This Privacy Policy explains how Lubera OÜ, a private limited company established in the Republic of Estonia ("Lubera", "we", "us"), processes personal data in connection with the Tervita platform, also marketed as "Pestarzt", and the website tervita.ee (the "Platform").
We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Estonian Personal Data Protection Act. This policy describes what data we process, why, on what legal basis, with whom we share it and what rights you have.
We act in two different roles depending on the data:
Depending on how the Platform is used, we may process:
The Platform does not require special-category (e.g. health) data to function. Any such data that a business customer chooses to record about its End Clients is entered under that business's own responsibility as controller.
As controller, we process personal data for the following purposes and legal bases:
Where we act as processor for a business customer's End Client data, we process that data only to provide the Platform and on the business customer's documented instructions.
We use strictly necessary cookies to keep you signed in and to remember your language preference, and limited functional cookies. We do not use advertising cookies. For details, see our Cookie Policy.
We do not sell personal data. We share personal data only with service providers who process it on our behalf under a contract, and where required by law. Our main categories of sub-processors are:
We may also disclose personal data where necessary to comply with the law, enforce our agreements, or protect the rights, safety and security of Lubera, our customers or others.
We aim to process personal data within the European Union / European Economic Area. Where a sub-processor processes data outside the EEA, we ensure appropriate safeguards are in place, such as an adequacy decision of the European Commission or the EU Standard Contractual Clauses.
We keep account and related personal data for as long as your account is active and as needed to provide the Platform. After an account is closed, we delete or anonymise personal data within a reasonable period, except where we must retain certain data to comply with legal obligations (for example, accounting records, which Estonian law generally requires to be kept for seven years).
End Client data entered by a business customer is retained in accordance with that customer's instructions and settings, and deleted or anonymised when no longer needed or on the customer's request.
We use appropriate technical and organisational measures to protect personal data, including encryption in transit (TLS), encryption of data at rest, role- and row-level access controls, least-privilege access and monitoring. No system is completely secure; if a personal-data breach affects your data, we will act and notify affected parties and authorities as required by law.
Subject to applicable law, you have the right to:
To exercise these rights in relation to data for which we are the controller, contact us at privacy@tervita.ee. If your data was entered into the Platform by a business customer (as its End Client), please contact that business, which is the controller; we will support it as processor. You also have the right to lodge a complaint with a supervisory authority — in Estonia, the Data Protection Inspectorate (Andmekaitse Inspektsioon, aki.ee).
The Platform is intended for use by businesses and is not directed to children. Where a business customer records data about a minor End Client, that business is responsible for obtaining any consent required from a parent or guardian under applicable law.
We may update this Privacy Policy from time to time. If we make material changes, we will provide reasonable notice, for example by posting the updated policy on the Platform and updating the "last updated" date below.
For questions about this Privacy Policy or about how we handle personal data, contact the controller:
Last updated: 10/07/2026