privacy

Privacy Policy of terra.blue

Last updated: July 31, 2025

Thank you for visiting terra.blue. Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website or engage with our services.

1. Data Controller

The data controller responsible for your personal information is:

Xolo Go OÜ – Walter Leonhard Kuehnlein

Paju tn 1a, 50603 Tartu, Estonia

Email: web@xolo.group

2. Categories of Data Collected

We collect the following types of personal data:

Identity Data (e.g., name, passport, national ID)

Contact Data (e.g., email address, phone number)

Financial Data (e.g., bank details, payment history)

Technical Data (e.g., IP address, browser type, cookies)

Usage Data (e.g., page views, clicks, engagement metrics)

Communication Data (e.g., messages, support inquiries)

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under Article 6(1) GDPR:

Consent (Art. 6(1)(a)) for cookies and marketing communications

Contractual necessity (Art. 6(1)(b)) to provide services

Legal obligation (Art. 6(1)(c)) for AML and recordkeeping

Legitimate interest (Art. 6(1)(f)) for security and improvement

4. Purpose of Processing

We use your data for the following purposes:

To provide and manage our services

To process payments and invoices

To comply with anti-money laundering laws

To improve website functionality and user experience

To communicate offers and updates (with your consent)

5. Retention Periods

Personal data is retained:

As long as necessary to fulfil contractual obligations

For 7 years for financial and legal recordkeeping

Until consent is withdrawn for marketing data

6. Data Transfers

If personal data is transferred outside the EEA:

Standard Contractual Clauses (SCCs) are in place

Data processors are vetted for compliance

Transfers comply with GDPR and relevant local laws

7. Rights of Data Subjects

You have the right to:

Access, rectify, or erase your data

Restrict or object to processing

Withdraw consent at any time

Data portability

Lodge a complaint with the Estonian Data Protection Inspectorate

To exercise your rights, contact us at: web@xolo.group

8. Data Protection Officer (DPO)

We have appointed a DPO. For any privacy-related concerns, please contact: privacy@xolo.group

9. Security Measures

We use technical, administrative, and physical safeguards to protect your data, including:

SSL encryption

Access control and role-based permissions

Secure backups and log monitoring

10. Automated Decision-Making

We do not engage in automated decision-making or profiling that significantly affects you.

11. Cookies and Tracking Technologies

We use:

Functional and performance cookies

Google Analytics and similar tools

Cookie banner and opt-in system (as per ePrivacy Directive)

You can manage cookie preferences in your browser settings.

12. Minors

Our website and services are not intended for individuals under the age of 16. We do not knowingly collect data from minors.

13. Corporate Transactions

If we undergo a merger, acquisition, or asset sale, your data may be transferred as part of that transaction, with notice provided as required.

14. Policy Updates

We may update this policy. Material changes will be announced via our website or email. The date of the latest revision is stated at the top.

If you have any questions or concerns, please contact us:

Email: web@xolo.group

Thank you for trusting terra.blue with your information.