Privacy Policy
How we process and protect your data
Data Controller
Data We Collect
Contact Information
Name and email address — upon registration and lead magnet use.
Company Information
Company name, sector, and size — in scope checks and assessments.
Payment Information
Payments are processed via LemonSqueezy. We do not store or process card data ourselves.
Technical Information
IP address and browser type — in server logs for security purposes.
Cookies
Functional cookies for session management and analytics cookies for service improvement (with consent only).
Legal Basis for Processing
We process your data based on the following GDPR Article 6 grounds:
- Art. 6(1)(b)Contract performance — necessary to provide the service
- Art. 6(1)(f)Legitimate interest — to ensure service security and quality
- Art. 6(1)(a)Consent — for marketing communications (via email)
Data Retention
Data Sharing with Third Parties
We only share your data with the following service providers:
Payment processing (USA — Standard Contractual Clauses)
Server hosting (Germany)
We do not sell or share your data with advertisers or other third parties.
Your Rights
Under GDPR, you have the following rights:
To exercise your rights, contact: info@doraaudit.eu
You have the right to lodge a complaint with the Estonian Data Protection Inspectorate (AKI) at www.aki.ee
Cookies
Security Measures
- HTTPS encryption for all data transfers
- Access restricted to authorized personnel
- Regular backups for data protection
Policy Changes
We will notify you of significant changes via email. We recommend reviewing this page regularly.