Privacy Policy (GDPR Compliant)

(Last updated: 28 October 2025)

1. Introduction

Turtle Technologies OÜ (“we”, “us”, “our”) operates OfficialCannabisSeeds.com. We respect your privacy and are committed to protecting your personal data in compliance with the EU General Data Protection Regulation (GDPR) and Estonian data protection laws.

This Privacy Policy explains how we collect, process, and store your personal data.

2. Data Controller

Turtle Technologies OÜ
 Tornimäe tn 5, 10145 Tallinn, Estonia
 Registration No. 17311968 • VAT EE102903092

3. Data We Collect

We collect the following types of information:

  • Personal details: name, address, phone number, and email address.

  • Order data: purchased items, billing/shipping addresses, and payment references.

  • Technical data: IP address, browser type, device identifiers, and session logs.

  • Marketing data: preferences, cookie consent, and website interactions.

4. Purpose and Legal Basis

We process your data for the following purposes:

Purpose Legal Basis
Order processing and delivery Performance of contract (Art. 6(1)(b) GDPR)
Customer service and communication Performance of contract / legitimate interest
Website analytics and improvement Consent / legitimate interest
Legal obligations (tax, accounting) Compliance with law (Art. 6(1)(c))
Fraud prevention and platform security Legitimate interest (Art. 6(1)(f))

5. Data Sharing

We only share your data when necessary:

  • With OptiSeeds (Global Web Market SL) for order fulfillment.

  • With payment processors for secure transactions.

  • With shipping carriers for delivery.

  • With IT and hosting providers operating within the EU.

We do not sell or share your data for advertising purposes.

6. Data Retention

We retain personal data for as long as necessary to fulfill contractual obligations and comply with legal requirements (e.g., tax retention periods). Afterward, data is securely deleted or anonymized.

7. International Transfers

All data is stored within the European Economic Area (EEA).
 If data must be transferred outside the EEA, we ensure appropriate safeguards, such as EU Commission Standard Contractual Clauses.

8. Your Rights

You have the right to:

  • Access your personal data.

  • Request correction or deletion.

  • Restrict or object to processing.

  • Request data portability.

  • Withdraw consent at any time.

You can exercise these rights through the contact form on our website.

9. Security Measures

We employ industry-standard security protocols including SSL encryption, firewalls, and restricted access to protect your data.
 Our partners are contractually obligated to maintain GDPR-level data protection.

10. Cookies

We use cookies to improve functionality and analyze traffic.
 You may disable cookies in your browser, though some features may not function properly.

11. Policy Updates

We may update this Privacy Policy periodically.
 Please review it regularly to stay informed about how we protect your data.