Privacy Policy

Last updated: 6 June 2026

This privacy policy explains how Tervistoiduga OÜ (“we”) collects and uses your personal data when you visit the website tervistoiduga.ee or order our services. We process your data in accordance with the European Union General Data Protection Regulation (GDPR) and the Estonian Personal Data Protection Act.

For cookies, see the separate cookie policy.

1. Who is responsible for your data

Your data is controlled by:

  • Tervistoiduga OÜ (registry code 17478616)
  • The service is delivered by Kristel Wahl
  • Email: info@tervistoiduga.ee

If you have questions about your data, write to us at this address.

2. What data we collect

Depending on how you interact with us, we may collect:

  • Contact details: name, email address, phone number.
  • Contact-form data: if you fill in the contact form on our website, we collect your name (so we know who is writing), your email address (so we can reply to you) and the subject or content of your inquiry (so we understand your question).
  • Booking data: the time you choose, the type of service, and any messages or notes you add when booking.
  • Content of your communications: emails and other messages you send us.
  • Technical data: for example your IP address, browser and device type, and the time of your visit, where the website or its security system records these.
  • Website statistics: if you consent, we collect statistics about how the website is used (see section 4).

Health data. The website itself does not collect health data. I collect health data through the pre-questionnaire needed to provide the counselling service and through information shared during the consultation. I handle and store this data securely (see section 5 for the providers used) and use it only to provide the service, and only as much as needed. Health data is a special category of personal data under the law, and we treat it with particular care (for the legal basis, see section 3).

3. Why and on what basis we use your data

  • Bookings and providing the service. To arrange a time, prepare for the consultation and communicate with you. Basis: our contract with you or steps to enter into it (GDPR Art 6(1)(b)).
  • Responding to your inquiries. When you contact us (e.g. via the contact form or by email), we use your data to reply to you and help you. Basis: our legitimate interest in responding to inquiries, or steps to enter into a contract (GDPR Art 6(1)(f) or (b)).
  • Processing health data. If you share your health data (in the questionnaire or during the consultation), we use it only to provide the service. Basis: your explicit consent (GDPR Art 9(2)(a)), which you give when you share this data in order to receive the service.
  • Operating and securing the website. So that the website works and is protected against misuse. Basis: our legitimate interest (GDPR Art 6(1)(f)).
  • Website statistics. To understand how the website is used and to improve it. Basis: your consent (GDPR Art 6(1)(a)).
  • Direct marketing (if we do it). We send marketing by email only if you have consented or where the law permits it. You can always opt out by clicking the link in the email or by writing to us.

4. Cookies and website statistics (Google)

The website uses cookies. Necessary cookies are always on, because the site won’t work without them. Statistics and other non-essential cookies are switched on only once you consent in the cookie banner.

To collect statistics we use Google’s tools (Google Tag Manager and Google Analytics). These may collect, for example, a pseudonymous identifier, your IP address (often in shortened form), and technical information about your device and use. If you do not consent, these tools are not activated to track you.

You can change your choice at any time via the “Cookie settings” link in the website footer. Read more in the cookie policy.

5. Who we share your data with

We do not sell your data. We share it only with trusted service providers who help us deliver the service and process data on our behalf, for example:

  • booking and calendar service, and booking-form data (Calendly);
  • payment processing (Stripe, Inc.);
  • running video consultations (Zoom);
  • website hosting and platform (Hostinger; the website runs on WordPress) and backups;
  • secure storage of files and client information (Microsoft OneDrive and Apple iCloud Drive);
  • email and client-communication tools;
  • Google (Google Tag Manager and Google Analytics).

We have data-protection agreements in place with these providers. We also share data where the law requires it, or where it is necessary to protect the rights, property or safety of us, our clients or others.

6. Transfers outside Europe

Some of our service providers may be located outside the European Economic Area. In that case we make sure your data is protected — for example, through the standard contractual clauses approved by the European Commission.

7. How long we keep your data

We keep data only for as long as it is needed, or for as long as the law requires. We generally keep customer and contact data for up to 3 years after the end of our client relationship. We keep accounting-related data (such as invoices) for the period required by law (7 years in Estonia). We usually keep booking-related data until the service has been provided and any limitation periods for claims have passed, after which we delete it. The retention period for statistics depends on Google’s settings.

8. Your rights

You have the right to:

  • find out what data we hold about you and to access it;
  • have inaccurate data corrected;
  • have your data deleted where there is a basis for it (the “right to be forgotten”);
  • restrict the use of your data, or object to it;
  • receive your data in a portable form (data portability);
  • withdraw consent at any time (this does not affect processing that took place before the withdrawal);
  • lodge a complaint with the Estonian Data Protection Inspectorate (aki.ee). If you live in another European Union country, you can also turn to your home country’s data protection authority.

To exercise your rights, write to us at info@tervistoiduga.ee. We will normally respond within one month. We may ask you for additional information to confirm your identity.

9. Security

We protect your data with reasonable technical and organisational measures. No one can guarantee complete security on the internet, so please also keep your own accounts and devices secure.

10. Minors

Counselling of a person under 18 takes place only with the consent of a parent or other legal guardian. If we discover that we have collected a minor’s data without the necessary consent, we will take steps to delete it.

11. Changes

We may update this privacy policy from time to time. We’ll publish the new version on this page together with the date. For significant changes, we’ll also give separate notice where possible.

12. Contact

For data protection and privacy questions, write to: info@tervistoiduga.ee

Close
agapizisi.gr © Copyright 2026. All rights reserved.

Close