Dealum collects and processes two different types of data.
Business information is data related to companies, organizations, and entities using the platform, such as their address, business model, performance indicators, portfolio etc. The business information available on the Website is confidential. Your rights, obligations, and restrictions in relation to the confidential information you have shared or accessed through your use of the Website and Services are described in detail in the Terms.
As the provider of the Services on the Website, Dealum is the controller of your personal data. Dealum’s contact details are:
Registry code: 14238426
Address: Raekoja plats 16, Tartu, 51004, Estonia
Please note that each user of the Services on the Website qualifies as an independent controller of the data that is uploaded to the Website by the user. Therefore, a user is responsible for the lawfulness of such processing, and it is the responsibility of the user to ensure that the data is processed in accordance with applicable legislation. First and foremost, the user must make sure that they have a legitimate basis to disclose and process data on the Website. For example, the user must make sure they have the right to publish, share, and export data to other Website users and/or third parties. The owner of the deal room is responsible for ensuring appropriate access controls are in place for sharing the data with their deal room members.
If the user is providing services to other users of the Website, the user might also qualify as a data processor. In such case the processor must follow the instructions of the controller.
Generally, Dealum only collects data that you enter on our Website. When registering a user account and using our Services we may collect or ask you to provide certain personal information.
If you register on our Website as a Founder we collect your name and email address as well as other information you provide by filling in the registration form.
If you register on our Website as an Investor we collect your name and email address as well as other information you provide by filling in the registration form, e.g. location, investment history, and investment strategy overview.
When subscribing to a paid plan we collect billing information.
In the course of using our Services you may provide additional information and/or content by filling out your user profile (e.g. your photo, biography, phone number etc.), application questionnaire (e.g. founder’s background etc.), or communicating with other users on the Website (e.g. comments, votes etc.). Certain personal information provided by you, for example your name, may be made available to other users of the Website.
We use the personal information you have provided for creating and managing your user account, managing your subscriptions, and to provide and improve the Services that are available on the Website. Such processing is necessary for the performance of the contract to which you are a party when you are using our Services or to take steps prior to entering into the contract. Please read our Terms to find out more about different Services and to better understand the purposes of the processing of your personal data.
We may send you e-mails for marketing purposes but only with your consent. You have the right to withdraw your consent at any time. In case you wish to stop receiving e-mails for marketing purposes, please click the unsubscribe button, which can be found at the bottom of such e-mails.
We may also process your personal information based on consent in other cases. For example, if you contact us via our Website to require information about a custom solution for pricing, we ask you to provide us your name, email, phone number, and organization name.
Furthermore, the processing might be necessary for compliance with legal obligations to which Dealum is subject. For example, Dealum is required to organize the accounting and financial reporting.
Dealum will also process your personal data if the processing is necessary for the purposes of the legitimate interests pursued by Dealum (e.g., fraud detection, development of the Services). In every such case, Dealum will consider whether such interests might be overridden by the interests or fundamental rights and freedoms of the data subject.
Dealum may be required to transfer personal data if we are legally bound by such obligation. For example, Dealum might be obligated to disclose personal data to public authorities upon their legitimate request.
We may use or share the collected information in aggregated, anonymous form, which means that the information will not contain any personally identifiable information about you or any other person.
We will retain your personal data only for so long as it is required for the purposes it was collected. This period may extend beyond the end of your relationship with us, but it will be only for so long as it is reasonably necessary for us to have sufficient information to respond to any issues that may arise after the end of your relationship with us. When your personal information is no longer required, we will destroy, delete, or convert it into an anonymous form.
Generally, Dealum will keep your personal information for as long as your user account is active. If your user account is deleted, we may keep your data for the limitation period of possible claims (2 years by default).
Please note that by derogation from the previous your data may be retained longer if other users of the Services have the right to process your data. The data will be retained as long as the other user continues using the Services. All your communication and data entered on the Website shall remain accessible to such users as long as their account is not deleted.
The information contained in the accounting records will be retained for seven years in accordance with the law.
Credit card information is stored on certified credit card service provider servers. We do not retain any credit card information on our servers.
If the data is transferred from the Website’s main data center, we implement appropriate safeguards and means depending on the circumstances of each transfer (e.g. the standard data protection clauses adopted by the European Commission, the EU-U.S. Privacy Shield Framework etc.). We will use technical and organizational measures to safeguard your personal data.
You may at any time request to see, update, or remove your personal information on the Website. However, please note that certain Services cannot be provided after you have removed the information.
You can opt out of receiving promotional communications at any time by following the instructions in those communications. If you opt out, we may still send you non-promotional communication, such as technical notices, support or administrative notifications, or information about your account.
You have the right to receive information about the personal data processed by Dealum, including the categories of data processed, the sources of the data, purposes of processing etc. You are also entitled to receive copies and extracts of personal data processed. You have the right to request the correction or updating of data that is inaccurate.
You have the right to object to processing of your personal data, on grounds relating to your particular situation, if such processing is only necessary for the purposes of the legitimate interests pursued by Dealum.
You have the right to obtain from Dealum restriction of processing or the erasure of your personal data. Dealum will erase your data or implement other measures that result in the data becoming permanently anonymous if:
Dealum will fulfil your request within a reasonable time, but no later than one month after receiving the request.
We may use data subprocessors to process your data. We may store your data in servers hosted by third party cloud service providers. We may additionally disclose your personal information to other third parties if it is necessary for the purposes of providing, maintaining, reviewing, or improving the Services. The full list of third party data subprocessors and the purpose of processing is available on our Website.
We take appropriate technical and organizational measures to ensure any third party processing of your personal information is carried out in accordance with applicable laws. If the data is transferred outside the European Union territory, we implement additional safeguards required by the European Parliament and the Council regulation 2016/679 (GDPR).
Cookies are files with a small amount of data, which may include an anonymous unique identifier.
Cookies are sent to your browser from a web site and stored on your computer's hard drive.
We endeavor to maintain appropriate physical, procedural, and technical safeguards with respect to our offices and information storage facilities to prevent any loss, misuse, unauthorized access, disclosure, or modification of your personal information.
If you have any questions related to this policy or in case of any suspected infringement of your privacy, please contact us at email@example.com. We’ll try to resolve the dispute by negotiation. However, you also have the right to lodge a complaint with a supervisory authority (Estonian Data Protection Inspectorate, Tatari 39, Tallinn, 10134, Estonia, email: firstname.lastname@example.org) or Estonian court.