Legal

Privacy Notice

Version: March 2026

1. General

This website is operated by Telvias OÜ(“we,” “us,” or “our”), a provider of cloud-based communication solutions (the “Service”).

This privacy notice (“Notice”) explains how we collect, use, store, and disclose personal data when you:

  • Visit or interact with https://telvias.com (the “Website”);
  • Contact us through the Website or other communication channels;
  • Enter into or maintain a contractual relationship with us, including registering an account or subscribing to our newsletter; or
  • Take any other action that results in us receiving your personal data.

We process your personal data in accordance with applicable legislation, including the European Union's General Data Protection Regulation (“GDPR”) and relevant national data protection laws, as applicable to the controller identified in Section 2.

Important: This Notice does not apply to data we process on behalf of our clients in the course of delivering the Service. In that capacity, we act as a data processor, and such processing is governed by a Data Processing Agreement (DPA) with the relevant client, who acts as the data controller. The data controller is responsible for informing you about that processing.

If you disclose personal data of any third party (e.g., an employee, board member, or colleague) to us, you are responsible for directing them to this Notice.

2. Controller

The controller of your personal data for the purposes described in this Notice is:

Telvias OÜ
Registry code: 17462816
Address: Harju maakond, Tallinn, Kesklinna linnaosa, Masina tn 22, 10113, Estonia
Email: info@telvias.com

For data protection inquiries, please contact us at info@telvias.com.

3. Categories and Sources of Personal Data

Personal data refers to any information that can be used to directly or indirectly identify you as a natural person (“Personal Data”). The categories we collect depend on how you interact with us.

Main Data

  • First name, last name
  • Email address
  • Phone number
  • Authentication and profile data received from third parties (e.g., Google LLC)

Source: Provided directly by you, by the organization you represent, or by third parties acting on your instructions.

Contract Data

For establishing and managing contractual relationships, we may also process:

  • Billing information
  • Industry
  • Legal entity name and registry code
  • Job title

Source: Provided directly by you, your organization, or payment providers.

Communication Data

When you interact with us via the Website, chat, social media, or email, we may process:

  • Username
  • Message content
  • Timestamps

This is in addition to Main Data and Contract Data, as applicable.

Marketing Data

  • Position or job title
  • Publicly available information (e.g., LinkedIn profiles, public registries)

Usage Data

When you use our Service:

  • User ID and role
  • Actions performed within the system
  • Logs and error data

Technical Data

When you visit our Website:

  • IP address
  • Approximate location
  • Browser and operating system
  • Session data
  • Navigation behavior

Cookie Data

We use cookies for Website functionality and optimization. For details, please see our Cookie Policy.

If you do not provide required Personal Data, we may be unable to deliver services or respond to your requests.

4. Legal Bases and Purposes of Processing

Pre-contractual and Contractual Processing

Purpose: Onboarding, demos, trials, and contract conclusion.
Legal basis: Performance of pre-contractual measures; legitimate interest.
Data used: Main Data, Contract Data, Communication Data.

Service Delivery

Purpose: Providing the Service, billing, and customer support.
Legal basis: Performance of a contract; legitimate interest.

Communication

Purpose: Responding to inquiries and maintaining customer relationships.
Legal basis: Performance of a contract; legitimate interest.

Marketing

Purpose: Sending newsletters and product updates.
Legal basis: Your consent, which you may withdraw at any time.

Analytics

Purpose: Improving our services and user experience.
Legal basis: Legitimate interest.

Legal Compliance

Purpose: Meeting regulatory obligations and preventing fraud.
Legal basis: Legal obligation.

5. Mobile Data and SMS Policy

We do not share mobile information with third parties for marketing or promotional purposes. All categories explicitly exclude SMS opt-in data and consent, which will not be shared with any third party.

Mobile data may include:

  • Phone numbers
  • Location data
  • Device identifiers
  • Usage data

We may share such data only with providers strictly necessary to deliver messaging services, such as telecom operators and infrastructure providers.

6. Recipients of Personal Data and Data Transfers

We disclose Personal Data only when necessary and subject to appropriate confidentiality obligations.

Controllers

  • Regulatory authorities
  • Legal advisors

Processors

  • IT and cloud hosting providers
  • Analytics providers
  • CRM systems
  • Telecom providers

All processors are required to sign Data Processing Agreements, comply with GDPR, and implement appropriate security measures.

International Transfers

Where Personal Data is transferred outside the EU/EEA, we rely on Standard Contractual Clauses (SCCs) or equivalent safeguards to ensure adequate protection.

7. Data Retention

We retain Personal Data only as long as necessary for the purposes described in this Notice:

  • Financial data: Up to 7 years, as required by law.
  • Account data: Up to 3 years after account inactivity.
  • Marketing data: Until you withdraw your consent.

After the applicable retention period, Personal Data is securely deleted or anonymized.

8. Your Rights

Under applicable data protection law, you have the right to:

  • Access your Personal Data
  • Correct inaccurate or incomplete data
  • Request deletion of your data
  • Restrict processing in certain circumstances
  • Object to processing based on legitimate interest
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent at any time, without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at info@telvias.com.

You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (www.aki.ee).

9. Security of Personal Data

We implement technical and organizational measures to protect your Personal Data, including:

  • Encryption in transit (TLS) and at rest
  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA)
  • Secure infrastructure and monitoring systems
  • Regular backups
  • Incident response procedures

We follow the principles of privacy by design and privacy by default.

10. Links to Other Websites

Our Website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites.

11. Amendments

We may update this Notice from time to time. The latest version is always available at https://telvias.com.