Your privacy is very important to us. At MAXCORP, we are committed to safeguarding the privacy of our clients and website visitors. This Privacy Policy explains how we collect, use, disclose, and protect your personal data in accordance with the EU General Data Protection Regulation (GDPR) and Estonian Anti-Money Laundering (AML) laws. MAXCORP OÜ, a private limited company registered in Estonia under company number 10385136, with its registered address at Tornimäe tn 5, Harju maakond, Tallinn 10145, Estonia, acts as the controller of your personal data under this Privacy Policy.
Please read our Privacy Policy, which entered into force on 01.05.2017 and was updated on 28.12.2024, carefully to get a clear understanding of how we collect, use, protect or otherwise handle your information.
1. What personal information do we collect?
We may collect the following categories of personal data:
- Identification info: name, identification document details, personal identification code, date of birth.
- Contact information: telephone number, email address, place of residence.
- Financial information: bank account details, payment information.
- Technical information: IP address, browser type, operating system, referring URLs, and other information collected via cookies and similar technologies.
- Professional information: occupation, employer details.
We collect personal data through various methods, including:
- Direct interactions: when you provide information by filling in forms on our website, corresponding with us by phone, email, or otherwise.
- Automated technologies: as you interact with our website, we may automatically collect technical data about your equipment, browsing actions, and patterns.
- Third parties or publicly available sources: we may receive personal data about you from various third parties and public sources.
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
- AML Compliance Data: retained for a minimum of 5 years after the end of the business relationship or the completion of the transaction, in accordance with Estonian AML laws.
- Contractual Data: retained for the duration of the contract and for 7 years thereafter, in line with statutory limitation periods.
- Marketing Data: retained until you withdraw your consent or opt-out of receiving marketing communications.
After the retention period expires, personal data will be securely deleted or anonymized. We collect the personal information you provide to us whether when making an enquiry on our website and/or via email communication, such as your name, identification document, personal identification code, date of birth, telephone number, place of residence and email address. Further information may be collected from public sources. We may send you emails about our services and other updates, but you may withdraw your permission at any time. According to the anti-money laundering and counter-terrorism financing legislation we are obliged to keep your personal data after the termination of the service contract for the period established by the law, which in some cases can be up to 7 years. You have the right to obtain a copy of the data we have collected.
2. Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Consent: where you have provided consent to process your personal data for specific purposes.
- Contractual necessity: to perform a contract with you or to take steps at your request before entering into a contract.
- Legal obligation: to comply with legal and regulatory obligations, including those related to anti-money laundering (AML) and counter-terrorism financing.
- Legitimate interests: where processing is necessary for our legitimate interests or those of a third party, provided that your fundamental rights do not override those interests.
For transparency, each purpose for which we process your personal data is linked to a lawful basis:
- Service delivery and support – Contractual necessity
- AML and regulatory compliance – Legal obligation
- Marketing communications – Consent
- Analytics and website improvement – Consent (via cookie banner)
- Fraud prevention and risk control – Legitimate interests
3. How do we use the personal information collected?
We process personal data for the following purposes:
- Service delivery: to provide and manage our services, including company formation, corporate services, and compliance solutions.
- Client relationship management: to manage our relationship with you, including responding to inquiries and providing customer support.
- Legal compliance: to fulfil our legal and regulatory obligations, including AML and counter-terrorism financing requirements.
- Marketing and communications: to inform you about our services, updates, and events, where you have consented to receive such information.
- Website improvement: to analyze and improve our website, services, and user experience.
The personal information collected will be used for offering appropriate services and fulfilling other commitments that we may have towards you. The personal information collected may be used for developing our client relationship and, within the scope allowed by the applicable legal acts, for notification, advertising, marketing and statistical purposes. Based on legal regulations, you are obligated to provide us with the personal information in order to use our services.
When you provide us with personal information to complete the order of our services, we imply that you consent to us collecting and using the data. Collecting and processing your personal information is our obligation established by law. We collect and process your personal data only to the extent necessary for being in compliance with legal regulations. You have the right to withdraw your consent at any time. This does not affect the lawfulness of processing based on consent before its withdrawal.
Under GDPR, you have the following rights regarding your personal data:
- Right to Access: You can request access to your personal data and obtain information about how we process it.
- Right to Rectification: You can request correction of inaccurate or incomplete personal data.
- Right to Erasure: You can request the deletion of your personal data under certain conditions.
- Right to Restrict Processing: You can request that we limit the processing of your personal data under certain circumstances.
- Right to Object: You can object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
- Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format, and have the right to transmit that data to another controller.
You also have the right to lodge a complaint with a supervisory authority. In Estonia, this is the Data Protection Inspectorate (Andmekaitse Inspektsioon): www.aki.ee, email: info@aki.ee.
4. Disclosure of the personal information collected
We may disclose your personal information to third-party service providers for providing services you have ordered or for processing your payments. We may disclose your personal information to the authorities if so required by law. Your personal information may be sent to servers outside of Europe and may be used, stored and processed anywhere in the world. We ensure all international transfers are subject to adequate safeguards in accordance with GDPR, such as Standard Contractual Clauses or adequacy decisions. If your personal information is transferred outside the European Economic Area (EEA), we ensure that such transfers are protected by appropriate safeguards, including Standard Contractual Clauses approved by the European Commission or adequacy decisions, where applicable.
5. Security and data protection
We take reasonable precautions to protect your personal information and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. We shall notify you of the data breach without undue delay after becoming aware of such breach.
6. Cookies
We use cookies — small text files stored on your device — to recognize returning visitors, remember preferences, and improve website usability. Cookies also help us understand the most popular areas of our website and enhance its content and navigation. Before placing any non-essential cookies (such as analytics or marketing cookies), we collect your consent through a cookie banner. You can manage or withdraw your consent at any time using your browser settings or our cookie tool.
We also use Google Analytics to collect statistical data about website usage to improve performance. This includes general insights such as visitor traffic and user behavior. The usage of Google Analytics is subject to Google’s Terms of Service. For more details, please refer to our Cookie Policy: www.maxcorp.eu/eng/cookie-policy/
7. Amendments to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
8. Questions and contact information
You have the right, within the scope allowed by the applicable legal acts, to request information on the personal data stored by us. You can also request amendment, rectification or deletion of incomplete, inaccurate or out-of-date personal information stored by us. For further information please contact our Privacy Compliance Officer at info@maxcorp.eu