Privacy policy

Privacy policy

In connection with the European Union’s General Data Protection Regulation (EU) 2016/679, which entered into force on 25 May 2018, we inform you of how we use the personal data of our customers.

Who is the controller of personal data?

The responsible controller and user is OÜ Merko Kodud or another company belonging to the Merko Ehitus group.

Who is the customer?

The customer is a natural or legal person who has expressed a wish to purchase or has purchased an apartment, commercial premises or other property from Merko. This policy also applies to customers with whom a customer relationship was established before the effective date of this policy.

What personal data do we process and why?

As part of the customer relationship, the customer provides us with, among other things, their name, email address and telephone number, and an apartment address when purchasing an apartment. We use this personal data to prepare, sign and complete a contract, as well as for marketing purposes, including:

  • to contact the client regarding apartment(s) of interest to the client,
  • to maintain a list of contacts,
  • to ask for feedback,
  • to send newsletters,
  • to perform warranty work.

What is the legal basis for processing customers’ personal data?

The legal basis for processing the personal data of our customers is our legitimate interest in fulfilling or concluding a contract with the customer, maintaining contact with the customer, requesting feedback on the quality of service and sending the customer notifications about new development projects and campaigns.

How long do we keep the personal information of our customers?

We keep personal data until the customer requests us to erase the data. In such cases, we erase the customer’s data from our databases and stop sending information to the customer. We will not retain the customer’s personal data for longer than is necessary to meet the purposes of the processing the customer’s data or to satisfy legal requirements.

What security measures do we use to protect the personal data of our customers?

To protect the customers’ personal data, we apply appropriate technical and organisational security measures that help protect the data and prevent unauthorised access.

To whom do we transfer customer data?

We do not sell, grant, distribute or otherwise transfer a customer’s personal data to third parties. Those who have access to customer data are our IT service provider and the feedback survey provider, the notary office that prepares the property contract, the bank offering the home loan to the customer, the contractual partners performing warranty work and, at the customer’s request, the company providing interior design services (e.g. kitchen furniture), and all these only in appropriate cases and to the extent necessary.

What are the customer’s rights?

The customer always has the right to contact us for information about the processing of their personal data. Questions and suggestions should be sent to

Under the General Data Protection Regulation, the customer has the following rights, among others:

  • the right to know what personal data we process and to request a copy,
  • the right to request the correction of incorrect data or the erasure of personal data,
  • the right to object to and request the restriction of processing of their personal data.

We reserve the right to change this policy. The applicable policy can be found on website If the customer wants to file a complaint about the use of their data, they can contact the Estonian Data Protection Inspectorate.