Legal
Privacy policy
Effective Date: 27 June 2026
Privacy Policy for cybsis.ee
1. Introduction
This Privacy Policy outlines how RaulWalter OÜ ("we", "us", "our"), the operator of cybsis.ee (the "Site"), handles information. RaulWalter OÜ is the data controller for any data processed in relation to this Site.
We are committed to protecting your privacy and collecting the minimum amount of information necessary for the operation of our Site.
2. Our Data Collection Philosophy
Our approach is privacy-by-design, not privacy-as-an-afterthought. The Site uses no third-party analytics and sets no cookies — usage measurement is first-party, cookieless, self-hosted on our own infrastructure in the EU, and free of any external tracker (see section 4). We collect as little as possible and never keep your IP address with these measurements. The only personal data you actively give us is what you choose to submit on the quote-request form.
3. Information We Do NOT Collect
To be fully transparent, we want to clarify what we do not do:
- Tracking cookies. The Site does not set analytics, advertising, or behavioural-tracking cookies. There is no cookie banner because there is nothing to consent to.
- Third-party analytics. No Google Analytics, no Mixpanel, no Plausible, no Cloudflare Analytics — no analytics provider of any kind.
- User accounts. The Site does not have a user-registration or login system, so we do not collect personal information related to accounts (names, usernames, or passwords).
- Cross-site scripts and trackers. The Site does not embed third-party scripts, fonts, or pixels that would let a third party observe your visit.
4. Information We DO Process and Why
Like most websites, our web server records standard technical information in server logs. The Site additionally records pseudonymous first-party usage events, and the quote-request form collects what you voluntarily submit.
- Quote-request form. When you submit the form, we receive: your name, work email, company name, country, optional role, and optional free-text notes — plus the bundle selection you configured. This data is used solely to prepare and deliver a commercial quote and to follow up about it. The legal basis is your consent (GDPR Art. 6(1)(a)) given by submitting the form, and our legitimate interest in responding to commercial enquiries (Art. 6(1)(f)).
- Bundle configurator. Your bundle selection is encoded in the URL query string and additionally stored in your browser's localStorage so you can come back to it. This data never leaves your browser unless you submit the quote form.
- First-party usage measurement. The Site records pseudonymous page-view and interaction events in our own self-hosted analytics: the page visited (including any query string), how long you spend on a page, how far you scroll, the external site that referred you, the destination of any external link you click, the language, the browser and device type, and — on the pricing configurator — the bundle options you select. To count visitors without identifying anyone, our server derives two short-lived pseudonymous keys from a salted hash of your IP address and browser type: a session key that changes every day, and a visitor key that changes every calendar month. The daily key cannot connect your activity across different days; the monthly key lets us tell new visitors apart from returning ones within a single month, then rotates — so it cannot be linked across months or back to you. Your IP address is never stored with these events, no cookies or browser storage are used, no third party is involved, and the data stays on our own infrastructure in the EU. Legal basis: our legitimate interest (GDPR Art. 6(1)(f)) in understanding how the Site is used.
- Server logs. Includes your IP address, date/time of visit, pages accessed, browser type, and operating system. Processed under our legitimate interest (GDPR Art. 6(1)(f)) to ensure security and functionality.
5. Data Sharing and Third Parties
We do not sell or trade your data. The minimum data sharing required to operate the Site involves the following processors:
- Hosting and infrastructure. The Site, its server logs, and our self-hosted analytics all run on Amazon Web Services (AWS) in the EU (Stockholm region), acting as a data processor on our behalf. They are contractually bound to keep the data secure and only process it according to our instructions.
- Email delivery. Quote-request submissions are sent to sales@raulwalter.com and an automatic acknowledgement is sent back to the address you provided. Outbound email is delivered via Amazon SES (AWS, EU) in accordance with a data-processing agreement.
We will not disclose this data to any other third party unless legally required to do so by a court order or governmental request.
6. Cookies
The Site does not use tracking cookies. The bundle configurator stores your selection in your browser's localStorage so you can return to it later — this is local to your browser and is not transmitted to us. You can clear it via your browser's site-data controls at any time.
7. Data Retention
- Quote-request emails are retained in the sales inbox according to RaulWalter's internal retention policy. You can request deletion at any time by emailing sales@raulwalter.com.
- Server logs are typically retained for 90 days for security purposes.
- Usage events are pseudonymous (they contain no IP address, name, or other direct identifier) and are not subject to a fixed deletion schedule — they are kept, largely as aggregated reports, for as long as they remain useful for product planning and trend analysis.
8. Your Rights Under GDPR
As our Site is operated from Estonia (an EU member state), you have rights under the General Data Protection Regulation (GDPR). Even though we collect minimal data, you have the right to:
- Request access to the personal data we hold about you.
- Request correction of any incorrect data.
- Request erasure of your personal data.
- Object to the processing of your data.
- Request restriction of processing.
- Lodge a complaint with the Estonian Data Protection Inspectorate.
To exercise these rights, please contact us using the details below.
9. Links to Other Websites
Our Site may contain links to other websites that are not operated by us (notably raulwalter.com). If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content or privacy practices of any third-party sites.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes.
11. Contact Us / Data Controller
RaulWalter OÜ, Rüütli 11, 10130 Tallinn, Estonia.
If you have any questions about this Privacy Policy, please contact us at sales@raulwalter.com.