Protection of personal data is very important for Crowdlendio and we approach it very seriously. We process personal data pursuant to our obligations arising from the relevant legislation applicable in the European Union and in the Republic of Estonia and observe the principles of secure processing of personal data.
What is personal data and how, when and what personal information do we collect and process?
Personal data is any information we have on a user which allows the user to be identified, either directly or indirectly. Under the General Data Protection Regulation (EU) 2016/679 we have the obligation to inform You about data processing activities which are conducted by us using the personal data we have collected or generated.
If engaged with us in any way, we may collect the following information about You:
- Full name, personal Identification Number, personal ID-card details or details from another official document, nationality, address (current and permanent), occupation, date of birth, e-mail, telephone number, information from a utility bill;
- Username, login and password details, IP address;
- ID Card electronic copy, electronic copy of a utility bill;
- Personal data collected for PEPs (politically exposed person/screening) – public sanctions, job position, personal data about family members of a person performing prominent public functions;
- Information relevant to money transactions;
- Phone number;
What do we do with the gathered information?
We require this information to understand Your needs and provide You with a better service, and in particular for the following reasons:
- Internal record keeping;
- Lemonway the following personal data disclosed by You or collected in another manner (from relevant public registers);
- We may use the information to improve our products and services;
- In accordance with your choice we may periodically send promotional e-mails about new products, special offers or other information which we think You may find interesting using the e-mail address which You have provided;
- From time to time, we may also use Your information to contact You for market research purposes. We may contact You by e-mail, phone or mail. We may use the information to custom-list listise the website according to Your interests;
- For general custom-list lister relationship management in order to grant access to services provided by Crowdlendio as well as administration. To conclude and execute a contract with the User; ensuring the accuracy of the data by checking and updating internal and external data sources;
- Legal obligations and identity checks: to comply with the applicable laws and international agreements of Crowdlendio. For example, implementation of know-Your-custom-list lister (KYC), verifications of the identity of the User, market transparency requirements and to be able to provide information to competent authorities to prevent, detect, investigate and report on potential criminal offences, money laundering, terrorism financing, whether the Client is subject to financial sanctions risk, a significant political person and knowledge of Client's activity;
We are committed to ensure that Your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
Personal data recipients
Personal data may be transferred to other recipients / third parties:
- Institutions (e.g. tax administrations, supervisors and financial intelligence agencies, sworn notary offices, sworn bailiffs and law enforcement agencies).
- Legal advisers or other related Personal Data processors.
Upon completion of transactions in the Portal, Crowdlendio transfers Your personal data (including the name, personal identification code, contact details, and other potential data which the other party to the contract or the guarantee agent may need in connection with the particular transaction completed with You) to the other party to the contract and, if necessary, to the guarantee agent.
In addition to the above, we may disclose Your data to third parties in connection with fulfilling our legal obligation and, if necessary, for defending our legitimate interests or claims.
The personal data arising from using the Portal and sending marketing e-mails and required for this purpose are retained and processed in the server of our cooperation partner SendGrid. The latter’s US-based data centres are located in Herndon, VA; Las Vegas, NV; and Chicago, IL. The security of the processing of the data transferred to the Unites States of America by SendGrid is ensured through the Privacy Shield data protection framework between the European Union and the U.S. We do not transfer personal data outside of the European Union or the European Economic Area in other cases.
Geographical area of processing
Personal data is processed in the European Union / European Economic Area (EU / EEA). In some cases, Data may be transferred and processed in countries outside the EU / EEA.
Storage and period of data storage
Personal data will only be processed and stored for as long as necessary for a specific purpose. Under the General Data Protection Regulation of the EU, if a User is not active for more than three years all the personal data of the User will be deleted. The period of retention may is based on an agreement with the Client, the legitimate interests of Crowdlendio or applicable regulatory enactments (for example, laws on accounting, anti-money laundering limitation, civil rights, etc.).
Execution of the rights related to the processing of personal data
If You would like:
- to receive information on whether and which personal data are processed by us within the framework of our operations and how,
- to request the rectification, amendment, or complementation of Your data if they are incorrect, incomplete, or insufficient,
- to submit objections against the processing of Your data for direct marketing or for processing Your data based on a specific situation, if such processing is based on Crowdlendio's legitimate interest;
- to restrict the processing of Your data (if You have disputed the accuracy of the data, Your data are no longer needed by Crowdlendio for the processing, and You are not interested in the deletion of data or if You have submitted an objection against the processing of Your data);
- to request the transfer of Your data to another data controller in compliance with the applicable legislation,
- to express other wishes or submit other applications related to the processing Your data or if You require further information about the processing, please contact us by sending an e-mail to firstname.lastname@example.org.
Please keep in mind that the rights mentioned above are not unlimited and, in some instances, the rights of other persons or the legitimate interests and/or obligations of Crowdlendio may restrict the execution of Your rights. Crowdlendio strives to ensure lawful and transparent processing of personal data, respecting the rights of the data subject. However, in case you find that we have processed Your data unlawfully or have violated Your rights in connection with personal processing data, please notify us thereof by sending an e-mail to the address above. You may also file a complaint with the Estonian Data Protection Inspectorate (e-mail address: email@example.com).
Ensuring the security of personal data
In the event that is related to the violation of personal data, Crowdlendio implements the measures required to alleviate the outcomes and to reduce the respective risks in the future. Thereat, all such offences are registered, and the Data Protection Inspectorate and data subjects are notified, if required.
Cookies usage and other online technologies
A cookie is a small file which asks permission to be placed on Your computer's hard drive. Once You agree, the file is added, and the cookie helps to analyse web traffic or lets You know when You visit a particular site. Cookies allow web applications to respond to You as an individual. The web application can tailor its operations to Your needs, likes and dislikes by gathering and remembering information about Your preferences.
Overall, cookies help us provide You with a better website, by enabling us to monitor which pages You find useful and which You do not. A cookie in no way gives us access to Your computer or any information about You, other than the data You choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but You can usually modify Your browser setting to decline cookies if You prefer, this may prevent You from taking full advantage of the website.
Crowdlendio uses the following cookies and Local Storage Objects in the Portal:
- Google Analytics cookies are so-called third-party cookies which are installed by a company included in the Google group to help us analyse the use of the Portal. The information about the cookies in connection with the use of the Portal is sent by Your browser to the servers of Google in the United States of America and in other countries where they are also retained. Google uses this information to assess the use of the Portal, drawing up reports about the activity of the Portal and providing other services in connection with the use of the Portal and internet. The IP address received by Google Analytics is not associated with other data administered by Google.
- Crowdlendio uses also a Session ID cookie. This cookie is used to remember the User's preferences, click-paths and other actions to improve the usage of the website for every individual User.