Privacy Notice
Version 2.2
Last updated: 08.05.2025
This Privacy Notice is an overview of how we collect, use, and process your personal data when you use our website https://salv.com (“Website”), submit information through our forms or contact us in any way. The data we process differs based on your interactions with us, so if anything here only applies to one of the aforementioned use cases, we’ll explicitly point this out to you.
For the purpose of EU Regulation 2016/679 (“GDPR”), Salv Technologies OÜ (“Salv”, “us”, “we”, “our” as applicable), a private limited company based in Estonia, is the “data controller” of your personal data. Our registered office is Veerenni 38b, 10135 Tallinn, Estonia, and our company registry code is 14518700.
If you have any questions about how we protect or use your data, please email us at [email protected].
If you are applying to a position at Salv, please refer to our Recruitment Data Privacy Statement. If you have consented to the usage of cookies, please refer to our Cookies Notice.
1. Our mission
At Salv, our mission is to beat financial crime. We are doing this by building state of the art software and by raising awareness of the current challenges in the AML industry. In all of this, we give utmost respect to the right to privacy and the protection of personal data. This starts with making sure all of our data users and data subjects get meaningful information about how, why and for what purposes data needs to be collected and used.
2. How we protect your personal data
In line with our mission, we are serious about guarding the security of your personal data and thus all information you provide to us is stored on secure servers.
Although we will do our best to protect your personal data, unfortunately we cannot guarantee the security of your data during transmission, and any transmission is at your own risk. Once we have received your personal data, we will use internal processes and reasonable security features to prevent unauthorised access.
We restrict access to your personal data only to Salv’s employees and data users who have a business reason for knowing such information. We regularly educate and train our employees and data users about the importance of confidentiality and the protection of personal data.
We are compliant with the GDPR and the Personal Data Protection Act of Estonia.
3. Personal data we may collect about you
Personal data, or personal information, means any information related to an identified or identifiable natural person. It does not include anonymous data, which cannot be linked back to a natural person. We may collect and use the following personal data about you:
- Data you give us:
- Via our Website: You may give us information about you when you contact us through any of our contact options available on our Website, e.g. when you provide us with your personal details, such as your name, email address and phone number. This also includes signing up to our Newsletter or book a Demo. We only ask for data necessary for the purpose - we cannot contact you to book a demo or send you our Newsletter, if contact details are not provided. Therefore, if you wish to receive the Newsletter or book a Demo, providing the data is necessary.
- Via email, social media, virtual meetings, and other electronic means:
- Email: You may give us information about you when you directly write to any Salv-related email address (i.e. @salv.com). Among others, the information you give us may include your name, email address and photograph.
- Social media: You may also give us information about you when you contact us on social media either by directly messaging us, commenting in our posts or mentioning us in your posts. Among others, the information you give us may include your name, address, email address, phone number, geographical location, personal description and photograph.
- Virtual meetings: We may use AI-powered tools during virtual meetings (including Demos) to record audio, video, and screen-sharing, and to generate transcripts, summaries, or coaching insights. This may include processing your image, voice, job title, opinions, and technical metadata. You will be notified in advance and may opt out of these tools where feasible.
- Other electronic means: Sometimes you may provide information to us via phone call or through third party applications (e.g. via a contract management tool). Among others, the information you give us may include your name, phone number, email address, IP location and personal identification number.
- By visiting our office premises: You may give us information about you in case you visit our office premises. Among others, the information you give us may include your name and photograph.
- Additional information: We may also need additional identification information from you, e.g. in order to undertake internal due diligence checks in accordance with our policies or for the purposes of drafting an agreement with you.
- In providing the personal data of any individual (other than yourself) to us, you promise that you have obtained consent from such individual to disclose his/her personal data to us, as well his/her consent to our collection, use and disclosure of such personal data, for the purposes set out in this Privacy Notice.
- Data we may receive from other sources:
- We may receive personal data about you from third parties that we work with. For example, our business partners may provide us with your contact details (name and email address).
- Our advertising networks and analytics providers may provide us with pseudonymised information about you, such as confirming how you found our website. For example, we use Hotjar to analyze how our website is used, and this may involve the collection of certain personal information, such as your IP address, device information, and website usage data. We use this information to improve our website and user experience. We only collect personal information with your consent. Hotjar stores this information on our behalf in a pseudonymized user profile and is contractually forbidden to sell any of the data collected on our behalf.
- Data that you provide to social media networks: We may use social media networks to access certain information that you have provided to them, including your name, photograph and email address.
4. Purposes of the processing of your personal data and legal bases
We may process your personal data for the following purposes:
- To provide you with information about our products and services based on your consent (art. 6.1.a of the GDPR).
- To carry out our obligations relating to a contract that you have with us and to take the necessary steps prior to entering into such contract (art. 6.1.b of the GDPR).
- To pursue our legitimate interests provided that these legitimate interests are not overridden by your interests or fundamental rights and freedoms (art. 6.1.f of the GDPR). Our legitimate interests include:
- keeping Salv safe and secure;
- measuring or understanding the effectiveness of information and advertising we serve and delivering relevant advertising to you;
- providing you with information about the products and services we offer and that we feel may interest you;
- using AI-powered tools during virtual meetings to support internal follow-up, service quality improvement, and staff development.
5. Disclosure of your personal data
We may disclose your personal data with selected third parties including:
- Affiliates, business partners, suppliers, vendors (including advertisers, advertising networks, and analytics engine providers) and subcontractors for the performance and execution of any contract we enter into with them or you.
- Our group entities or subsidiaries.
- Prospective sellers or buyers in the event that we sell or buy any business or assets, in which case we may disclose your personal data to them.
- Law enforcement agencies and Courts when required by law.
We do not have a published list of all of the third parties to whom we may disclose your data, as this depends on your interactions with us. However, if you would like further information about who we have shared your data with, you can request this by writing to [email protected].
6. Where we process your personal data
The personal data that we collect from you is mainly processed within the European Economic Area (“EEA”). Depending on your interactions with us however, your personal data may be transferred to and processed at a destination outside the EEA which may not be subject to an adequacy decision by the European Commission. In such a case we ensure that both ourselves and our partners take adequate and appropriate technical, physical and organisational security measures to protect your data. We also ensure a level of data protection at least equivalent to the one prevailing in the EEA by relying on the appropriate data transfer mechanisms established in the GDPR. By submitting your personal data, you agree to this possible transfer and processing.
7. Retention of your personal data
If the legislation provides specific data retention periods, your personal data will be stored for as long as required by applicable law. Other personal data will be kept until the moment we are not able to identify a proper lawful basis to further process the data or, where applicable, whenever you ask us to stop processing your personal data.
In case you would like to receive further information about the applicable safeguards (standard contractual clauses etc), please email us at [email protected]. reference to the appropriate or suitable safeguards and the means by which to obtain a copy of them or where they have been made available.
8. Your data protection rights
- Right to withdraw your consent: You have the right to withdraw any consent that you have given us at any time.
- Right to access: You have the right to get access to the personal data we process about you and to get a copy of it. Depending on the case we may need to charge you a reasonable fee.
- Right to rectification: You have the right to request that we correct any information we hold on you that you deem inaccurate, incorrect, or out of date. You also have the right to request us to complete information that you believe is incomplete.
- Right to erasure: Under certain conditions you have the right to request us to erase your personal data.
- Right to restriction of processing: Under certain conditions you have the right to request us to restrict the processing of your personal data.
- Right to object to processing: Under certain conditions you have the right to object to the processing of your personal data.
- Right to data portability: You have the right to request us to transfer your personal data to another organisation or to you in a structured, commonly used and machine-readable format.
- Right not to be subject to a decision based solely on automated processing: We do not currently make automated decisions about any data subject, but you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces effects on you.
If you decide to enforce any of your data protection rights, please contact us at [email protected]. We have one month (which can be extended to two further months where necessary) to respond to you starting from the receipt of your request.
9. Marketing
Where applicable, we may use your contact details to send you marketing information about products and services of ours that we think you might be interested in. You have the right to stop us from contacting you for marketing purposes by clicking on the Unsubscribe link in the Newsletter email or writing to us at [email protected].
10. Changes to this Privacy Notice
Salv keeps this Privacy Notice under regular review and posts any updates on this page. This Privacy Notice was last updated on the date specified on the header of this page.
11. How to contact us
If you have a question about our Privacy Notice, the data we hold on you, or you would like to exercise any of your rights, please do not hesitate to contact us:
- Email us: [email protected]
- Write to us: Salv Technologies OÜ, Veerenni Street 38b, Tallinn, 10135, Estonia
12. How to file a complaint
If you are not satisfied with our activities or feel that we have not addressed your questions or concerns adequately, you may make a complaint with the Estonian Data Protection Inspectorate.
