Contact us

Privacy Policy

1. Introduction

Stravika OÜ (“Stravika”, “we”, “us”, or “our”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, disclose, and protect personal data when you use our website https://stravika.ee, our web platform, and our mobile applications (together, the “Services”).

This policy is drafted in accordance with:

  • The EU General Data Protection Regulation (GDPR) (EU) 2016/679

  • Estonian Personal Data Protection Act

  • Applicable EU digital and data-protection laws

By using our Services, you agree to the practices described in this Privacy Policy.

 

2. Data Controller

Data Controller:

Stravika OÜ

Registry Code: 17263092

Registered Address: Mustamäe tee 55-218, 10621 Tallinn

Country: Estonia

Email: hello [at]stravika.ee

 

3. Scope of This Policy

This Privacy Policy applies to:

  • Visitors to stravika.ee

  • Users who create accounts or use the Stravika (merelink.io) platform

  • Nonprofit partners, staff, contractors, and field users

  • Individuals whose data is collected through Stravika forms, dashboards, or reports

 

4. Personal Data We Collect

We collect only data necessary to operate our Services.

4.1 Data You Provide Directly

  • Name, email address, phone number

  • Organization name, role, country

  • Login credentials (encrypted)

  • Support requests and communications

  • Billing and invoicing information (where applicable)

4.2 Data Collected Through Platform Use

  • Project data entered by users

  • Distribution and field activity records

  • Beneficiary data (as provided by our Nonprofit clients)

  • Uploaded files, images, and documents

  • Usage logs and activity timestamps

Important: Stravika acts as a data processor for beneficiary and project data uploaded by Nonprofit clients. The Nonprofit remains the data controller for that data.

4.3 Automatically Collected Data

  • IP address

  • Device and browser information

  • Log files and performance metrics

  • Cookies and similar technologies

 

5. Lawful Basis for Processing (GDPR)

We process personal data under the following legal bases:

  • Consent (Article 6(1)(a))

  • Contract performance (Article 6(1)(b))

  • Legal obligation (Article 6(1)(c))

  • Legitimate interests (Article 6(1)(f)), such as security, fraud prevention, and service improvement

 

6. How We Use Personal Data

We use personal data to:

  • Provide and operate the Stravika platform

  • Enable offline data collection and synchronization

  • Generate analytics, dashboards, and reports

  • Communicate with users and provide support

  • Improve platform performance and security

  • Comply with legal and regulatory obligations

We do not sell personal data.

 

7. Cookies and Tracking Technologies

Stravika uses cookies and similar technologies to:

  • Ensure proper website functionality

  • Improve user experience

  • Analyze usage trends

  • Maintain secure sessions

You can control cookies through your browser settings. Disabling cookies may affect functionality.

 

8. Third-Party Plugins and Services

Stravika uses selected third-party services and plugins for:

  • Hosting and infrastructure

  • Analytics and performance monitoring

  • Email delivery

  • Security and error logging

  • Payment processing (where applicable)

All third-party providers are contractually bound to GDPR compliance and data-processing agreements (DPAs).

A list of active plugins and processors may be provided upon request.

 

9. Data Sharing and Disclosure

We may share data only:

  • With authorized service providers under strict agreements

  • When legally required by authorities

  • To protect rights, security, or integrity of our platform

  • With explicit user consent

We never disclose data for advertising or resale.

 

10. International Data Transfers

Where data is transferred outside the EU/EEA, we ensure:

  • Adequate protection decisions by the European Commission or

  • Standard Contractual Clauses (SCCs) or

  • Equivalent legal safeguards under GDPR

 

11. Data Retention

We retain personal data only for as long as necessary:

  • To provide our Services

  • To comply with legal and contractual obligations

  • To resolve disputes and enforce agreements

Nonprofit clients control retention of beneficiary and project data.

 

12. Data Security

We implement appropriate technical and organizational measures, including:

  • Encryption in transit and at rest

  • Access control and role-based permissions

  • Secure authentication

  • Regular monitoring and audits

Despite safeguards, no system is 100% secure.

 

13. Your Rights Under GDPR

You have the right to:

  • Access your personal data

  • Rectify inaccurate data

  • Request erasure (“right to be forgotten”)

  • Restrict or object to processing

  • Data portability

  • Withdraw consent at any time

  • Lodge a complaint with the Estonian Data Protection Inspectorate

Requests can be sent to hello[at]stravika.ee.

 

14. Children’s Data

Stravika Services are not intended for children under 16. We do not knowingly collect data from minors.

 

15. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through our website or platform.

The “Last updated” date reflects the most recent revision.

 

16. Contact Us

For privacy-related questions or requests:

hello[at]@stravika.ee

Stravika OÜ, Estonia