Privacy Policy

Effective Date: September 1, 2024
Last Updated: July 6, 2025

At KikasDesign, protecting your privacy is our priority. This Privacy Policy explains how we collect, use, and safeguard your personal data when you interact with us through our website, email communications, or in-person services.

By using our website or services, you consent to the practices outlined in this policy. If you do not agree, please refrain from using our services.

1. Who We Are

Our website address is: https://kikasdesign.com.

KikasDesign operates under two legal entities:

Tuning Projekt OÜ: Leete 19, Tallinn 11313, Estonia, +372 56625803
Kikas LLC: Austin, Texas, USA, +1 (737) 377-1616

For users located in the European Union, the data controller is Tuning Projekt OÜ.
For users located in the United States or other regions, the data controller is Kikas LLC.

While we take reasonable steps to safeguard your personal information, please note that no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security of your data, but we strive to use commercially acceptable means to protect it.

For inquiries, please contact us via email at info@kikasdesign.com.

2. Information We Collect

2.1 Personal Information

Contact Information: Name, email, phone number, and address.
Financial Information: Payment details for purchases.
Identity Verification: Passport, ID, or company information (when required for compliance).
Communication Data: Messages, inquiries, and feedback.

2.2 Non-Personal Information

Technical Data: IP address, browser type, operating system, and device details.
Usage Data: Information about how you interact with our website (e.g., pages viewed, time spent).
Cookies Data: Collected to improve website functionality and user experience.
Usage and Behavioral Data: may be collected via Google Analytics 4 (GA4), including user interactions with website content, scroll depth, link clicks, device types, and approximate geolocation based on IP address (which is anonymized in compliance with GDPR).

We may also collect, use, and share aggregated data such as statistical or demographic information. Aggregated data does not directly or indirectly reveal your identity and is not considered personal data in law. For example, we may analyze general traffic trends to improve our website performance.

2.3 Comments

When visitors leave comments on the site, we collect:

Data from the comments form.
The visitor’s IP address and browser user agent string (for spam detection).
An anonymized hash of your email address may be shared with the Gravatar service to check if you use it. Gravatar’s privacy policy is available at https://automattic.com/privacy/.

Once your comment is approved, your profile picture (if applicable) may be visible publicly in the context of your comment.

2.4 Media

If you upload images to the website, avoid embedding location data (EXIF GPS). Visitors may download and extract location data from such images.

3. How We Collect Information

Directly from You: Via website forms, emails, calls, or in-person interactions.
Automatically: Through cookies, analytics tools, and server logs.
Third Parties: Payment processors, logistics providers, or marketing platforms.

4. Why We Collect Your Information

We collect and process your data to:

Process orders, including payment and shipping.
Communicate with you about your projects or inquiries.
Improve our website and services.
Fulfill legal obligations, such as tax reporting, anti-money laundering (AML), and export compliance.
Send marketing communications (if you have provided explicit consent).

We will only use your personal data for the purposes stated in this Privacy Policy, unless we reasonably determine that we need to use it for another purpose that is compatible with the original one. If we need to use your data for a fundamentally different purpose, we will notify you and explain the legal basis for doing so.

4.1 Legal Basis for Processing (for EU users):

We process your personal data based on one or more of the following legal grounds:

Contractual necessity – to fulfill a purchase or service request;
Consent – when you have explicitly opted in (e.g., marketing communications);
Legal obligation – where processing is required by law (e.g., tax, accounting);
Legitimate interest – to improve our website or respond to inquiries, provided this does not override your rights.

5. How We Use Cookies

We use essential cookies required for our website and webshop to function properly — such as remembering your cart contents, preferences, and login sessions. These cookies do not collect personal information or track your activity for advertising.

We currently use third-party analytics tools, specifically Google Analytics 4 (GA4), to help us understand how visitors interact with our website. These tools use anonymized cookies to track technical and usage data, such as pages visited, time spent, and user location (based on IP address). This helps us improve site performance and user experience.

If and when these tools are added:

Non-essential cookies (e.g., for analytics or marketing) will only be activated if you provide explicit consent via a cookie banner.
These services may collect anonymized data such as browser type, pages visited, and time spent on the site. This information helps us improve our services but is not used to identify individual users unless otherwise stated.

Examples of Cookies in Use:

Comment Cookies: If you leave a comment, cookies may save your name, email, and website for convenience. These cookies last for one year.
Login Cookies: Temporary cookies help determine if your browser accepts cookies and are removed when you close your browser. Login cookies last for two days unless “Remember Me” is selected, extending them to two weeks.
Editing/Publishing Cookies: Used internally to manage post editing and are stored for one day.

5.1 Analytics Tools Used

We use Google Analytics 4 (GA4) to collect aggregated, anonymized information about visitor behavior, including pages visited, time spent on each page, bounce rate, and geographical region (based on IP address, which is anonymized).
This data helps us understand site usage and improve our services. No personally identifiable information is collected unless you explicitly provide it (e.g., through forms).

5.2 Analytics Legal Basis for EU Visitors:

In accordance with Article 6(1)(f) of the GDPR, we rely on our legitimate interest in analyzing and improving the performance of our website. We use Google Analytics 4 (GA4) to collect aggregated, anonymized information about user behavior and technical performance. This data does not allow us to directly identify individuals, and is used solely to enhance the quality, security, and usability of our website.

We acknowledge that interpretations of GDPR may vary between EU countries. In regions where prior consent is strictly required for analytics tools, users should refrain from continued use of our website if they do not wish such cookies to be set. Alternatively, users may opt out via the Google Analytics opt-out browser extension.

You can opt out of Google Analytics tracking by using this official browser add-on.

We use the Complianz Consent Management Platform to manage cookies and tracking technologies in accordance with applicable laws. You can manage your preferences at any time.

6. Embedded Content

Articles on our site may include embedded content (e.g., videos, images, articles). Embedded content behaves as if you visited the source website, which may collect data, use cookies, or track your interactions. We recommend reviewing their privacy policies.

7. How Long We Retain Your Data

Comments: Comments and metadata are retained indefinitely to recognize and approve follow-up comments automatically.
Registered Users: Personal data in user profiles is retained indefinitely unless the user deletes their account. Administrators can view and edit this information.
Order-Related Data: Including customer name, address, order contents, and transaction details, are retained for at least 7 years for accounting and tax compliance purposes.

8. Where Your Data Is Sent

Visitor comments may be checked through automated spam detection services. Your data may also be transferred between our Estonia and USA entities, ensuring compliance with GDPR and other applicable laws.

8.1 Data Security

We have implemented appropriate technical and organizational measures to protect your personal data from unauthorized access, use, or disclosure. These measures include secure server environments, access controls, and data encryption where applicable.

While we take reasonable steps to secure your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but strive to use commercially acceptable means to protect your data.

9. Your Rights

You may have the following rights, depending on your location:

Access: Request a copy of the personal data we hold.
Correction: Rectify inaccurate or incomplete data.
Deletion: Request the deletion of your data (subject to legal or regulatory obligations).
Restriction: Limit how your data is processed.
Portability: Request your data in a portable format.
Withdraw Consent: Opt-out of marketing or other data uses.

To exercise these rights, email us at info@kikasdesign.com.

If you receive marketing emails from us, you may opt out at any time by clicking the “unsubscribe” link included in our communications or by emailing us at info@kikasdesign.com.

9.1 California Privacy Rights (CCPA)

If you are a California resident, you may exercise the following rights under the California Consumer Privacy Act (CCPA):

Right to Know – the categories and specific pieces of personal data we have collected;
Right to Delete – personal data we have collected from you;
Right to Opt-Out – of the sale of your personal data (we do not sell your data);
Right to Non-Discrimination – we will not deny goods or services or charge different prices if you exercise your rights.

To verify your identity, we may request additional information such as your full name, email, or billing address. You can submit requests by emailing us at info@kikasdesign.com with the subject line “CCPA Request”.

10. Third-Party Liability Waiver

We collaborate with third-party service providers (e.g., payment gateways and shipping companies) to deliver our services. We carefully choose third-party service providers and require them to comply with relevant data protection laws. However, we are not responsible for the data practices of third-party websites or services beyond our control.

11. Export Control and Sanctions Compliance

As part of international trade regulations, we comply with export controls and sanctions, monitoring transactions to ensure compliance with laws restricting sales or shipments to sanctioned countries or individuals.

By engaging with us, you confirm that:

You are not located in a sanctioned country or acting on behalf of a sanctioned entity.
You will not resell our products to restricted parties or countries.

12. Governing Laws and Jurisdiction

For services provided by Tuning Projekt OÜ, Estonian laws apply, and disputes will be resolved in Estonian courts.
For services provided by Kikas LLC, Texas laws apply, and disputes will be resolved in Texas courts.

13. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in laws or business practices. Updates will be posted here, with the Effective Date clearly indicated.

14. Children’s Privacy

Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child without verified parental consent, we will delete it promptly.

If you believe that a child has provided us with personal data, please contact us at info@kikasdesign.com.

15. Contact Us

For any privacy-related questions or concerns, please contact:

Estonia Office:
Tuning Projekt OÜ
Leete 19, Tallinn 11313, Estonia
+372 56625803

USA Office:
Kikas LLC
Austin, Texas, USA
+1 (737) 377-1616

Email: info@kikasdesign.com