Privacy Policy

1. Introduction

This Privacy Policy explains how Brouwer Advisory Services OÜ (“we”, “us”, “our”) processes your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and Estonian data protection law.

Company details:

Brouwer Advisory Services OÜ

Reg. No: 17144499

VAT No: EE102819429

Address: Pärnu mnt 388b, 11612 Tallinn, Estonia

Email: inquiry@brouwer-advisory.com

Data Controller: Sebastiaan Brouwer (Board Member)

2. What Personal Data We Collect

We may collect the following categories of personal data:

  • Name

  • Email address

  • Phone number

  • Company name

  • Professional role/title

  • IP address and browser data (via cookies and analytics tools)

  • Any other data you voluntarily provide via contact forms, emails, or during service delivery

3. How and Why We Use Your Data

We use your personal data for the following purposes:

 

Purpose

Legal Basis

To respond to inquiries and contact requests

Consent or legitimate interest

To deliver contracted services

Performance of a contract

To issue invoices and comply with tax obligations

Legal obligation

To improve website functionality and user experience

Consent (for cookies)

For marketing and newsletters

Consent (only if opted in)

4. Sharing Your Data

We do not sell or rent your personal data. We may share it with:

  • Service providers (e.g., email hosting, website analytics)

  • Legal or regulatory authorities if required by law

All third-party service providers are GDPR-compliant and subject to data processing agreements.

5. International Transfers

We aim to store and process data within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

6. Data Retention

We retain personal data only for as long as necessary:

  • For communication and marketing: up to 2 years from last contact

  • For client records: 7 years for accounting/legal compliance

  • For cookies: see Cookie Policy

7. Your Rights

Under GDPR, you have the right to:

  • Access your personal data

  • Correct or update inaccurate data

  • Request deletion of your data (“right to be forgotten”)

  • Restrict or object to data processing

  • Request data portability

  • Withdraw your consent at any time (for consent-based processing)

  • Lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon)

8. How to Exercise Your Rights

Contact us at [Insert email address] with your request. We will respond within 30 days, unless an extension is justified.

9. Security Measures

We implement appropriate technical and organizational security measures to protect your data, including encryption, access controls, and secure storage.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website with the effective date clearly stated.