ProactiveheadsProactiveheads

Privacy Policy

Introduction

Welcome to the privacy policy for proactiveheads.com. We are committed to protecting your personal data and complying with the EU General Data Protection Regulation (GDPR) and UK data protection law. This policy explains what personal information we collect when you visit our website or communicate with us, how we use and protect that information, and your rights in relation to it. Our website is a static corporate site with no user logins or interactive features, and we do not embed any third-party content (such as maps, videos, or social media plugins) that could directly collect your data. In plain terms, you can browse our site without telling us who you are, unless you choose to consent to analytics cookies or contact us by email.

We aim to write this policy in clear, plain British English without unnecessary legal jargon, while still including all the information required by law. If anything remains unclear, feel free to contact us (details below) and we will be happy to help.

Who is responsible for your data?

The data controller for this website is Proactiveheads OÜ (“we” or “us”), an Estonian private limited company. We determine the purposes and means of processing personal data on proactiveheads.com. You can contact us at:

We do not have a designated Data Protection Officer (as we are not required to by law), but for any questions or requests regarding your personal data, you can reach us at the email address above. We will be happy to assist with any privacy-related inquiries.

Data we collect when you visit our website

No personal registration is needed to use our site. When you simply browse proactiveheads.com, we do not ask you to log in, provide your name, or otherwise identify yourself. However, like most websites, our servers and certain tools collect some technical information automatically:

Server log data

When you access our site, our web server automatically records certain information in server log files. This includes your IP address, the date and time of your visit, the pages or files requested, the amount of data transferred, your browser type and version, operating system, and possibly the page you came from (referrer). We use this data to deliver the website to you, ensure the site works correctly, and look after the security of our site (for example, to detect and prevent attacks or misuse). We do not use server log data to try to identify you as an individual. The IP address (which could identify you in theory) is stored only as long as necessary to respond to your request and is then either deleted or anonymised (for example, by truncating the IP). Server logs are retained only for a short period (no more than 7 days) and are automatically deleted after that, unless we need to keep them longer to investigate a specific security incident. Without collecting this minimal data, our website cannot be delivered to your browser nor kept secure. Legal basis: Our use of server log data is based on our legitimate interest (GDPR Article 6(1)(f)) in operating a safe and functional website.

Essential cookies (necessary cookies)

We use a self-hosted cookie consent tool to remember your cookie preferences. When you first visit the site, you will see a cookie banner asking for your consent to use analytics cookies (described below). If you choose to set your preferences, we will store a small essential cookie on your device to remember whether you consented or declined. This ensures that the banner does not keep reappearing and that we respect your choice. This cookie does not contain personally identifiable information; it simply stores a value like “consent given” or “consent refused”. It is necessary for compliance with privacy laws and for user experience, so it is used regardless of consent. The consent cookie typically expires after a set time (for example, 1 year) or when you clear your browser cookies. Legal basis: Legitimate interest and, where applicable, legal obligation (GDPR Article 6(1)(f) and Article 6(1)(c)).

Google Analytics 4 (analytics cookies)

If you give consent, we use Google Analytics 4 (GA4) to collect anonymised analytics about how our site is used. This helps us understand things like how many visitors we get, which pages are most popular, and how people find our site, so we can improve our content. We do not load Google Analytics unless you have opted-in via the cookie banner. If you decline, you can still use the site normally and no analytics data will be collected.

What information does GA4 collect? Google Analytics uses first-party cookies and similar technologies to collect information about your use of our site. This includes data such as which pages you visit, how long you stay, the type of device and browser you use, and other usage statistics. Google Analytics 4 does not collect or store your full IP address – IP anonymisation is built-in and enabled by default, meaning your IP is immediately masked and not recorded in full. The analytics cookies set by Google (such as _ga and _ga_<ID>) contain random identifiers to distinguish visitors, but they do not directly reveal your identity. The main GA cookie (_ga) can have a typical expiration of up to 2 years.

What do we use analytics data for? We use the information from Google Analytics to analyse website traffic and usage patterns. For example, we learn which content is most useful to visitors so we can improve our site. We do not use Google Analytics for advertising or profiling. We have not enabled Google’s advertising features, demographic reports, or data sharing with other Google services.

Data sharing and safeguards: Google Analytics is provided by Google Ireland Limited (EU). Google may process analytics data on servers in the United States or other countries. We have entered into a Data Processing Agreement with Google that incorporates the European Commission’s Standard Contractual Clauses and we rely on these safeguards (and Google’s participation in recognised transfer frameworks) for any international data transfers. Analytics data is aggregated and does not include your name or contact details. We do not send personal information to Google.

Legal basis: We only process analytics data with your consent (GDPR Article 6(1)(a)). You are free to refuse or withdraw consent at any time without affecting your use of the site.

Data retention: We have configured GA4 to retain event and user-level data for up to 14 months. Older analytics data is automatically deleted on a rolling basis. GA4 does not retain full IP addresses.

Opt-out and withdrawal: You can withdraw your consent at any time via our cookie banner (by re-opening cookie settings) or by deleting cookies in your browser. You can also install Google’s opt-out browser add-on at tools.google.com/dlpage/gaoptout.

Contacting us by email

Our website does not have a contact form or user account system. If you contact us by email at connect@proactiveheads.com, we will process the personal data you provide in that context (typically your email address and any information you include in your message). We use this information solely to communicate with you and handle your request. We will not use your details for unsolicited marketing or add you to any mailing list without your explicit consent.

Legal basis: Usually our legitimate interest (GDPR Article 6(1)(f)) in responding to enquiries. If your enquiry is pre-contractual or relates to a contract with us, the basis may be Article 6(1)(b) (performance of a contract or steps prior to entering one).

Retention: We keep correspondence only as long as needed to address your enquiry or as required by law. For general enquiries, we may delete the thread after a reasonable period once resolved. We treat your communications confidentially and do not share them outside our company unless necessary or legally required.

Cookies and similar technologies

Cookies are small text files that websites save on your device. In summary, our site uses:

You can control cookies via your browser settings (block, delete) and by using our cookie banner to accept or reject analytics. Blocking all cookies may affect functionality (e.g. the site cannot remember your consent choice without an essential cookie).

Here you can change your consent:

Who we share your data with

We do not sell your personal data. We share personal information only with trusted third parties when necessary to run our website and services, and subject to appropriate safeguards:

International data transfers

We are based in Estonia (EEA) and aim to process and store data within the EU/UK wherever possible. If personal data is transferred outside the EU/UK (for example, in connection with Google Analytics), we ensure adequate safeguards are in place, such as the European Commission’s Standard Contractual Clauses and recognised transfer frameworks. Our goal is that your data receives the same level of protection as within the EU/UK. You can contact us for more information about cross-border transfers and the safeguards used.

How long we keep your data

Your rights regarding your personal data

Under the GDPR and UK data protection law, you have the right to:

To exercise your rights, please email us at connect@proactiveheads.com. We may need to verify your identity. We aim to respond within one month.

Questions, concerns, and complaints

If you have any questions or concerns about this policy or how we handle your personal data, please contact us at connect@proactiveheads.com. If you are not satisfied, you have the right to lodge a complaint with a data protection authority. Our lead authority is the Estonian Data Protection Inspectorate (aki.ee). You may contact your local supervisory authority in the EU/EEA or UK, typically where you live or work, or where an infringement occurred.

Updates to this policy

We may update this privacy policy from time to time, for example to reflect changes in the law or our services. If we make significant changes, we will post a notice on our website or otherwise inform you. We encourage you to review this policy occasionally to stay informed about how we are protecting your information.

Last updated: