Privacy Policy for Fjordio OÜ
Last Updated: October 30, 2025
Fjordio OÜ, a company registered at Veerenni 15-6, 10135 Tallinn, Estonia ("we," "us," "our," or "Fjordio"), operates an online platform (the "Platform") that facilitates paid digital marketing services, including content creation, sponsored article publication, link-building, influencer marketing, PR, and related services (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when you ("User," including Advertisers, Publishers, influencers, or other entities) access or use the Platform or Services.
We are committed to processing personal data in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the Estonian Personal Data Protection Act, and other applicable data protection laws. By using the Platform or Services, you consent to the practices described in this Privacy Policy. If you do not agree, you must not use the Platform or Services.
This Privacy Policy should be read in conjunction with our Terms and Conditions, which govern your use of the Platform and Services.
1. Data Controller
Fjordio OÜ is the data controller responsible for your personal data processed through the Platform and Services.
Contact Details:
Email: support@fjordio.com
Address: Veerenni 15-6, 10135 Tallinn, Estonia
You may contact us for any privacy-related inquiries, including exercising your rights under Section 9.
2. Categories of Personal Data We Collect
We collect the following categories of personal data:
2.1 Data Provided by You
Account Registration Data: Full name, email address, phone number, company name, billing address, payment information (e.g., credit card details processed via secure third-party payment processors), and tax identification numbers.
Publisher-Specific Data: Portal URLs, domain metrics (e.g., traffic estimates, domain authority), banking details for payouts, and Portal ownership verification documents.
Advertiser-Specific Data: Content specifications, branding guidelines, target keywords, campaign details, and any materials submitted for content creation (e.g., images, text).
Communication Data: Messages, complaints, support tickets, and correspondence via the Platform, email (support@fjordio.com), or other channels.
Order-Related Data: Order details, specifications, approvals, and performance feedback.
2.2 Data Collected Automatically
Usage Data: IP address, browser type, device information, operating system, access times, referring URLs, and Platform navigation paths.
Cookies and Tracking Technologies: We use essential, functional, and analytical cookies to ensure Platform functionality, remember preferences, and analyze usage. You can manage cookie preferences via your browser settings. For details, see Section 7.
Performance Metrics: Where available, traffic, clicks, impressions, and other statistics from Publisher Portals (aggregated and anonymized where possible).
2.3 Data from Third Parties
Subcontractors and Service Providers: Data shared by copywriters, AI tools, influencers, payment processors, or analytics providers to fulfill Orders.
Crawled/Scraped Data: Publicly available data from User websites (e.g., tone, language, branding) to customize Services, as described in the Terms and Conditions (Section 9.1).
Verification Data: Information from third-party services for Portal quality checks, payment validation, or compliance screening.
We do not collect special categories of personal data (e.g., health, racial origin, political opinions) unless voluntarily provided in Content specifications, in which case you are responsible for compliance.
3. Purposes and Legal Bases for Processing
We process personal data for the following purposes and on the following legal bases (GDPR Article 6):
Purpose | Legal Basis | Examples |
Account creation, management, and authentication | Contract performance (necessary to provide Services) | Registering Platform Accounts, verifying identity |
Order fulfillment and Service delivery | Contract performance | Creating/publishing Content, facilitating payments, mediating disputes |
Payment processing and settlements | Contract performance; Legal obligation (e.g., tax reporting) | Invoicing, payouts to Publishers, VAT compliance |
Communication and support | Contract performance; Legitimate interests (efficient Service delivery) | Responding to inquiries, notifications about Orders or Account status |
Platform improvement and analytics | Legitimate interests (enhancing functionality, security, and user experience) | Analyzing usage patterns, debugging, performance reporting |
Marketing and promotional activities | Consent (where required); Legitimate interests (non-intrusive promotions to existing Users) | Sending Service updates, case studies (using non-confidential data per Terms Section 6.5) |
Compliance, fraud prevention, and risk management | Legal obligation; Legitimate interests (protecting the Platform and Users) | Screening for unlawful activity, responding to legal requests |
Data crawling/scraping for Service customization | Contract performance | Aligning Content with User branding (per Terms Section 9.1) |
Sharing with subcontractors or other Users | Contract performance | Providing specifications to Publishers/Copywriters for Order execution |
We minimize data processing to what is necessary for these purposes.
4. Sharing and Disclosure of Personal Data
We share personal data only as necessary and under appropriate safeguards:
With Other Users: Advertisers' specifications with Publishers/Copywriters; Publishers' Portal details with Advertisers for Order selection.
With Subcontractors and Third-Party Providers: Payment processors, AI tools, hosting providers, analytics services, and influencers, bound by data processing agreements (GDPR Article 28).
For Legal Reasons: To comply with laws, court orders, or authorities; to enforce Terms; or to protect rights, safety, or property.
Business Transfers: In case of merger, acquisition, or asset sale, with notice where required.
Aggregated/Anonymized Data: For analytics or marketing, where data cannot identify individuals.
We do not sell personal data.
5. International Data Transfers
The Platform is operated from Estonia (EU). Data may be transferred to subcontractors outside the EEA (e.g., for AI tools or payment processing). Transfers occur only under GDPR safeguards, such as:
Adequacy decisions (e.g., EU-US Data Privacy Framework where applicable).
Standard Contractual Clauses.
Binding Corporate Rules (where applicable).
You consent to such transfers by using the Services. Details available upon request.
6. Data Retention
We retain personal data only as long as necessary:
Account Data: Until Account deletion + legal retention period.
Order/Transaction Data: For the full period required for tax and compliance purposes.
Communication Data: Up to 3 years post-resolution, unless longer for disputes.
Usage Logs: Up to 12 months for security/analytics.
Published Content Data: As required to enforce publication obligations (per Terms Section 5.6), but personal data minimized.
Upon Account deletion (per Terms Section 15.1), we anonymize or delete data except where retention is legally required. Outstanding obligations (e.g., Content maintenance) persist.
7. Cookies and Tracking Technologies
Essential Cookies: Required for login, security, and basic functionality.
Functional Cookies: Remember preferences (e.g., language).
Analytical Cookies: Track aggregated usage (e.g., via Google Analytics, with anonymization).
You can disable non-essential cookies in browser settings, but this may impair Platform functionality. Our cookie banner obtains consent for non-essential cookies.
8. Security Measures
We implement reasonable technical and organizational measures to protect data, including:
Encryption (e.g., HTTPS, data-at-rest encryption).
Access controls and authentication.
Regular security audits.
Employee training.
However, no system is fully secure. We are not liable for breaches beyond our reasonable control (per Terms Section 11). Report suspected incidents to support@fjordio.com.
9. Your Rights Under GDPR
As a data subject, you have the right to:
Access: Obtain a copy of your personal data.
Rectification: Correct inaccurate data.
Erasure ("Right to be Forgotten"): Delete data where no longer necessary or with withdrawn consent (subject to legal obligations and Terms, e.g., Content maintenance).
Restriction: Limit processing in certain cases.
Portability: Receive data in a structured format.
Objection: Object to processing based on legitimate interests.
Withdraw Consent: Where processing relies on consent.
Lodge a Complaint: With the Estonian Data Protection Inspectorate (www.aki.ee) or your local authority.
Exercise rights by emailing support@fjordio.com with proof of identity. We respond within 30 days (extendable for complexity). Rights may be limited by contractual obligations (e.g., Order fulfillment) or legal requirements.
10. Children's Privacy
The Platform and Services are not intended for individuals under 18. We do not knowingly collect data from children. If discovered, we will delete it promptly.
11. Changes to This Privacy Policy
We may update this Policy to reflect changes in processing or law. Material changes will be notified via email or Platform notice. Continued use constitutes acceptance. Check the "Last Updated" date for the current version.
12. Contact Us
For questions, rights requests, or complaints:
Email: support@fjordio.com
Address: Veerenni 15-6, 10135 Tallinn, Estonia
We aim to resolve privacy concerns amicably. If unsatisfied, contact the Estonian Data Protection Inspectorate.