Privacy Policy of terra.blue
Last updated: 2026-05-01
Thank you for visiting terra.blue. Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website or engage with our services.
1. Data Controller
The data controller responsible for your personal information is:
Xolo Go OÜ – Walter Leonhard Dr Kuehnlein
Paju tn 1a, 50603 Tartu, Estonia
Email: web@xolo.group
2. Categories of Data Collected
We collect the following types of personal data:
Identity Data (e.g., name, passport, national ID)
Contact Data (e.g., email address, phone number)
Financial Data (e.g., bank details, payment history)
Technical Data (e.g., IP address, browser type, cookies)
Usage Data (e.g., page views, clicks, engagement metrics)
Communication Data (e.g., messages, support inquiries)
3. Legal Basis for Processing
We process your personal data based on the following legal grounds under Article 6(1) GDPR:
Consent (Art. 6(1)(a)) for cookies and marketing communications
Contractual necessity (Art. 6(1)(b)) to provide services
Legal obligation (Art. 6(1)(c)) for AML and recordkeeping
Legitimate interest (Art. 6(1)(f)) for security and improvement
4. Purpose of Processing
We use your data for the following purposes:
To provide and manage our services
To process payments and invoices
To comply with anti-money laundering laws
To improve website functionality and user experience
To communicate offers and updates (with your consent)
5. Retention Periods
Personal data is retained:
As long as necessary to fulfil contractual obligations
For 7 years for financial and legal recordkeeping
Until consent is withdrawn for marketing data
6. Data Transfers
If personal data is transferred outside the EEA:
Standard Contractual Clauses (SCCs) are in place
Data processors are vetted for compliance
Transfers comply with GDPR and relevant local laws
7. Rights of Data Subjects
You have the right to:
Access, rectify, or erase your data
Restrict or object to processing
Withdraw consent at any time
Data portability
Lodge a complaint with the Estonian Data Protection Inspectorate
To exercise your rights, contact us at: web@xolo.group
8. Data Protection Officer (DPO)
We have appointed a DPO. For any privacy-related concerns, please contact: privacy@xolo.group
9. Security Measures
We use technical, administrative, and physical safeguards to protect your data, including:
SSL encryption
Access control and role-based permissions
Secure backups and log monitoring
10. Automated Decision-Making
We do not engage in automated decision-making or profiling that significantly affects you.
11. Cookies and Tracking Technologies
We use:
Functional and performance cookies
Google Analytics and similar tools
Cookie banner and opt-in system (as per ePrivacy Directive)
You can manage cookie preferences in your browser settings.
12. Minors
Our website and services are not intended for individuals under the age of 16. We do not knowingly collect data from minors.
13. Corporate Transactions
If we undergo a merger, acquisition, or asset sale, your data may be transferred as part of that transaction, with notice provided as required.
14. Policy Updates
We may update this policy. Material changes will be announced via our website or email. The date of the latest revision is stated at the top.
If you have any questions or concerns, please contact us:
Email: web@xolo.group
Thank you for trusting terra.blue with your information.
