Privacy Policy

In accordance with the EU General Data Protection Regulation (GDPR), Art. 13/14

1. Controller

2. Overview

We take the protection of your personal data seriously. This policy explains what data we process when you visit www.avaacoins.com, on what legal basis, and what rights you have. We process personal data only to the extent necessary and always in accordance with the GDPR.

3. Server log files & hosting

Our website is hosted by a processor (webgo GmbH, Germany) on servers within the EU. When you access the site, the hosting provider automatically collects and stores technical data in server log files that your browser transmits: IP address (truncated/anonymised where possible), date and time of the request, the page requested, referrer URL, browser type and operating system.

This processing is based on our legitimate interest in the secure and stable operation of the website (Art. 6(1)(f) GDPR). A data processing agreement (Art. 28 GDPR) is in place with the hosting provider.

4. Cookies & local storage

Our website uses only one strictly necessary entry in your browser's local storage to remember your cookie-consent choice (key: avaacoins_cookie_consent). This is required to respect your decision and is based on Art. 6(1)(f) / § 25(2) TTDSG (strictly necessary). No tracking cookies are set unless you explicitly consent.

5. Web analytics — Google Analytics 4 (consent-based)

We use Google Analytics 4 (measurement ID G-2NRNF1YH3Q), a service provided by Google Ireland Limited, to understand how visitors use our site.

• Consent first: Google Analytics is loaded only after you actively consent via our cookie banner. Before consent, no connection to Google is established and no analytics data is collected (Google Consent Mode v2, default = denied).
• Legal basis: your consent (Art. 6(1)(a) GDPR / § 25(1) TTDSG). You can withdraw consent at any time with effect for the future by clearing your browser storage or declining the banner.
• IP anonymisation is enabled; advertising features and ad personalisation remain disabled.
• Data may be transferred to Google servers. Google LLC is certified under the EU–US Data Privacy Framework.

6. Contacting us

If you contact us by email or phone, the data you provide will be processed solely to handle your enquiry, on the basis of Art. 6(1)(b)/(f) GDPR, and deleted once it is no longer required.

7. Data retention

We retain personal data only as long as necessary for the purposes described or as required by statutory retention obligations. Server logs are deleted on a rolling basis; analytics data is retained according to the configured GA4 retention period (max. 14 months).

8. Your rights

Under the GDPR you have the right to: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and to object to processing (Art. 21). Where processing is based on consent, you may withdraw it at any time. To exercise these rights, contact office@avaacoins.com.

You also have the right to lodge a complaint with a supervisory authority — in Estonia, the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).

9. Changes

We may update this policy to reflect changes in our service or legal requirements. The current version always applies and is published on this page.