Get in touch
Close

Contacts

Treiali tee 1, Peetri alevik
75312 Rae vald, Harju maakond

info@ragnarokrobotics.com

Get in touch
Get in touch

Privacy Policy

Effective date: 21 October 2025
Controller: Ragnarok Robotics OÜ (“we”, “us”, “our”)
Registered address: Treiali tee 1, Peetri alevik, 75312 Rae vald, Harju maakond
Email: info@ragnarokrobotics.com
EU base: Estonia. GDPR applies.

Scope

Covers data collected via the website, WooCommerce store and checkout, user accounts, contact/support forms, email, newsletters, analytics, embedded content, recruitment, and any connected services or integrations.

Data We Collect

  • Identity/contact. Name, email, phone, company, billing/shipping address, country, VAT number.
  • Commerce. Cart contents, orders, invoices, payment status, refunds, coupons, gift cards, downloads/licenses (if applicable).
  • Account. Username, hashed password, order history, saved addresses, preferences.
  • Support/forms. Messages, attachments, metadata needed for abuse/spam prevention (IP, user agent, timestamps, referrer).
  • Device/usage. IP, user agent, device type, OS/browser, pages viewed, events, approximate location, cookies or similar IDs, server logs.
  • Media. Files you upload; strip EXIF/geo before upload.
  • Recruitment (if used). CV, cover letter, links, interview notes.
    Do not send special-category data (health, religion, biometrics, etc.).

Sources

You provide data (forms, checkout, email). We collect automatically (cookies, pixels, logs, analytics). We receive limited data from third parties (payment processors, shipping carriers, anti-fraud, analytics, marketing tools).

Purposes and Legal Bases (GDPR Art. 6)

  • Operate site/store; fulfill orders; provide support. Contract Art. 6(1)(b).
  • Payments, invoicing, tax, compliance. Legal obligation Art. 6(1)(c).
  • Security, fraud/abuse prevention, logging, backups, troubleshooting. Legitimate interests Art. 6(1)(f).
  • Analytics and product/service improvement. Legitimate interests Art. 6(1)(f).
  • Marketing communications/newsletters. Consent Art. 6(1)(a) or Legitimate interests Art. 6(1)(f) for B2B where allowed.
  • Recruitment. Legitimate interests Art. 6(1)(f) and pre-contractual steps Art. 6(1)(b).
    Withdraw consent anytime without affecting prior processing.

WooCommerce: What Happens With Your Data

Browsing and Cart

  • WooCommerce sets essential cookies to keep cart/session.
  • We store cart/order metadata necessary to prepare checkout and prevent fraud.

Checkout

We process the fields shown at checkout: identity/contact, billing/shipping, company/VAT, order contents, prices/taxes, IP/user agent, fraud signals, chosen shipping and payment method.

Payments

  • Card/bank details go to the payment processor; we do not store full card numbers.
  • Processors used: Stripe, PayPal & WooPayments. See their policies for details.
  • We store payment status, timestamps, and transaction IDs for accounting, fraud prevention, and refunds.

Shipping and Taxes

  • We share recipient name, addresses, phone/email, weight/dimensions and order contents as needed with shipping carriers and tax tools.

Orders, Invoices, and Emails

  • We retain order records and send transactional emails (order confirmations, shipping updates, refunds).
  • If you create an account, your orders attach to that profile. Guest checkout is available unless disabled.

Reviews and Q&A

  • Public content you post is visible with your display name. We store IP/user agent for abuse prevention.

Downloads/Licenses

  • We log download counts, license keys, and IP/time for anti-abuse and compliance.

Cookies and Similar Technologies

Categories

  • Essential. Required for site, security, cart/checkout, login.
  • Functional. Preferences, UI.
  • Analytics. Usage and performance.
  • Marketing. Remarketing/ads (only if enabled and consented).

Typical WordPress/WooCommerce Cookies

  • woocommerce_cart_hash (session) – track cart changes.
  • _woocommerce_items_in_cart (session) – cart items.
  • wp_woocommerce_session_[hash] (2 days) – anonymous cart/session ID.
  • wordpress_logged_in_[hash], wordpress_sec_[hash] (session/2 weeks if “Remember Me”) – auth.
  • wp-settings-*, wp-settings-time-* (1 year) – preferences.
  • comment_author_* (1 year) – remember commenter details (if comments enabled).
  • CDN/WAF (e.g., Cloudflare) __cf_bm, __cfruid (up to 30 min) – bot management.
  • Analytics cookies per provider (see §8).
    You can block non-essential cookies via our banner and browser settings; essential cookies are required for checkout/login.

Analytics

Provider(s): Google Analytics 4 with IP anonymization.
Data points: page views, events, device data, approximate location, referral.
Use: performance, debugging, product decisions.
Retention: 26 months GA / 12 months others.

Marketing and Communications

  • Email newsletters or product updates sent with Twilio only after consent or where legitimate interests allow B2B outreach.
  • Unsubscribe anytime via link or by contacting us.
  • No SMS marketing unless explicitly consented.

Anti-Spam/Anti-Fraud

  • reCAPTCHA processes interaction and device data per Google’s policy.
  • Payment processors perform their own fraud screening.

Sharing and Recipients

We share the minimum necessary with:

  • Hosting/Infrastructure/CDN/WAF: Zone.ee.
  • Payments: Stripe/PayPal/WooPayments.
  • Email/Helpdesk: Google Workspace.
  • Analytics/Marketing: providers named above.
  • Developers/contractors: under NDA/DPAs.
  • Authorities: when legally required.

International Transfers

When data is transferred outside the EEA/UK, we rely on adequacy decisions or EU Standard Contractual Clauses (SCCs) with supplementary safeguards.

Retention

  • Orders, invoices, accounting records: up to 7 years (Estonian accounting/tax).
  • Customer support and contact forms: up to 24 months after last reply.
  • User accounts: while active; core order records kept per accounting laws after deletion.
  • Marketing lists: until you unsubscribe or withdraw consent.
  • Server logs: 12 months depending on system.
  • Analytics data: 26 months.
  • Recruitment: 12 months unless you consent to longer.

Your Rights (EEA/UK)

  • Access; rectification; erasure; restriction; portability; objection to processing based on legitimate interests; objection to direct marketing; withdraw consent.
  • Complaint: Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).
    Request via info@ragnarokrobotics.com. We will verify identity and respond within one month.

Security

TLS in transit, encryption at rest where supported, least-privilege access, strong authentication, logging/monitoring, backups, staff/contractor confidentiality. No system is perfectly secure; report issues to info@ragnarokrobotics.com.

Children

Not directed to children under 16. We remove such data if discovered.

Automated Decision-Making

No decisions producing legal or similarly significant effects are made solely by automated means. Limited profiling for analytics/segmentation may occur.

Third-Party Links and Embeds

Embedded content (e.g., maps, videos) behaves as if you visited the source site and may set their own cookies or collect data. Review their policies.

Changes

We will update this policy as required. Material changes will be announced on this page and, where appropriate, by email.