Privacy Policy

Last updated: January 1, 2024

1. Introduction

VatDB, operated by Nineties Engineering OÜ ("we", "our", or "us"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our VAT validation API service and website.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the service.

2. Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us when you:

  • Register for an account
  • Subscribe to our service
  • Contact us for support
  • Sign up for our newsletter

This information may include:

  • Name and email address
  • Company name and address
  • Payment information (processed securely by our payment provider)
  • VAT numbers submitted for validation

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain our service
  • Process your transactions and send related information
  • Send you technical notices, updates, and support messages
  • Respond to your comments, questions, and customer service requests
  • Monitor and analyze usage patterns and trends
  • Detect, prevent, and address technical issues
  • Comply with legal obligations

4. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this privacy policy, unless a longer retention period is required by law. API request logs are retained for 90 days for debugging and analytics purposes, after which they are automatically deleted.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes:

  • TLS encryption for all data in transit
  • Encryption for data at rest
  • Access controls and authentication measures
  • ISO 27001 certified hosting infrastructure within the EU

6. GDPR Compliance

We are an EU company and comply fully with the General Data Protection Regulation (GDPR). All data is stored and processed within the European Union. You have the right to:

  • Access your personal data
  • Rectify inaccurate personal data
  • Request erasure of your personal data
  • Restrict processing of your personal data
  • Data portability
  • Object to processing of your personal data

To exercise any of these rights, please contact us at support@nineties.ee.

7. Third-Party Services

We may share your information with third-party service providers who perform services on our behalf, such as:

  • Payment processing
  • Cloud hosting (EU based)
  • Analytics

These providers are contractually bound to protect your information and may only use it to provide services to us.

8. Cookies

We use essential cookies to enable basic website functionality and analytics cookies to understand how visitors interact with our website. You can control cookie preferences through your browser settings.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last updated" date.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us:

  • Nineties Engineering OÜ
  • Sepapaja 6, 15551 Tallinn, Estonia
  • Email: support@nineties.ee
  • Reg. No: 16206643
  • VAT: EE102380424