Obduindz Services mark Obduindz Services Compliance services • Online training • Tools
Book a call
Privacy

Privacy Notice

Last updated: 8 March 2026

This Privacy Notice explains how Obduindz Services OÜ (“we”, “us”, “our”) collects, uses, stores, shares, and otherwise processes personal data when you visit our website, contact us, request information about our services, or use our platforms and related offerings, including our online training platform and practical compliance tools.

Data Controller: Obduindz Services OÜ
Contact email: info@obdu-services.com
Registered address: [REGISTERED_ADDRESS]

1) Who this notice applies to

This Notice applies to personal data processed through this website and in connection with our business activities, including when you:

  • visit our website;
  • contact us by form, email, or other communication channels;
  • request information about our services, platforms, or tools;
  • engage us for compliance, AML/CFT, DPO, or related professional services;
  • use or access our online training platform or related tools, where applicable.

2) Personal data we collect

Depending on your relationship with us, we may collect and process the following categories of personal data:

  • Identity data — such as your name, surname, and professional identity details.
  • Contact data — such as your email address, phone number, postal address, and company contact details.
  • Professional and business data — such as your job title, employer name, business sector, jurisdiction, and the nature of your enquiry.
  • Communication data — such as messages you send us, records of enquiries, support requests, meeting notes, and correspondence.
  • Client and service-related data — where relevant to providing our services, onboarding, governance, reporting, and ongoing support.
  • Training platform data — where applicable, such as account details, user role, assigned courses, completion status, certificates, and learning records.
  • Technical and usage data — such as IP address, browser type, device information, referral source, page visits, timestamps, and website interaction data.
  • Cookie-related data — where cookies or similar technologies are used on the website.

3) How we collect personal data

We collect personal data in a number of ways, including:

  • directly from you when you submit a form, contact us, book a call, request information, or communicate with us;
  • when you use our website, training platform, or related tools;
  • from your employer or organisation where they engage us or provide access details for relevant users;
  • from publicly available sources or professional sources where necessary for legitimate business or compliance purposes;
  • automatically through website technologies, logs, and analytics tools.

4) Purposes of processing

We may process personal data for the following purposes:

  • to respond to enquiries and communicate with you;
  • to provide our services, platforms, and related support;
  • to manage onboarding, service delivery, account administration, and customer relationships;
  • to operate, maintain, secure, and improve our website, platforms, and tools;
  • to deliver training, track completion, and generate reporting where relevant;
  • to maintain internal records, governance evidence, and operational documentation;
  • to prevent fraud, misuse, unauthorized access, and other security risks;
  • to comply with legal, regulatory, and professional obligations;
  • to send service updates, business communications, and marketing communications where permitted by law.

5) Legal bases for processing

Where the EU GDPR, UK GDPR, or similar data protection laws apply, we process personal data on one or more of the following legal bases:

  • Performance of a contract — where processing is necessary to provide requested services, access, support, or platform functionality.
  • Legitimate interests — where processing is necessary for operating, securing, improving, and managing our business, services, and communications, provided those interests are not overridden by your rights and interests.
  • Legal obligation — where we are required to process data to comply with applicable law, regulation, court order, or regulatory request.
  • Consent — where consent is required, for example for certain cookies or specific marketing communications.

6) Marketing communications

We may send you information about our services, updates, training offerings, insights, or related business communications where permitted under applicable law. Where consent is required, we will rely on your consent. You can opt out of marketing communications at any time by using the unsubscribe option in the message or by contacting us at info@obdu-services.com.

7) Cookies and similar technologies

We may use cookies and similar technologies to support website functionality, remember preferences, improve performance, analyze traffic, and maintain security. You can manage cookie preferences through your browser settings or any cookie controls made available on the site. Disabling certain cookies may affect website functionality.

8) Disclosure of personal data

We do not sell personal data. We may share personal data with trusted third parties where necessary and lawful, including:

  • hosting providers, cloud service providers, and IT support providers;
  • software, training platform, and analytics providers;
  • professional advisers, including legal, compliance, audit, and accounting advisers;
  • payment, administration, communication, or document management providers where relevant;
  • competent authorities, regulators, law enforcement, courts, or other third parties where disclosure is required or permitted by law.

Where third-party processors act on our behalf, we take reasonable steps to ensure they process personal data only under appropriate instructions and safeguards.

9) International data transfers

Your personal data may be processed in countries outside your country of residence. Where cross-border transfers are made and data protection law requires safeguards, we will use appropriate transfer mechanisms, such as contractual safeguards or other lawful transfer tools, as required by applicable law.

10) Data retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Notice, including to satisfy legal, regulatory, contractual, accounting, reporting, and evidential requirements. Retention periods may vary depending on the type of data, the services involved, and applicable legal obligations.

11) Data security

We implement appropriate technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access. However, no transmission or storage system can be guaranteed to be completely secure.

12) Your rights

Depending on the jurisdiction that applies to you, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate or incomplete data;
  • request deletion of your personal data;
  • request restriction of processing;
  • object to certain processing activities;
  • request portability of data, where applicable;
  • withdraw consent at any time where processing is based on consent.

To exercise your rights, please contact us at info@obdu-services.com. We may need to verify your identity before responding to your request.

13) Third-party websites

Our website may contain links to third-party websites, platforms, or services. We are not responsible for the privacy practices, content, or security of third-party websites. You should review their privacy notices separately.

14) Children’s privacy

Our website, services, and platforms are intended for business and professional use and are not directed to children. We do not knowingly collect personal data from children through this website.

15) Complaints

If you have concerns about how your personal data is handled, please contact us first so that we can try to resolve the matter. Where applicable, you may also have the right to lodge a complaint with a competent supervisory authority in your country of residence, place of work, or place of the alleged infringement.

16) Changes to this notice

We may update this Privacy Notice from time to time to reflect legal, operational, or service-related changes. Any updates will be posted on this page, and the “Last updated” date will be revised accordingly.

Important: Replace [REGISTERED_ADDRESS] with your actual registered address before publishing. You should also align this notice with your real vendor stack, cookie usage, hosting setup, CRM tools, contact forms, analytics tools, and training platform data flows.