. We will delete all data except what we must retain for legal obligations (e.g., billing data).

12 Employee and Candidate Data

12.1 Application Process

When applying for a job, we collect:

  • CV and cover letter
  • Contact information (name, email, phone)
  • Education and work experience
  • References contacts (with your consent)

12.2 Candidate Data Processing

  • Legal Basis: Pre-contractual relationship (GDPR Art. 6(1)(b))
  • Retention: 6 months after recruitment ends
  • Extended Retention Consent: You may allow data retention for future opportunities

12.3 Employee Data

During employment, we process:

  • Data necessary for employment contract performance
  • Salary data and tax information
  • Working time records
  • Emergency contact information

Employee Privacy: Employee personal data processing complies with labor law and data protection requirements. Details are provided when signing the employment contract.

13 International Data Transfers

Your data is primarily processed in the European Union. If data needs to be transferred outside the EU, we ensure appropriate safeguards:

  • European Commission Adequacy Decisions: Countries with adequate data protection
  • Standard Contractual Clauses (SCC): EU-approved contractual safeguards
  • Your Consent: In exceptional cases with your explicit consent

Currently, we use service providers that process data in the EU. If this changes, we will notify you before transferring data.

14 Policy Changes

We may update this Privacy Policy from time to time. When making changes:

  • We update the date at the top of the page
  • We notify you of significant changes by email
  • Changes take effect 30 days after publication
  • Continued use of services means acceptance of changes

We recommend reviewing this policy regularly.

15 Contact Information

Questions about Privacy?

HiCare OÜ

Registry Code: 17240582

Email: info@hicare.ee

Phone: +372 5835 6356

Website: hicare.ee

Related Documents

Terms of Service Cookie Policy
Back to home
Tere, mina olen Lenne.
Räägime? 👋
Lenne