Privacy Policy
1. Introduction
This Privacy Policy explains how Brouwer Advisory Services OÜ (“we”, “us”, “our”) processes your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and Estonian data protection law.
Company details:
Brouwer Advisory Services OÜ
Reg. No: 17144499
VAT No: EE102819429
Address: Pärnu mnt 388b, 11612 Tallinn, Estonia
Email: inquiry@brouwer-advisory.com
Data Controller: Sebastiaan Brouwer (Board Member)
2. What Personal Data We Collect
We may collect the following categories of personal data:
- Name
- Email address
- Phone number
- Company name
- Professional role/title
- IP address and browser data (via cookies and analytics tools)
- Any other data you voluntarily provide via contact forms, emails, or during service delivery
3. How and Why We Use Your Data
We use your personal data for the following purposes:
Purpose | Legal Basis |
To respond to inquiries and contact requests | Consent or legitimate interest |
To deliver contracted services | Performance of a contract |
To issue invoices and comply with tax obligations | Legal obligation |
To improve website functionality and user experience | Consent (for cookies) |
For marketing and newsletters | Consent (only if opted in) |
4. Sharing Your Data
We do not sell or rent your personal data. We may share it with:
- Service providers (e.g., email hosting, website analytics)
- Legal or regulatory authorities if required by law
All third-party service providers are GDPR-compliant and subject to data processing agreements.
5. International Transfers
We aim to store and process data within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).
6. Data Retention
We retain personal data only for as long as necessary:
- For communication and marketing: up to 2 years from last contact
- For client records: 7 years for accounting/legal compliance
- For cookies: see Cookie Policy
7. Your Rights
Under GDPR, you have the right to:
- Access your personal data
- Correct or update inaccurate data
- Request deletion of your data (“right to be forgotten”)
- Restrict or object to data processing
- Request data portability
- Withdraw your consent at any time (for consent-based processing)
- Lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon)
8. How to Exercise Your Rights
Contact us at [Insert email address] with your request. We will respond within 30 days, unless an extension is justified.
9. Security Measures
We implement appropriate technical and organizational security measures to protect your data, including encryption, access controls, and secure storage.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website with the effective date clearly stated.