Privacy Notice

Version 2.1
Last updated: 16.05.2023

This Privacy Notice is an overview of how we collect, use, and process your personal data when you use our website (“Website”), submit information through our forms or contact us in any way. The data we process differs based on your interactions with us, so if anything here only applies to one of the aforementioned use cases, we’ll explicitly point this out to you.

For the purpose of EU Regulation 2016/679 (“GDPR”), Salv Technologies OÜ (“Salv”, “us”, “we”, “our” as applicable), a private limited company based in Estonia, is the “data controller” of your personal data. Our registered office is Veerenni 38b, 10135 Tallinn, Estonia, and our company registry code is 14518700.

If you have any questions about how we protect or use your data, please email us at [email protected].

If you are applying to a position at Salv, please refer to our Recruitment Data Privacy Statement. If you have consented to the usage of cookies, please refer to our Cookies Notice.

1. Our mission

At Salv, our mission is to beat financial crime. We are doing this by building state of the art software and by raising awareness of the current challenges in the AML industry. In all of this, we give utmost respect to the right to privacy and the protection of personal data. This starts with making sure all of our data users and data subjects get meaningful information about how, why and for what purposes data needs to be collected and used.

2. How we protect your personal data

In line with our mission, we are serious about guarding the security of your personal data and thus all information you provide to us is stored on secure servers.

Although we will do our best to protect your personal data, unfortunately we cannot guarantee the security of your data during transmission, and any transmission is at your own risk. Once we have received your personal data, we will use internal processes and reasonable security features to prevent unauthorised access.

We restrict access to your personal data only to Salv’s employees and data users who have a business reason for knowing such information. We regularly educate and train our employees and data users about the importance of confidentiality and the protection of personal data.

We are compliant with the GDPR and the Personal Data Protection Act of Estonia.

3. Personal data we may collect about you

Personal data, or personal information, means any information related to an identified or identifiable natural person. It does not include anonymous data, which cannot be linked back to a natural person. We may collect and use the following personal data about you:

We may process your personal data for the following purposes:

5. Disclosure of your personal data

We may disclose your personal data with selected third parties including:

We do not have a published list of all of the third parties to whom we may disclose your data, as this depends on your interactions with us. However, if you would like further information about who we have shared your data with, you can request this by writing to [email protected].

6. Where we process your personal data

The personal data that we collect from you is mainly processed within the European Economic Area (“EEA”). Depending on your interactions with us however, your personal data may be transferred to and processed at a destination outside the EEA which may not be subject to an adequacy decision by the European Commission. In such a case we ensure that both ourselves and our partners take adequate and appropriate technical, physical and organisational security measures to protect your data. We also ensure a level of data protection at least equivalent to the one prevailing in the EEA by relying on the appropriate data transfer mechanisms established in the GDPR. By submitting your personal data, you agree to this possible transfer and processing.

7. Retention of your personal data

If the legislation provides specific data retention periods, your personal data will be stored for as long as required by applicable law. Other personal data will be kept until the moment we are not able to identify a proper lawful basis to further process the data or, where applicable, whenever you ask us to stop processing your personal data.

In case you would like to receive further information about the applicable safeguards (standard contractual clauses etc), please email us at [email protected]. reference to the appropriate or suitable safeguards and the means by which to obtain a copy of them or where they have been made available.

8. Your data protection rights

If you decide to enforce any of your data protection rights, please contact us at [email protected]. We have one month (which can be extended to two further months where necessary) to respond to you starting from the receipt of your request.

9. Marketing

Where applicable, we may use your contact details to send you marketing information about products and services of ours that we think you might be interested in. You have the right to stop us from contacting you for marketing purposes by clicking on the Unsubscribe link in the Newsletter email or writing to us at [email protected].

10. Changes to this Privacy Notice

Salv keeps this Privacy Notice under regular review and posts any updates on this page. This Privacy Notice was last updated on the date specified on the header of this page.

11. How to contact us

If you have a question about our Privacy Notice, the data we hold on you, or you would like to exercise any of your rights, please do not hesitate to contact us:

12. How to file a complaint

If you are not satisfied with our activities or feel that we have not addressed your questions or concerns adequately, you may make a complaint with the Estonian Data Protection Inspectorate.

ISO/IEC 27001 logo
Aicpa logo
GDPR compliant logo
OWASP logo

We build security to our products and organisation from the start. We use security best practices (incl. ISO 27001, CIS etc.) to ensure that our security management system meets the highest standards.

Salv has an ISO/IEC 27001: 2022 certificate, as well as ISAE 3000 compliant SOC 2 Type 2 report.