This Privacy Notice for Schauberg OÜ (doing business as Private BD Agency) (“we,” “us,” or “our”), describes how and why we might access, collect, store, use, and/or share (“process”) your personal information when you use our services (“Services”), including when you:
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at contact@privatebdagency.com.
What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us, the choices you make, and the products and features you use.
Do we process any sensitive personal information? We do not process sensitive personal information.
Do we collect any information from third parties? We may receive limited information from public sources and professional directories for lawful B2B outreach purposes.
Do we use cookies? Our website does not currently use cookies or similar tracking technologies.
Do we use artificial intelligence? Yes. Our team integrates AI tools into our professional workflow. All work is human-led and human-reviewed. We do not permit AI providers to train their models on your data.
How do we process your information? We process your personal information to provide and improve our Services, support communications, ensure security, comply with law, and—where permitted—for business development and marketing.
What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information.
How do you exercise your rights? The easiest way to exercise your rights is by visiting our contact page, or by contacting us at contact@privatebdagency.com.
In Short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.
Personal Information Provided by You. The personal information we collect may include the following:
Sensitive Information. We do not process sensitive information.
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.
The information we collect includes:
In Short: We may receive limited information about you from public sources and hosting providers.
We may receive personal information about you from third parties, including:
We use this information to operate, secure, and improve the Services and for lawful B2B marketing.
In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes only with your prior explicit consent.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
We process your information only when we have a lawful basis to do so (such as your consent, the performance of a contract, compliance with legal obligations, or our legitimate business interests).
In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason under applicable law.
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on. We may rely on the following:
We may process your information if you have given us specific permission (express consent) or in situations where your permission can be inferred (implied consent). You can withdraw your consent at any time. In some exceptional cases, we may be legally permitted to process your information without your consent, including for investigations and fraud detection, business transactions, or where collection is clearly in the interests of an individual and consent cannot be obtained in a timely way.
In Short: We may share information in specific situations described in this section and/or with the following categories of third parties.
We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place with our third parties designed to help safeguard your personal information. They cannot do anything with your personal information unless we have instructed them to do it, and they commit to protect the data they hold on our behalf.
The categories of third parties we may share personal information with are as follows:
We may also need to share your personal information in the following situations:
We do not sell personal information, and we do not share it with third parties for their independent marketing.
In Short: Our website does not currently use cookies or third-party tracking technologies.
Our website does not set cookies, use third-party analytics scripts (such as Google Analytics), employ retargeting or advertising pixels, or integrate social media tracking plugins.
Our website is hosted on Vercel and served as static HTML. No personally identifiable information is collected through cookies or similar technologies during your visit. We may use privacy-compliant, cookieless analytics (such as Vercel Web Analytics) that aggregate anonymised usage data without identifying individual visitors. Such analytics do not require consent under GDPR as they do not process personal data.
If we implement cookies or additional analytics tools in the future, we will update this Privacy Notice and, where required by law, obtain your consent before placing non-essential cookies on your device.
Your form submissions. When you submit the inquiry form on our website, your data is transmitted to Formspree, Inc., a third-party form processing service, which acts as a data processor on our behalf. Formspree may store your submission data on servers located in the United States. We have selected Formspree for its security practices and compliance with applicable data protection standards.
In Short: Our team integrates AI tools into our professional workflow. All work is human-led, human-reviewed, and human-delivered. We do not permit AI providers to train their models on your data.
Our team integrates artificial intelligence and machine learning services into our professional workflow across research, analysis, content, and operational functions. AI supports — but does not replace — our expertise and judgment. All work is performed by our team. Every deliverable, communication, and recommendation is reviewed and approved by a qualified professional before it reaches you.
We configure AI services to prevent training or improvement of publicly available models using your personal data or client data. Your data is protected in accordance with the data protection standards described throughout this Privacy Policy, and where client data is involved, AI usage is governed by the applicable Statement of Work.
In Short: Yes, we may transfer, store, and process your information outside your country of residence, including to the United States and other jurisdictions.
Our servers and service providers are located in the United States and other jurisdictions. If you are a resident of the European Economic Area (EEA), United Kingdom (UK), or Switzerland, these countries may not have data protection laws as comprehensive as those in your jurisdiction. However, we will ensure that appropriate safeguards are implemented to protect your personal information, including:
Copies of the relevant transfer mechanisms are available upon request.
In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
For prospects and former clients, we may retain limited business contact details for a reasonable period for lawful B2B marketing purposes, unless you opt out.
In Short: We protect your personal information through organisational and technical safeguards, consistent with industry standards.
We have implemented appropriate and commercially reasonable security measures designed to protect the confidentiality, integrity, and availability of personal information we process. These measures include, where appropriate, access controls, encryption in transit and at rest, network monitoring, and role-based access management.
Although we maintain these safeguards, no method of electronic transmission or storage can be guaranteed 100% secure. Accordingly, we cannot ensure absolute protection against unauthorised access, loss, or misuse.
In Short: We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. Our Services are intended solely for business and professional users and are not directed to or designed for minors. If we learn that personal information from users less than 18 years of age has been collected, we will take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at contact@privatebdagency.com.
In Short: Depending on your location, you have rights that allow you greater access to and control over your personal information.
In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right to request access and obtain a copy of your personal information, to request rectification or erasure, to restrict the processing of your personal information, to data portability, and not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to the processing of your personal information.
If you are located in the EEA, you may lodge a complaint with your local data protection authority. If you are located in the United Kingdom, you may contact the Information Commissioner’s Office (ICO). If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner (FDPIC).
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time by contacting us at contact@privatebdagency.com. This will not affect the lawfulness of the processing before its withdrawal.
We do not engage in automated decision-making or profiling that produces legal effects or similarly significant effects concerning you, as defined under GDPR Article 22. Where AI tools are used in our workflow, they support human analysis and judgment — no decisions affecting you are made solely by automated means.
You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in our emails, replying “STOP” to SMS messages, or by contacting us. We may still communicate with you for service-related, non-marketing purposes.
We will respond to valid requests within the timeframes required by applicable law (typically within 30 days under GDPR/UK GDPR).
Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting. At this stage, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals. If a standard for online tracking is adopted that we must follow in the future, we will inform you in a revised version of this Privacy Notice.
In Short: If you are a resident of certain US states, you may have additional rights regarding your personal data.
If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and receive details about the personal information we maintain about you and how we have processed it, correct inaccuracies, get a copy of, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information.
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Contact details, name, email, IP address | Yes |
| B. Personal information (CA statute) | Name, contact information, employment | Yes |
| C. Protected classifications | Gender, age, race, ethnicity | No |
| D. Commercial information | Transaction info, purchase history | No |
| E. Biometric information | Fingerprints, voiceprints | No |
| F. Internet/network activity | Browsing history, interactions | Yes |
| G. Geolocation data | Device location | Yes |
| H. Audio, electronic, sensory | Call recordings, images | Yes |
| I. Professional information | Job title, work history | Yes |
| J. Education information | Student records | No |
| K. Inferences | Profiles from collected data | Yes |
| L. Sensitive personal information | — | No |
We have not sold or shared any personal information to third parties for a business or commercial purpose in the preceding twelve months.
To exercise these rights, contact us at contact@privatebdagency.com or visit our contact page. If we decline your request, you may appeal our decision by emailing us, and we will inform you of any action taken in response.
California Civil Code Section 1798.83 permits California residents to request information about categories of personal information disclosed to third parties for direct marketing purposes. If you are a California resident and would like to make such a request, please contact us using the details in Section 16.
We may use information in ways consistent with our mission to provide business development, marketing, and strategic growth services, while ensuring compliance with applicable privacy laws. In the course of our business development activities, we may research, analyse, and prepare materials relating to prospective clients and partners using publicly available information and professional tools. Such activities are conducted in accordance with this Privacy Notice and applicable data protection law.
In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this Privacy Notice from time to time. The updated version will be indicated by an updated “Last updated” date at the top. If we make material changes, we may notify you by prominently posting a notice or by directly sending you a notification. We encourage you to review this Privacy Notice frequently.
If you have questions or comments about this notice, or if you wish to exercise your privacy rights, you may contact us as follows:
Data Controller:
Schauberg OÜ (Private BD Agency)
Hobujaama tn 4
Tallinn, Harjumaa 10151
Estonia
Email: contact@privatebdagency.com
Schauberg OÜ is the data controller responsible for the processing of your personal information in connection with the Services.
Data protection enquiries. We are not required to appoint a Data Protection Officer under GDPR Articles 37–39. For all data protection enquiries, requests, or complaints, please contact us at contact@privatebdagency.com.
Based on the applicable laws of your country or state of residence, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please visit our contact page or email us at contact@privatebdagency.com.