Legal
Privacy & Data Security Policy
Last updated: March 31, 2026
1. Controller
The data controller responsible for this website is MoLabs Ltd. ("we", "us", "our"), operating the charterm.ee platform at charterm.ee.
MoLabs Ltd.25 Vitosha Blvd., floor 2
Sofia, Bulgaria
For privacy inquiries, contact us at privacy@charterm.ee or visit www.molabs.de.
2. What Data We Collect
2.1 Server Logs
When you visit our website, our hosting provider automatically records technical data such as your IP address, browser type, operating system, referrer URL, pages visited, and the date and time of access. This data is necessary for delivering the website securely (Art. 6(1)(f) GDPR). Server logs are retained for 14 days and then deleted.
2.2 Analytics (Google Analytics 4)
We use Google Analytics 4 to understand how visitors interact with our site. Google Analytics sets cookies on your device and processes data such as pages viewed, session duration, and approximate location (country / city level).
IP anonymisation is enabled — your full IP address is never stored by Google Analytics. Analytics cookies are only set after you explicitly consent via the cookie banner (Art. 6(1)(a) GDPR). If you decline, no analytics cookies are placed and no data is sent to Google.
Google LLC is certified under the EU–US Data Privacy Framework. More information: Google Privacy Policy.
2.3 Cookies
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
cookie-consent | Stores your cookie preference | Persistent (localStorage) | Essential |
_ga | Google Analytics — distinguishes users | 2 years | Analytics (consent required) |
_ga_* | Google Analytics — session state | 2 years | Analytics (consent required) |
3. Legal Basis for Processing
- Legitimate interest (Art. 6(1)(f) GDPR) — server logs, website security, and fraud prevention.
- Consent (Art. 6(1)(a) GDPR) — analytics cookies. You may withdraw consent at any time by clearing your browser's cookies or local storage.
4. Data Sharing
We do not sell your personal data. Data may be shared with the following categories of recipients solely for the purposes described above:
- Hosting providers — for serving the website.
- Google LLC — for analytics (only with your consent).
- Resend Inc. — for newsletter delivery (only your email and delivery metadata, only if you subscribe).
5. Data Retention
- Server logs: 14 days.
- Analytics data: 14 months (Google Analytics default), then automatically deleted.
6. Your Rights (GDPR)
You have the right to:
- Access the personal data we hold about you (Art. 15).
- Rectify inaccurate data (Art. 16).
- Erase your data ("right to be forgotten", Art. 17).
- Restrict processing (Art. 18).
- Data portability (Art. 20).
- Object to processing based on legitimate interest (Art. 21).
- Withdraw consent at any time without affecting the lawfulness of prior processing (Art. 7(3)).
- Lodge a complaint with a supervisory authority.
To exercise any of these rights, contact us at privacy@charterm.ee.
7. Data Security
We use industry-standard technical and organisational measures to protect your data, including TLS/HTTPS encryption for all traffic, access controls, and regular security reviews of our infrastructure.
8. Changes to This Policy
We may update this policy from time to time. The "last updated" date at the top reflects the most recent revision. Material changes will be communicated via a notice on the website.