+372 600 1234 info@cryptolicense.pro Tornimäe tn 5, Tallinn
Free Consultation

Legal

Privacy Policy

Last updated 15 March 2026

This privacy policy explains how Crypto License Pro OÜ ("we", "us", "the firm") processes personal data of website visitors, prospective clients, and engaged clients under Regulation (EU) 2016/679 ("GDPR").

1. Data controller

The data controller is Crypto License Pro OÜ, a private limited company incorporated in Estonia (registration number 16842310), with registered office at Tornimäe tn 5, 10145 Tallinn, Estonia.

Privacy and DPO contact: privacy@cryptolicense.pro.

2. What we collect and why

We collect personal data only where we have a lawful basis to do so under Article 6 GDPR.

Website visitors

  • Technical data (IP address, browser, device, referring page) — legitimate interest in maintaining and securing the site.
  • Cookies — see our Cookie Policy.

Prospective clients (contact form, email, calls)

  • Identifying data (name, email, company, phone) — consent and pre-contractual steps.
  • Information you choose to share about your project, operating model, and licensing needs — consent.

Engaged clients

  • KYC data on directors, beneficial owners, and authorised signatories — legal obligation under Estonian Money Laundering and Terrorist Financing Prevention Act.
  • Engagement-related correspondence and documentation — performance of contract.
  • Billing and payment data — performance of contract and legal obligation under Estonian accounting law.

3. Who we share data with

We do not sell personal data and we do not share it for marketing purposes. We disclose personal data only to:

  • Regulators where you have instructed us to file an authorisation application on your behalf.
  • Our IT service providers (cloud hosting, email, document management) under written data-processing agreements.
  • Tax and accounting advisors under their own legal-professional duties of confidentiality.
  • Public authorities where we are required by Estonian or EU law to do so.

4. International transfers

Some of our processors are located outside the European Economic Area. Where this is the case, transfers are made under Standard Contractual Clauses adopted by the European Commission, supplemented where necessary by additional safeguards following the Schrems II ruling.

5. Retention

  • Prospective-client correspondence: 24 months from last contact unless you ask us to delete it sooner.
  • Engagement files: seven years after engagement end (Estonian Bar Association rules and accounting law).
  • KYC records: five years after engagement end (Estonian AML law minimum).
  • Website analytics: 14 months.

6. Your rights

Under GDPR you have the right to:

  • Access your personal data and obtain a copy.
  • Have inaccurate data corrected.
  • Have your data erased where we no longer have a lawful basis to keep it.
  • Restrict or object to processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon, aki.ee) or the supervisory authority of your habitual residence.

7. Security

We apply technical and organisational measures appropriate to the risk, including encryption in transit and at rest, access controls, and staff training on confidentiality obligations under the Estonian Bar Association rules.

8. Changes to this policy

We update this policy when our practices change. The "last updated" date at the top reflects the most recent revision. Material changes will be communicated to active clients by email.

9. Contact

Questions about this policy or about how we handle your personal data: privacy@cryptolicense.pro.