Privacy Policy
FoxIoT OÜ — Registry code 14954341
FoxIoT OÜ ("FoxIoT", "we", "us", or "our") is registered in Estonia (registry code 14954341), with its registered address at Pärnu mnt 148, 11317 Tallinn, Estonia. This Privacy Policy describes how we collect, use, and protect personal data when you visit our website or interact with us.
1. Data We Collect
1.1 Information You Provide
When you contact us via our contact form, our chat widget, or email, we collect:
- Name
- Email address
- Company name (if provided)
- Message content
We collect only the information necessary to respond to your inquiry or fulfil a contract.
1.2 Server Logs
Our web server keeps standard access logs containing the IP address, browser type, requested URL, and timestamp of each request. These logs exist for security monitoring (detecting abuse, debugging errors) and are retained for a maximum of 30 days, then deleted. We do not run any web analytics service (Google Analytics, Plausible, etc.) on this website.
2. Cookies and Browser Storage
This website does not set any tracking, advertising, or analytics cookies.
The chat widget uses your browser's localStorage to remember your active chat conversation between page loads (so a reply from us reaches you even if you've navigated). This is strictly necessary for the feature to work and is not used for tracking. It can be cleared at any time via your browser's site-data settings.
If we add analytics or advertising in the future, we will ask for your consent first via a cookie banner, and this section will be updated accordingly.
3. Legal Basis for Processing
We process your personal data on the following legal bases under the General Data Protection Regulation (GDPR):
- Contractual necessity: when processing is needed to fulfil an order or service agreement.
- Legitimate interests: for website analytics and responding to business inquiries, where our interests are balanced against your rights.
- Consent: where you have provided explicit consent, such as subscribing to communications.
4. How We Use Your Data
We use the data we collect to:
- Respond to your inquiries and provide customer support
- Process orders and manage customer relationships
- Improve our website and services
- Comply with legal obligations
We do not sell your personal data to third parties. We do not use your data for automated decision-making.
5. Data Sharing
We may share your personal data with:
- Service providers: third-party services that help us operate our website and business (such as hosting providers), who are contractually bound to protect your data.
- Slack Technologies: when you use the chat widget, your name, email, and message content are transmitted to and stored in our private Slack workspace, where our team responds. Slack acts as a data processor under our agreement; their privacy policy is available at slack.com/privacy.
- Legal authorities: when required by applicable law or legal process.
6. Data Retention
We retain personal data only for as long as necessary for the purposes described in this policy, or as required by law.
- Contact form submissions and email correspondence: retained for a maximum of 3 years unless a longer period is required for a contractual relationship.
- Chat conversation content (the text of what was said): retained for up to 180 days on our server and in our Slack workspace, then deleted automatically. We keep this only for the time it normally takes for a conversation to conclude — substantive follow-ups usually move to email well before 180 days.
- Chat customer record (your name and email address): retained as part of our customer records for the duration of our business relationship, so we recognise you the next time you contact us.
You can request earlier deletion of any of the above at any time — see Section 7.
7. Your Rights Under GDPR
As a data subject, you have the following rights:
- Right of access: request a copy of the personal data we hold about you.
- Right to rectification: request correction of inaccurate or incomplete data.
- Right to erasure: request deletion of your personal data ("right to be forgotten").
- Right to restriction: request that we limit processing of your data.
- Right to data portability: receive your data in a structured, machine-readable format.
- Right to object: object to processing based on legitimate interests.
- Right to withdraw consent: where processing is based on consent, withdraw that consent at any time.
To exercise any of these rights, contact us at hello@foxiot.eu. We will respond within 30 days.
You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (www.aki.ee) if you believe we have processed your data unlawfully.
8. International Transfers
We store and process data within the European Union. If any transfer outside the EU/EEA is necessary, we ensure appropriate safeguards are in place in accordance with GDPR requirements.
9. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. For security vulnerability reports, please contact security@foxiot.eu.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The current version will always be available at this URL. Material changes will be noted with an updated effective date.
11. Contact
For any questions about this Privacy Policy or your personal data, contact us:
- Email: hello@foxiot.eu
- Address: FoxIoT OÜ, Pärnu mnt 148, 11317 Tallinn, Estonia