PRIVACY POLICY
Last Updated: January 19, 2026
1. Introduction
Welcome to Frontier (accessible at https://frontier.ee). We are committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI agent services, including our automated tools for property valuation, real estate advertisement analysis, and registry queries (collectively, the "Services").
This policy is designed to comply with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Personal Data Protection Act of Estonia.
2. Data Controller
The entity responsible for the processing of your personal data (the "Data Controller") is:
Frontier.ee
Address: Männiku tee 104, Tallinn, Estonia
Email: info@frontier.ee
For any questions regarding this Privacy Policy or your data rights, please contact us at the email above.
3. Scope and B2B Context
Our Services are primarily designed for business-to-business (B2B) use, intended for real estate professionals, valuers, and companies.
- When you act as a Client: If you are a user signing up to use our Services, we act as the Data Controller of your account information.
- When you process third-party data: If you use our AI agents to query public registries or generate reports containing personal data of third parties (e.g., property owners), you warrant that you have the legal basis to process such data. In specific processing scenarios where we process data strictly on your behalf and instructions, we may act as a Data Processor, governed by our Data Processing Agreement (DPA) included in our Terms of Service.
4. Data We Collect
A. Data You Provide to Us
- Account Information: Name, email address, phone number, job title, and company details (e.g., Company Name, Registry Code).
- Billing Information: Invoicing address, VAT number, and payment details. Note: We use third-party payment processors (e.g., Stripe, Montonio) and do not store full credit card numbers on our servers.
- Input Data: Information you enter into our AI agents to perform tasks (e.g., property addresses, cadastral codes, project details).
B. Data Collected Automatically
- Usage Data: Log files, IP address, browser type, operating system, access times, and pages viewed.
- Interaction Data: Logs of your interactions with our AI agents to improve accuracy and service quality.
- Cookies: Technical data stored on your device to ensure the website functions correctly (see Section 9).
C. Data from Third-Party Sources
Our AI agents are designed to query public databases and registries based on your instructions. We may retrieve and temporarily process data mostly from:
- Land Board (Maa-amet)
- Land Register (Kinnistusraamat)
- Building Registry (EHR)
- Official Announcements (Ametlikud Teadaanded)
5. Purposes and Legal Basis for Processing
We process your data based on the following legal grounds (GDPR Art 6):
| Purpose | Legal Basis |
|---|---|
| Service Provision: Creating accounts, authenticating users, executing AI agent tasks, and delivering reports (e.g., valuation drafts). | Contractual Necessity (Art 6(1)(b)) |
| Billing & Accounting: Issuing invoices and complying with tax laws. | Legal Obligation (Art 6(1)(c)) |
| Platform Improvement: Analyzing usage trends to improve our AI models and user experience. | Legitimate Interest (Art 6(1)(f)) |
| Security: Detecting and preventing fraud or unauthorized access. | Legitimate Interest (Art 6(1)(f)) |
| Customer Support: Responding to your inquiries via info@frontier.ee. | Legitimate Interest (Art 6(1)(f)) |
6. Sharing of Your Data
We do not sell your personal data. We may share information with:
- Service Providers (Processors): Trusted third parties who assist us in operating our website and conducting our business, provided they agree to keep this information confidential and GDPR-compliant.
- Hosting: Andmekeskus Saksamaal
- AI Model Providers: Anthropic (Note: Data sent to LLMs is anonymized where possible, but input context is necessary for agent function.)
- Payment Processors: Stripe, Montonio
- Public Registries: When you instruct an AI agent to query a database (e.g., Kinnistusraamat), necessary query parameters (which may include address data) are sent to these registries.
- Legal Authorities: If required by Estonian law or in response to valid requests by public authorities (e.g., a court or government agency).
7. International Data Transfers
Our primary servers are located within the European Economic Area (EEA). However, some of our service providers (e.g., AI model providers) may process data in the United States or other third countries.
We ensure that such transfers are protected by appropriate safeguards, such as the EU-US Data Privacy Framework or Standard Contractual Clauses (SCCs) approved by the European Commission.
8. Data Retention
We retain your personal data only as long as necessary:
- Account Data: For the duration of your active account plus a grace period after closure.
- Financial Data: 7 years as required by the Estonian Accounting Act.
- AI Interaction Logs: 90 days for debugging and quality assurance, after which they are anonymized or deleted.
9. Cookies and Tracking
We use strictly necessary cookies to enable the core functionality of the site (e.g., session management).
Analytics: We use Posthog and Google services to understand website traffic. You can manage your cookie preferences through your browser settings.
10. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Correct inaccurate or incomplete data.
- Right to Erasure ("Right to be Forgotten"): Request deletion of your data, subject to legal retention obligations.
- Right to Restriction: Request us to restrict the processing of your data.
- Right to Data Portability: Receive your data in a structured, commonly used format.
- Right to Object: Object to processing based on legitimate interests.
To exercise these rights, please contact us at info@frontier.ee. You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) (www.aki.ee).
11. Security
We implement industry-standard technical and organizational measures to protect your data, including encryption (TLS/SSL) for data in transit and secure access controls for our internal systems. However, no method of transmission over the Internet is 100% secure.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last Updated" date.