As the provider of the Services on the Website, Dealum is the controller of your personal data. Dealum’s contact details are:
Registry code: 14238426
Address: Raekoja plats 16, Tartu 51004, Estonia
Please also note that each user of the Services on the Website qualifies as an independent controller of the data uploaded by the user on the Website. Therefore, a user is responsible for the lawfulness of such processing and it is the responsibility of the user to ensure that the data are processed in accordance with applicable legislation. First and foremost, the user must make sure that it has the legitimate basis to disclose and further process data on the Website. For example, the user must make sure it has the right to publish, share and export data on other users and third persons on the Website, including in the Deal Rooms. The user will apply the account settings made available by us to determine the accessibility of such data.
If the user is providing services to other users of the Website, the user might also qualify as a data processor. In such case the processor must follow the instructions of the controller.
Generally Dealum only collects data that you enter via our Website. The following is a slightly more detailed explanation of the collection of personal data.
When registering a user account and using our Services we may collect or ask you to provide certain personal information such as contact details of you and/or your organisation.
If you register on our Website as a Company we collect your name and email address as well as other information you provide by filling in the registration form.
If you register on our Website as an Investor we collect your name and email address as well as other information you provide by filling in the registration form, e.g. location, investment history and investment strategy overview.
When subscribing to a paid plan we collect billing information (including credit card and payment information).
In course of using our Services you may provide additional information and/or content by filling out your user profile (e.g. your photo, biography, phone number, etc.), due diligence questionnaire (e.g. company business model, sales channels, milestones, etc). reporting or communicating with other users on the Website (e.g. comments, votes when participating in voting as a jury member, etc). Please read our Terms and Conditions to find out more about different Services and in order to better understand the purposes of the processing of your personal data.
We use the personal information you have provided for creating and managing your user account, managing your subscriptions and to provide and improve the chat, matchmaking, deal room, investment syndicate, reporting and other Services that are available on the Website. Such processing is necessary for the performance of the contract to which you are a party when you are using our Services or in order to take steps prior to entering into the contract.
We may send you e-mails for marketing purposes but only with your explicit consent. You have the right to withdraw your consent at any time. In case you wish to stop receiving e-mails for marketing purposes, please click the unsubscribe button, which can be found at the end of such e-mails.
We may process your personal information on the basis of consent also in other cases. For example, if you contact us via our Webpage to require information about a custom solution of pricing, we ask you to provide us your name, email, phone number and organization name.
Furthermore, the processing might be necessary for compliance with legal obligations to which Dealum is subject. For example, Dealum is required to organise the accounting and financial reporting.
Dealum will also process your personal data if the processing is necessary for the purposes of the legitimate interests pursued by Dealum (e.g. fraud detection, development of the Services). In every such case Dealum will consider whether such interests might be overridden by the interests or fundamental rights and freedoms of the data subject.
We may also use or share the information collected with others, in aggregated, anonymous form, which means that the information will not contain any personally-identifiable information about you or any other person.
We will retain your personal data only for so long as it is required for the purposes it was collected. This period may extend beyond the end of your relationship with us, but it will be only for so long as it is reasonably necessary for us to have sufficient information to respond to any issues that may arise after the end of your relationship with us. When your personal information is no longer required, we will destroy, delete or convert it into an anonymous form.
As a general rule Dealum will keep your personal information for as long as your profile is active. If you delete your profile, we keep your data for the limitation period (3 years by default) of possible claims. If you have not logged into your profile for 1 year, your profile is considered to be inactive; however, your personal data will be retained for the maximal limitation period of 10 years beginning from your last login. If you use your account again during that period, it will be reactivated (considered active again).
Please note that by derogation from the previous your data may be retained longer if other users of the Dealum’s Services have the right to process your data. The data will be retained as long as the other user continues using Dealum’s Services. Your communication on the Website, including any information you have provided to other users in course of private or group conversations, investment negotiations, investment syndicate or via other means available on the Website, shall remain accessible to such users as long as their user account is not deleted. For example, if an Investor uses the Services to manage his/her portfolio, the Investor has the right to process your data and as long as the Investor uses Dealum for these purposes, Dealum will retain all the relevant data.
The information contained in the accounting records will be retained for seven years in accordance with the law.
Credit card information is stored on certified credit card service provider servers. We do not retain any credit card information on our servers.
If the data are transferred to a third country, we implement appropriate safeguards and means depending on the circumstances of each transfer (e.g. the standard data protection clauses adopted by the European Commission; the EU-U.S. Privacy Shield Framework: https://www.privacyshield.gov/welcome, etc.). We will use technical and organisational measures to safeguard your personal data.
You may at any time request to see, update or remove the profile information you have posted on the Website. However, please note that certain Services cannot be provided after you wish to remove your profile information.
You always have the opportunity to opt out of receiving promotional communications any time by following the instructions in those communications. If you opt out, we may still send you non-promotional communications, such as technical notices, support or administrative notifications or information about your account.
You have the right to receive information about the personal data processed by Dealum, including the categories of data processed, the sources of the data, purposes of processing etc. You are also entitled to receive copies and extracts of personal data processed. You have the right to request the correction or updating of data if it turns out that the personal data being processed is inaccurate.
You have the right on to object to processing, on grounds relating to your particular situation, at any time to processing of personal data concerning you if such processing is only necessary for the purposes of the legitimate interests pursued by Dealum.
You have the right to obtain from Dealum restriction of processing or the erasure of your personal data. Dealum will erase your data or implement other measures that result in the data becoming permanently anonymous if:
Dealum will fulfil your request within a reasonable time, but no later than one month after receiving the request.
We do not sell, trade, or otherwise transfer to third parties your personal information unless it is necessary for providing the Services or required by law.
Certain profile information provided by you, as indicated on the Website, shall be made available to all users of the Website. Any company information you provide via the Website (including profile information, due diligence answers and periodic reporting) that are not made available to all users will be accessible only to the users who are members of a deal room to which you have shared your company application or to whom you have given your explicit consent to access your data.
We may use data processors to process your data. For example, we may store your data in servers hosted by third party cloud service providers such as Google, Amazon, Microsoft Azure, etc. The data stored in such servers is encrypted, secured and cannot be accessed by any third parties. Any such processor shall be obliged to adhere to the terms set forth in this document.
Dealum may be required to transfer personal data if Dealum is legally bound by such an obligation. For example, Dealum might be obligated to disclose personal data to public authorities upon their legitimate request
Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive.
We endeavour to maintain appropriate physical, procedural and technical safeguards with respect to our offices and information storage facilities in order to prevent any loss, misuse, or unauthorized access, disclosure, or modification of your personal information.
If you have any questions related to this policy or in case of any suspected infringement of your privacy, please contact us at email@example.com. We’ll try to resolve the dispute by negotiation. However, you also have the right to lodge a complaint with a supervisory authority (Estonian Data Protection Inspectorate, 19 Väike-Ameerika St., 10129 Tallinn, firstname.lastname@example.org) or court.