Privacy Policy

Effective date: May 16, 2026

Your privacy is important to us, and we are providing this Privacy Policy to explain our protection of personal information about you. The phrase “Personally Identifiable Information” in this policy shall refer to information or a combination of information that you provide to us through the Internet that can be used to uniquely identify you. We will not release any Personally Identifiable Information about you to outside parties without permission (except as needed to provide the goods or services you have expressly requested, or except in exceptional circumstances where this may be required by law or to protect legal rights). Our Privacy Policy is described in more detail below:

1. What Data We Collect

We collect personal data only in the following situations:

  • When you submit a contact form on our website (name, email address, phone number, and the content of your message)
  • When you subscribe to our BPM Newsletter (email address only)
  • When you open a support ticket (name, email address, and support request details)
  • Automatically via cookies and analytics tools when you browse our website (see Section 4)

We do not collect payment information, we do not operate cloud services, and we do not process any data belonging to our customers’ end users.

2. How We Use Your Data

We use the data you provide exclusively to:

  • Respond to your inquiry or support request
  • Send you the newsletter you subscribed to
  • Improve our website and services based on aggregated, anonymized analytics

We do not use your data for automated decision-making or profiling. We do not sell your data to third parties. We do not use your data for third-party advertising.

3. Legal Basis for Processing (GDPR)

We process your personal data on the following legal bases under GDPR Article 6:

  • Consent (Art. 6(1)(a)) — for newsletter subscriptions and contact form submissions where you have actively provided consent
  • Legitimate interests (Art. 6(1)(f)) — for website analytics to improve our services, where this does not override your rights and freedoms

4. Cookies and Analytics

Our website uses cookies and Google Analytics (via Google Tag Manager) to understand how visitors use our site. This includes data such as pages visited, time spent, and general geographic location. This data is aggregated and anonymized — it is not linked to your identity.

You can disable cookies in your browser settings at any time. You may also opt out of Google Analytics tracking via the Google Analytics Opt-out Browser Add-on.

5. Data Retention

We retain form submission data for a maximum of 24 months from the date of submission, after which it is permanently deleted. Newsletter subscriber data is retained until you unsubscribe. You may request earlier deletion at any time (see Section 7).

6. Data Storage and Security

Your data is stored on secured servers. Access is restricted to authorised CaseAgile personnel only. We use SSL/TLS encryption for all data transmission. In the event of a personal data breach, we will notify the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) within 72 hours as required by GDPR, and affected individuals without undue delay where the breach poses a high risk to their rights.

7. Your Rights Under GDPR

As an EU resident you have the following rights regarding your personal data:

  • Right of access — request a copy of the data we hold about you
  • Right to rectification — request correction of inaccurate data
  • Right to erasure — request deletion of your data
  • Right to restrict processing — request that we limit how we use your data
  • Right to data portability — request your data in a portable format
  • Right to object — object to processing based on legitimate interests
  • Right to withdraw consent — withdraw consent at any time without affecting prior processing

To exercise any of these rights, contact us at info@caseagile.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate: www.aki.ee

8. Third-Party Services

Our website uses the following third-party services that may process data on our behalf:

  • Google Analytics / Google Tag Manager — website analytics (Google LLC, USA). Governed by Google’s Privacy Policy and EU-US Data Privacy Framework.
  • Akismet — spam filtering for form submissions (Automattic Inc., USA)
  • reCAPTCHA — bot protection (Google LLC, USA)

Our website may contain links to third-party websites. We are not responsible for their privacy practices.

9. Children

Our website and services are directed at business professionals and are not intended for children under 16 years of age. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this policy periodically. The effective date at the top of this page will reflect the date of the most recent revision. Significant changes will be communicated via a notice on our website.

11. Contact

For any privacy-related questions or requests: CaseAgile OÜ, Sakala tn 7-2, Tallinn 10141, Estonia Email: info@caseagile.com