1. PERSONAL DATA
To provide our services, we need to collect the following personal data about our users:
- information to identify and contact the person such as name, date of birth, email address, telephone number, postal address, country of residence and tax residency;
- registered communication with us such as recommendations, comments, requests, inquiries, either submitted through the Website, using emails or phone calls;
- information concerning the use of our Website and the user account such as login and password details, IP address and data concerning the actions of user on our Website;
- information concerning the transactions and other activities of the user such as details of payments, applications, agreements and other data concerning the use of the services provided by us.
- Documents and data received during KYC process such as copy of documents, explanations for the sources of funds etc
2. PROCESSING OF PERSONAL DATA
Processing of personal data means any operation which is performed on personal data, whether automated or not, including but not limited to collecting, recording, retention, arrangement, use, amending, delivering, disclosure and deleting of user's personal data by us.
We keep a database about the users' personal data and other information which primarily reflect the following personal data of the users:
- first name and surname;
- date of birth and personal identity code;
- residence and/or location;
- means of communication (phone, email, etc);
- communication language;
- bank account information;
- copies of identity document and other information and documents collected in connection with our anti-money laundering practices;
- user data (log-in data, beginning and end of registration of the user’s account, etc.);
- other information the User has delivered to us, or which we have collected at our own initiative from the sources permitted by law (incl. via media and Internet);
- information about the agreements of the user entered into via the Website.
We may process other user related information if there is a justified need for it regarding the performance of the agreements and if processing of such data does not contradict the law.
Upon registration of the user account, the user of the Website is deemed to have given its consent to us to process personal data (including transfer and disclosure of user's personal data) described in these terms and conditions.
3. THE PURPOSE OF PROCESSING PERSONAL DATA
We process personal data to fulfil our obligations arising from the Terms or provided for in the applicable law. Our main purposes in connection with processing of user's personal data are as follows:
- to ensure the identification of the user;
- to ensure immediate due performance of the contractual financial duties;
- to analyse the user satisfaction and preferences towards the services to enable effective service development and marketing activities.
We are entitled to process user's personal data also for other purposes if they are necessary for performance of the obligations provided by the law (including but not limited to any obligation of us in connection with taxation of the users and any obligation deriving from the Estonian Accounting Act).
4. DATA CONTROLLER
The person responsible for lawful processing of data, i.e. the data controller is ReInvest24 OÜ. The data controller is a person who determines the purpose and means of the processing of personal data.
5. GENERAL PRINCIPLES OF PROCESSING OF PERSONAL DATA
We and all of our employees apply all diligence and security measures required by the law at processing user's personal data to ensure that it is only done for a purpose and to protect user's personal data against inadvertent or unauthorised use, disclosure or destruction.
We enable access to the user's personal data only to
- our employees with whom a non-disclosure agreement is concluded;
- a third person (e.g. financial institution or KYC data processor), who processes the data on behalf of us, with whom a non-disclosure agreement is concluded.
We exclude any access of the unauthorised third persons to user's personal data and our database containing such data.
6. TRANSFER AND DISCLOSURE OF PERSONAL DATA
We are entitled to transfer user's personal data in accordance with the Terms and the law, primarily to:
- third persons who fulfil any of our data processing assignments;
- persons whose economic or professional activity includes provision of service of collection of debts and other related services for collection of contractual debt(s) of the user;
- persons to whom we are obliged to transfer user's personal data based on the law;
- person providing accounting services to us, also to persons providing legal assistance in connection with agreements entered into with or between the users.
We are entitled to transfer user's personal data to the third persons in any other case only when there is justified interest for ensuring the performance of the agreements entered into (e.g. Collateral Agent) with or between the users and transfer of information to such person does not contradict the law.
Under the applicable law we are obliged to conclude an adequate agreement with any third persons to whom user's personal data are transferred, i.e. the data processor. We will in any case assess the organisational and technical measures the data processor takes to ensure the protection of personal data.
7. RIGHTS AND OBLIGATIONS OF USERS IN CONNECTION WITH PROCESSING OF THE PERSONAL DATA
The user agrees to transfer to us required personal data described in the Terms and any loan document, which must be correct, valid and complete.
The user agrees to inform us immediately about the changes in their personal data, also about incorrectness or invalidity of personal data by delivering to us the correct and valid personal data to replace the incorrect and/or invalid ones.
The user shall be fully responsible for his or her correct and valid personal data during the use of the Website.
The user is entitled to demand information from us at any time about the personal data collected by us about him or her, also about the persons to who we have delivered the user's personal data. For that, the user must send us an email. We will review and answer to the demand of information within five (5) working days from receiving the application from the user. We are entitled to refuse from transfer of the above specified information in cases and extent provided by the law.
The user is entitled to demand termination of the processing of the personal data by us, and we are obliged to terminate processing of user's personal data if the user has duly performed all obligations of the agreements entered into with the us and/or another user and the user's agreements entered into with us and/or other user are terminated.
Any questions or request for termination of processing of data must be submitted to the following email address: firstname.lastname@example.org.
8. STORING OF DATA
Data is stored in data centres located in the European Union. Under the terms and conditions of the service provided by the data centre, only We have the right to access the personal data of the users. The personal data of the users is stored and preserved for as long as necessary under the applicable law. After that, the data is destructed in a manner required by the applicable law.
9. SUBMITTING A COMPLAINT
The user has the right to lodge a complaint with a supervisory authority.