DRAVNby Poro-IT
PricingGet Started
// Legal

Privacy Policy

1. Data Controller

Poro-IT OÜ ("we", "us", "the Company") is the data controller for personal data collected through dravn.tech and the DRAVN platform.

  • Company — Poro-IT OÜ, registry code 16944422
  • Address — F.R. Faehlmanni 13-3, 10125 Tallinn, Estonia
  • Emailinfo@poro-it.com

2. Data We Collect

2.1 Marketing Website (dravn.tech)

This website does not require registration. We may collect:

  • Contact form submissions — name, email, company, and message when you contact us
  • Analytics data — page views, referrer, browser type (via Google Analytics, only with your consent)
  • Consent preferences — stored in your browser's localStorage

2.2 DRAVN Platform (self-hosted / SaaS)

When using the DRAVN integration platform:

  • Account data — email, name, organization, role
  • Connection credentials — encrypted at rest with AES-256-GCM
  • Pipeline configurations — source, transform, and target settings
  • Usage logs — pipeline run history, row counts, execution times

3. Lawful Basis

  • Consent — analytics cookies and marketing communications
  • Contract — processing necessary to provide the DRAVN platform
  • Legitimate interest — security monitoring, error logging, service improvement

4. Cookies

We use Google Tag Manager with Consent Mode v2. All non-essential tracking is denied by default until you explicitly grant consent.

  • Essential — always active; stores consent preferences in localStorage
  • Analytics — Google Analytics; requires your consent
  • Marketing — advertising and remarketing; requires your consent

5. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your data
  • Restriction — limit how we process your data
  • Portability — receive your data in machine-readable format
  • Withdraw consent — at any time via the cookie banner or by contacting us

You may also lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) at aki.ee.

6. Data Retention

  • Contact form data — retained for the duration of the business relationship
  • Analytics data — 14 months (Google Analytics default)
  • Platform usage logs — 90 days
  • Pipeline run history — 180 days
  • Account data — deleted within 30 days of account closure

7. Data Security

We protect your data with:

  • AES-256-GCM encryption for stored credentials
  • TLS 1.2+ for data in transit
  • bcrypt password hashing (12+ rounds)
  • JWT authentication with short-lived access tokens
  • EU data residency by default (Finland / Stockholm)

8. Data Processors

We use the following third-party processors:

  • Vercel — website hosting (USA, EU data processing)
  • Google Analytics — website analytics (with consent only)
  • Google Cloud — platform infrastructure (europe-north1)
  • Amazon Web Services — platform infrastructure (eu-north-1)

9. Contact

For privacy inquiries or to exercise your rights, contact us at info@poro-it.com.

Poro-IT OÜ · F.R. Faehlmanni 13-3 · 10125 Tallinn · Estonia

Last updated: April 2026

We use cookies to analyse site traffic and improve your experience. Essential cookies are always active. Read our Privacy Policy for details.