Your cart is currently empty!
Privacy Policy
Last updated: 28 May 2025
1. Who We Are
This website is operated by Qlanq OÜ (“Qlanq”, “we”, “our” or “us”), a private limited company registered in the Republic of Estonia with registry code 17226837.
Address: Harju maakond, Tallinn, Kesklinna linnaosa, J. Vilmsi tn 47, 10115
E-mail: [email protected], [email protected]
For the purposes of Regulation (EU) 2016/679 (the “GDPR”), Qlanq OÜ is the data controller for the personal data described in this notice.
2. The Data We Collect
| Category | Typical items | Why we need it |
|---|---|---|
| Identity & Contact Data | full name, company name, billing / delivery address, e-mail, phone | to create your account, issue invoices and keep you informed about your order |
| Order Data | language pair, word count, delivery deadline, service options | to prepare a quote and fulfil the translation contract |
| Content to be Translated | any text, file or reference material you upload (which may itself contain personal data) | translating and revising the material you send us |
| Payment Data | last four digits of card, transaction ID, payment status (actual card details are handled by our payment processor and never reach our servers) | to process refunds, prevent fraud, keep accounting records |
| Technical Data | IP address, browser / device information, time stamps, cookies (see § 10) | to keep the site secure and improve performance |
| Marketing Preferences (optional) | newsletter opt-in status | to send you product updates and promotions if you have consented |
We do not intentionally collect special-category data (art. 9 GDPR). If such data appears inside the text to be translated, we process it only as necessary to perform the translation service you requested.
3. Legal Bases for Processing
| Purpose | GDPR basis |
|---|---|
| Provide quotations, translate your text, deliver files, manage payments | Performance of a contract (Art 6 (1)(b)) |
| Maintain records required by tax / accounting law | Legal obligation (Art 6 (1)(c)) |
| Prevent fraud, defend legal claims, improve our platform | Legitimate interests (Art 6 (1)(f)) |
| Send you e-mail marketing | Consent (Art 6 (1)(a)) – you can withdraw at any time |
4. Who Has Access to Your Data
- In-house project managers – coordinate your order.
- Freelance linguists – receive only the text and reference files needed for your job, plus a first name (or reference number) to keep projects organised.
- Payment service providers – Stripe / PayPal or whichever gateway you choose at checkout.
- Hosting & IT vendors – provide secure servers, backups, analytics, and e-mail.
- Professional advisers & authorities – auditors, accountants, courts, tax boards, if legally required.
All service providers are bound by confidentiality and, where applicable, a GDPR-compliant data-processing agreement.
5. International Transfers
If a translator or cloud service is located outside the European Economic Area, we rely on one of the following safeguards:
- an adequacy decision under Art 45 GDPR, or
- standard contractual clauses adopted by the European Commission (Art 46).
6. Retention Periods
| Data set | Typical retention |
|---|---|
| Customer account & invoices | 7 years (Estonian accounting law) |
| Translation memory / glossary entries | until you delete your account or ask us to erase them |
| Raw project files & e-mail correspondence | 2 years after project completion, unless a longer period is needed to resolve disputes |
| Marketing e-mail opt-in logs | stored until you unsubscribe or we sunset the list |
| Analytics cookies | see cookie table in § 10 |
We routinely anonymise or securely erase data that we no longer need.
7. Your Rights
Under Articles 15-22 GDPR you may:
- Access the personal data we hold about you.
- Ask us to correct inaccurate or incomplete data.
- Request erasure (“right to be forgotten”).
- Restrict or object to certain processing.
- Receive your data in a portable format.
- Withdraw consent at any time (for marketing or other consent-based uses).
To exercise any of these rights, contact us via the details in § 1. If you believe we have infringed your data-protection rights, you may lodge a complaint with the Estonian Data Protection Inspectorate (aki.ee) or with your local supervisory authority.
8. Security Measures
We use industry-standard safeguards, including:
- HTTPS encryption,
- access controls and multi-factor authentication for staff,
- server-side encryption at rest,
- routine vulnerability scans and backups.
No internet transmission is ever 100 % secure, but we follow best practices to minimise risk.
9. Automated Decision-Making
We do not engage in automated decision-making that produces legal or similarly significant effects as defined in Art 22 GDPR.
10. Cookies & Similar Technologies
Our site uses essential cookies to keep your cart and login session working, plus optional analytics cookies (Google Analytics 4) to understand how visitors use our pages. The first-time banner lets you accept or reject analytics cookies.
11. Updates to This Policy
We may update this Privacy Policy occasionally. Material changes will be highlighted on this page or by e-mail if appropriate. The revision date at the top tells you when it was last modified.