Privacy Policy
Last updated: 14.05.2026
1. Data controller
The data controller is Gordias Investments OÜ (brand: FOUNDR), registered in Estonia. For any privacy enquiries, contact contact@foundr.ee.
2. Data we collect
We collect your name, email, phone number, citizenship, identification document data, business-related information, and any other details necessary for onboarding and service delivery. When you visit our website we may collect your IP address, browser, and session metadata.
3. Purposes and legal basis
Personal data is processed to perform our contract with you (GDPR Art 6(1)(b)), to comply with legal obligations including KYC/AML (Art 6(1)(c)), and on the basis of our legitimate interest in improving our services and managing client relationships (Art 6(1)(f)). For marketing communications we rely on your consent (Art 6(1)(a)).
4. Data retention
We retain client data for the periods required by law (accounting records: 7 years, AML records: 5 years after the relationship ends). Website analytics data is retained for up to 14 months.
5. Sharing of data
We share data only with our authorised processors (accounting, IT, payment providers), with public authorities where required by law, and with third parties strictly necessary to deliver the requested services (notary, bank, e-Residency).
6. International transfers
Data is processed primarily within the European Economic Area. Where data is transferred outside the EEA, we apply appropriate safeguards such as the European Commission's Standard Contractual Clauses.
7. Your rights
You have the right to access, rectify, erase, restrict processing of, object to processing of, and port your personal data. You may also lodge a complaint with the Estonian Data Protection Inspectorate (www.aki.ee).
8. Security
We implement appropriate technical and organisational measures (encrypted transport, access controls, staff training) to protect your data against unauthorised access or disclosure.
9. Contact
For privacy enquiries, contact us at contact@foundr.ee.