Last Updated: March 16, 2026
Please read this Privacy Policy carefully, as it affects your legal rights and obligations. This Privacy Policy constitutes an independent legal document. Your rights and obligations when using the autoselling.eu website (hereinafter referred to as the "Service") and/or the "Autoselling" Information System (hereinafter referred to as the "Information System") are also governed by other documents (such as the Terms of Service and public agreements), of which we inform you through our Service.
1.1. This Privacy Policy establishes the rules for the processing of personal information (personal data) by Autoselling technologies OÜ in connection with the use of the autoselling.eu website (the "Service"), contacting the Provider, creating and managing a user account, performing contracts, processing payments, conducting business communications, and utilizing the functionalities of the "AutoSelling" Information System (the "Information System").
1.2. The entity responsible for determining the purposes and means of processing your personal information (the "Business" or "Data Controller") is Autoselling technologies OÜ, a company registered in Estonia, Registration Number: 17446869, with its principal place of business at: Sepapaja tn 6, 15551 Tallinn, Estonia (hereinafter referred to as "We", "Us", or the "Provider").
1.3. This Privacy Policy applies primarily to personal information relating to business users of the Service, including:
1.3.1. users of the Service acting in a business or commercial capacity;
1.3.2. contact persons, representatives, and authorized users of current or prospective Clients;
1.3.3. individuals who create or use an account within the Service for business purposes; and
1.3.4. individuals who contact the Provider in connection with business, commercial, contractual, support, or service-related matters.
The Service is intended primarily for business and commercial use and not for personal, family, or household use. Accordingly, much of the personal information processed by the Provider relates to business representatives, account users, and commercial contacts rather than consumer end users.
1.4. With respect to personal information that a Client uploads, submits, stores, or otherwise makes available within the Information System for or on behalf of its own customers, vendors, employees, or other third parties, Autoselling technologies OÜ generally acts as a Service Provider, Processor, or comparable service provider under applicable law, rather than as the business or controller determining the purposes of such processing.
1.5. This Privacy Policy does not comprehensively govern personal information that Clients entrust to the Provider within the Information System for processing on the Client’s behalf. Such processing is governed by the applicable Terms of Service, Data Processing Agreement, and any other binding contractual documents between the parties.
1.6. If there is any conflict between this Privacy Policy and the applicable Terms of Service or Data Processing Agreement with respect to Client-submitted data processed on behalf of a Client, the Terms of Service and Data Processing Agreement shall control to the extent permitted by applicable law.
2.1. While you use the Service, we may collect and process the following categories of personal information:
2.1.1. Identifiers and Contact Information: First name, last name, email address, telephone number, company name, Employer Identification Number (EIN) or Tax ID (VAT), and job title.
2.1.2. Technical and Authentication Data: Internet Protocol (IP) address, browser and device information, time zone, user identifiers, technical login records, security logs, and other data necessary for access management, account security, and the proper functioning of the Service.
2.1.3. Internet or Other Electronic Network Activity Information (Usage Data): Information regarding your interaction with our Service and the Information System.
2.2. We collect only the information that is reasonably necessary and proportionate to achieve the purposes of providing our services and ensuring the functionality of the Service (Data Minimization).
3.1. The Provider processes personal information for the following business and commercial purposes:
3.1.1. To enter into and perform a contract, or to take steps prior to entering into a contract, including account creation and management, provision of Services, payment processing, service-related communications, and providing access to the Service and Information System.
3.1.2. To comply with applicable legal obligations to which the Provider is subject, particularly accounting, tax, and reporting requirements, responding to lawful requests from public authorities or law enforcement (e.g., subpoenas), and fulfilling obligations arising from applicable US or international laws.
3.1.3. For the Provider's legitimate business interests, which primarily include:
a) Ensuring IT security and the security of user accounts;
b) Preventing, detecting, and investigating fraud, security incidents, and policy violations;
c) Conducting reasonable, individualized B2B (business-to-business) communications with current Clients, their representatives, and prospective Clients in connection with establishing, maintaining, or developing a business relationship;
d) Establishing, exercising, or defending legal claims;
e) Conducting internal statistical analysis and performing necessary and reasonable research and development to improve the Service's functionalities.
3.1.4. To send marketing or promotional communications, place marketing calls, send text messages, or use analytics, advertising, or similar technologies, where and to the extent permitted by applicable law. Where applicable law requires consent, authorization, or an opt-out opportunity for a particular communication channel or activity, the Provider will rely on the applicable lawful basis and provide any legally required notice, consent, unsubscribe, revocation, or opt-out mechanism. This does not affect the sending of operational, service, security, billing, legal, or other transactional notices, nor individualized B2B communications permitted by law.
3.1.5. The Provider does not base its marketing activities on assumed or implied consent solely derived from the use of the Service or the execution of a contract.
4.1. Personal information may be disclosed to third parties only to the extent necessary to achieve the purposes set forth in this Privacy Policy, specifically to the following categories of recipients:
4.1.1. Providers of hosting, cloud storage, and IT infrastructure services;
4.1.2. Providers of communication, technical support, and IT security tools;
4.1.3. Payment processors and billing management entities;
4.1.4. Providers of accounting, legal, auditing, or consulting services;
4.1.5. Entities authorized to receive data pursuant to valid legal processes.
4.2. Depending on the nature of the relationship, the recipients of the data may act as:
4.2.1. Service Providers (Processors) who process data strictly on behalf of the Provider under a written contract; or
4.2.2. Independent Businesses (Controllers), provided they independently determine the purposes and means of processing in accordance with applicable laws.
4.3. Personal information is stored on infrastructure located within the European Economic Area (EEA). The Provider does not intentionally transfer personal information to third countries or international organizations outside of its standard operational framework.
4.3.1. The use of the Service via the public Internet may involve the technical transmission of data through telecommunications infrastructure or transit networks over which the Provider has no control. Such technical transmission does not, in itself, constitute an intentional transfer of personal information by the Provider to recipients outside the EEA.
5.1. We will retain your personal information only for as long as is reasonably necessary to fulfill the purposes for which it was collected:
5.1.1. Account, contract, contact, and relationship-management records relating to the Client relationship may be retained for the duration of the Agreement and for up to 5 years thereafter, to the extent reasonably necessary for contract administration, accounting, tax compliance, recordkeeping, fraud prevention, and the establishment, exercise, or defense of legal claims. For Client-submitted data stored within the Information System on the Client’s behalf, retention, export, deletion, deidentification, or anonymization will be governed by the applicable Terms of Service and, where applicable, the Data Processing Agreement.
5.1.2. Billing and accounting data (e.g., invoices): Retained for a period of 5 years, calculated from the end of the calendar year in which the tax payment deadline expired, in accordance with applicable tax regulations.
5.1.3. Data processed on the basis of your consent (e.g., newsletters, marketing): Retained until you withdraw your consent or opt-out.
5.1.4. Technical data, security records, and system logs: Retained for the period necessary to ensure IT security, prevent fraud, detect incidents, protect the Service, and defend legal claims. This is typically commensurate with the nature of the specific record, but no longer than 5 years, unless a longer retention period is justified by a security incident, ongoing investigation, legal claim, or other statutory requirement.
5.2. Upon the expiration of the specified retention periods, your personal information will be permanently and securely deleted or de-identified (anonymized).
6.1. Our Service uses cookies. We use essential (strictly necessary) cookies that are required for the proper functioning of the Service, authentication within the Information System, and maintaining session security. These cookies are installed automatically.
6.2. In addition to essential cookies, the Provider may use analytical and marketing cookies only after obtaining the user's prior consent, expressed via the cookie banner or consent management tool available within the Service.
6.3. The user may change their cookie preferences or withdraw previously given consent at any time using the cookie management tool available in the Service. Withdrawing consent should be as easy as granting it.
6.4. Denying consent for analytical or marketing cookies shall not deprive the user of access to the core functionalities of the Service. However, restricting or blocking essential cookies may affect the proper functioning of certain features of the Service. The data subject may change or withdraw their consent to the use of optional cookies at any time through the cookie settings available on the Website.
7.1. The Provider implements appropriate technical and organizational measures, proportionate to the risk associated with the processing of personal information, to protect data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures may include access controls, system security, encryption in transit, data backups, security monitoring, and access rights management procedures, depending on the nature and scope of the processing.
7.2. Automated Decision-Making and Profiling. We inform you that we do not make automated decisions based on your personal information, nor do we use profiling that would produce legal effects concerning you or similarly significantly affect you.
8.1. Depending on your state of residence (e.g., California, Virginia, Colorado) and applicable data protection laws, you may have the following rights:
8.1.1. Right to Know / Right of Access: You may request disclosure of the specific pieces and categories of personal information we process about you.
8.1.2. Right to Rectification / Correction: You have the right to request the correction of your personal information if it is inaccurate or incomplete.
8.1.3. Right to Deletion ("Right to be Forgotten"): You may request the deletion of your personal information. The Provider will evaluate such requests subject to legal obligations regarding data retention, the necessity to establish, exercise, or defend legal claims, and other lawful exemptions.
8.1.4. Right to Limit / Restrict Processing: You may request a temporary suspension of the processing of your data.
8.1.5. Right to Data Portability: You may obtain a copy of your data in a structured, commonly used, and machine-readable format for transfer to another entity.
8.1.6. Right to Object / Opt-Out: You may object to data processing based on our legitimate business interests, and you have the right to opt-out of the sale or sharing of your personal information for targeted advertising (Note: The Provider does not "sell" your personal information).
8.1.7. Right to Withdraw Consent / Unsubscribe: If we process data based on your consent (e.g., marketing), you may withdraw it at any time by contacting us at support@autoselling.eu or clicking the "unsubscribe" link. Withdrawal of consent does not affect the lawfulness of processing performed prior to the withdrawal.
8.2. If you believe that our processing of your personal information violates applicable privacy laws, you have the right to file a complaint with the relevant regulatory authority, which may include your state's Attorney General or the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).
9.1. All inquiries, verifiable consumer requests, and statements regarding this Privacy Policy or the processing of personal information should be directed to the Provider:
9.1.1. Electronically (via email): support@autoselling.eu
9.1.2. In writing to our principal place of business: Autoselling technologies OÜ, Sepapaja tn 6, 15551 Tallinn, Estonia
9.2. For matters related to privacy protection, the exercise of your privacy rights, or any questions regarding this Policy, you may contact us at support@autoselling.eu. This contact address is also designated for receiving and processing verifiable consumer requests.
9.3. To protect the rights and security of all individuals, the Provider may require reasonable additional information to verify the identity of the person making a privacy request before fulfilling it.
