Skip to content

Data Protection & GDPR Compliance Statement

This statement applies to the Orvium platform, including any white-label deployments, regardless of branding or partnership arrangements.

Orvium OÜ processes personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”) and applicable national data protection laws.

As Data Controller of the Platform (including any white-label deployments), Orvium OÜ implements appropriate technical and organisational measures designed to ensure a level of security appropriate to the risk, in accordance with Article 32 GDPR.

These measures include, where appropriate:

  • Pseudonymisation and encryption of personal data
  • Measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services
  • The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
  • Procedures for regularly testing, assessing, and evaluating the effectiveness of technical and organisational measures
  • Internal procedures for identifying, reporting, and investigating personal data breaches
  • Processes to support the exercise of data subject rights under Chapter III of the GDPR

Nothing in this statement constitutes a representation of absolute security or certification under Article 42 GDPR. Security measures are continuously reviewed and updated in accordance with industry standards and regulatory guidance.