Loe eesti keeles

Privacy Policy

Effective: February 12, 2026 · Version 1.0

1. Data Controller

The controller of your personal data is Hüwa OÜ (registry code 16323068). You can reach us by email at info@hald.ee.

We use your personal data to operate the hald.ee apartment association management system. This policy explains what data we collect, why we process it, and what your rights are.

2. Personal Data We Collect

We collect and process the following categories of personal data:

  • Account data: name, email address, password (stored in encrypted form)
  • Apartment data: apartment number, area, owner and tenant associations
  • Billing data: invoices, cost allocations, payments
  • Meter readings: water, electricity, heating, and gas meter readings
  • Messages: thread content and attachments in association internal communications
  • Authentication data: social login profile information (when used)

3. Purpose and Legal Basis for Processing

We process your personal data for the following purposes and on the following legal bases:

  • Account data: performance of contract (GDPR Art. 6(1)(b)) — necessary to provide the service and manage your account
  • Apartment and billing data: performance of contract and legal obligation (GDPR Art. 6(1)(b) and Art. 6(1)(c)) — necessary for association management and compliance with accounting requirements
  • Meter readings: performance of contract (GDPR Art. 6(1)(b)) — necessary for the core functionality of the service
  • Messages: legitimate interest (GDPR Art. 6(1)(f)) — communication between association members is a natural part of the service
  • Cookies: strictly necessary exemption (ePrivacy Directive Art. 5(3)) — see section 5 for details

We do not rely on consent (GDPR Art. 6(1)(a)) as the basis for processing core service data. Your essential data is processed on the basis of contractual necessity, meaning it is required for the service to function.

4. Data Recipients

Your personal data may be processed by the following categories of service providers:

  • Authentication providers — to enable social login functionality
  • Cloud infrastructure providers — to host the system and store data securely
  • Remote meter reading service providers — to import automated meter readings

We do not sell or share your personal data for marketing purposes. Data is only transferred to third parties to the extent necessary for the operation of the service.

5. Cookies

We only use strictly necessary and functional cookies. We do not use analytics or marketing cookies.

  • pb_auth — authentication session cookie that maintains your login session (strictly necessary)
  • association — stores your selected apartment association identifier (strictly necessary)
  • locale — stores your language preference (Estonian or English) (functional)

Since all of our cookies are either strictly necessary or functional, they do not require prior consent under the ePrivacy Directive.

6. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, we will remove your data within 30 days, except where longer retention is required by law.

Accounting records are retained for 7 years in accordance with the Estonian Accounting Act. Such data is anonymized when it is no longer necessary to associate it with a specific individual.

7. Your Rights

Under the General Data Protection Regulation (GDPR), you have the following rights:

  • Right of access — you can request a copy of your personal data
  • Right to rectification — you can request correction of inaccurate data
  • Right to erasure — you can request deletion of your data where there is no legal basis for its retention
  • Right to restriction — you can request temporary suspension of data processing
  • Right to data portability — you can request your data in a structured, machine-readable format
  • Right to object — you can object to processing based on legitimate interest

To exercise your rights, contact us at info@hald.ee. We will respond to your request within 30 days.

You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) at www.aki.ee if you believe that the processing of your data violates your rights.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encrypted connections (HTTPS) for all data transfers
  • Encrypted storage of passwords
  • Role-based access control system (administrator, manager, owner, tenant)
  • Regular data backups

9. Changes to This Policy

We may update this privacy policy from time to time. In the event of material changes, we will notify you by email or through an in-app notification. The current version is always available at hald.ee/privacy-policy.

10. Contact

If you have questions about this privacy policy or the processing of your personal data, please contact us:

Hüwa OÜ
Registry code: 16323068
Email: info@hald.ee
Website: hald.ee