Privacy Policy


Replace OÜ is committed to protecting and respecting privacy of clients, partners, employees and guests. This policy applies where we process personal data of natural persons.


We collect personal data for the following purposes:

  • selling products to business-to-business online market (B2B Market) or otherwise (e.g. if products are purchased by e-mail);
  • purchasing devices from B2B customers;
  • communicating and providing customer support to you in relation to the purchase or sale of products;
  • sending marketing notices and newsletters;
  • for building security purposes;
  • for employment purposes.

We collect and process the following personal data of clients and cooperation partners:

  • your e-mail address, first and last name, password, Skype username, organization’s name, your position in the organization and photo of passport or any other identity document (for the purposes stated in sections 5.1, 5.2 and 5.3);
  • your organization’s billing information such as billing contact’s first and last name and billing e-mail (for the purpose stated in section 5.1);
  • video recordings of movement in our company territory.


We process data on the basis of consent, a contract or under legal obligation. All information provided to us is stored on our secure servers. Once we have received information, we use strict procedures and security features to prevent unauthorized access.


We will not transfer personal data to third parties except for the following cases:

  • to companies which provide us a customer relationship management service (Salesforce Inc., USA) – managing all our relationships and interactions with our customers and potential customers;
  • to companies which provide us accounting services (e.g. AS Merit Tarkvara) – process accounting documents and the personal data contained therein;
  • to companies which provide us logistics services;
  • to company which provides us personnel management software Persona V3 or services (e.g. AS FUJITSU ESTONIA, CV-Online);
  • to company which provides us security service (AS G4S Eesti);
  • any member of our group, which means our subsidiaries and our ultimate holding company and its subsidiaries where it is necessary for the purchase or sale of products.

All processors pointed out in section 11 will ensure the same level of protection of personal data as we do.

We also have the right to disclose personal data in the following cases:

  • in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets;
  • if Replace OÜ or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request in order to: investigate potential ICT breaches or protect the rights, property or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.


We only process and store personal data for as long as it is necessary to fulfill the purpose for which it is collected – once the purpose has ceased, your personal data will be erased or anonymized.

Personal data contained in any accounting documents (e.g. invoices) shall be stored for 7 years pursuant to the Accounting Act § 12 of the Republic of Estonia (or any equivalent section of its successive regulation).


The right to contact us concerning processing of personal data. Such rights include the:

  • right to request access of personal data;
  • right to request rectification of personal data;
  • right to request erasure of personal data;
  • right to request restriction of processing of personal data;
  • right to object to processing of personal data;
  • right to request portability of personal data;
  • right that decisions are not taken concerning you which are based on automated decision-making;
  • right to withdraw a consent;
  • right to lodge a complaint with a supervisory authority (in Estonia the Estonian Data Protection Inspectorate).

If you have given consent for receiving marketing notices and newsletters from us, you have the right to withdraw such consent at any time by clicking on the link presented with any notice or newsletter (opt-out link); or by sending us a corresponding e-mail:

Our B2B Market may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates (including, but not limited to, websites on which our B2B Market is advertised). If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.


Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, will be forwarded to you by e-mail or when you next log in to the B2B Market. The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of the B2B Market.


By using our website and B2B Market you consent to the use of cookies. If you delete cookies or refuse to accept them, you might not be able to use all the features of B2B Market and our website. 


For the purpose of clarity, the data controller is Replace OÜ of Vabriku tn 2, Vahi alevik, Tartu vald, Tartu maakond, 60534, Estonia (registry code: 12703942).

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to or our data protection specialist Kaarel Oras,