This document informs you of Dealum OÜ’s (hereafter referred to as “Dealum”, “us”, “we”) policies regarding the collection, use, and disclosure of personal information when you use our Services. By using the Services provided on dealum.com and its subdomains (“Website”), you agree to the collection and use of personal information in accordance with this policy. These Privacy Policy rules are subject to Estonian law.
The definitions of terms starting with capital letters as well as the description of various Services that have been indicated in this policy can be found in Dealum’s Terms of service, which together with this Privacy Policy must be read and accepted prior to using the Website. We highly recommend reading the Terms first since the description of Services presented there will make it easier to understand this Privacy Policy.
Dealum collects and processes two different types of data.
Business information is data related to companies, organizations, and entities using the platform, such as their address, business model, performance indicators, portfolio etc. The business information available on the Website is confidential. Your rights, obligations, and restrictions in relation to the confidential information you have shared or accessed through your use of the Website and Services are described in detail in the Terms.
Personal data is information related to a natural person, such as their personal email address, phone number, investment history etc. This Privacy Policy describes the way Dealum processes personal data obtained from the users for the purposes of providing the Services.
As the provider of the Services on the Website, Dealum is the controller of your personal data. Dealum’s contact details are:
Dealum OÜ
Registry code: 14238426
Address: Raekoja plats 16, Tartu, 51004, Estonia
E-mail: support@dealum.com
Please note that each user of the Services on the Website qualifies as an independent controller of the data that is uploaded to the Website by the user. Therefore, a user is responsible for the lawfulness of such processing, and it is the responsibility of the user to ensure that the data is processed in accordance with applicable legislation. First and foremost, the user must make sure that they have a legitimate basis to disclose and process data on the Website. For example, the user must make sure they have the right to publish, share, and export data to other Website users and/or third parties. The owner of the deal room is responsible for ensuring appropriate access controls are in place for sharing the data with their deal room members.
If the user is providing services to other users of the Website, the user might also qualify as a data processor. In such case the processor must follow the instructions of the controller.
Generally, Dealum only collects data that you enter on our Website. When registering a user account and using our Services we may collect or ask you to provide certain personal information.
If you register on our Website as a Founder we collect your name and email address as well as other information you provide by filling in the registration form.
If you register on our Website as an Investor we collect your name and email address as well as other information you provide by filling in the registration form, e.g. location, investment history, and investment strategy overview.
When subscribing to a paid plan we collect billing information.
In the course of using our Services you may provide additional information and/or content by filling out your user profile (e.g. your photo, biography, phone number etc.), application questionnaire (e.g. founder’s background etc.), or communicating with other users on the Website (e.g. comments, votes etc.). Certain personal information provided by you, for example your name, may be made available to other users of the Website.
We use the personal information you have provided for creating and managing your user account, managing your subscriptions, and to provide and improve the Services that are available on the Website. Such processing is necessary for the performance of the contract to which you are a party when you are using our Services or to take steps prior to entering into the contract. Please read our Terms to find out more about different Services and to better understand the purposes of the processing of your personal data.
We may send you e-mails for marketing purposes but only with your consent. You have the right to withdraw your consent at any time. In case you wish to stop receiving e-mails for marketing purposes, please click the unsubscribe button, which can be found at the bottom of such e-mails.
We may also process your personal information based on consent in other cases. For example, if you contact us via our Website to require information about a custom solution for pricing, we ask you to provide us your name, email, phone number, and organization name.
Furthermore, the processing might be necessary for compliance with legal obligations to which Dealum is subject. For example, Dealum is required to organize the accounting and financial reporting.
Dealum will also process your personal data if the processing is necessary for the purposes of the legitimate interests pursued by Dealum (e.g., fraud detection, development of the Services). In every such case, Dealum will consider whether such interests might be overridden by the interests or fundamental rights and freedoms of the data subject.
Dealum may be required to transfer personal data if we are legally bound by such obligation. For example, Dealum might be obligated to disclose personal data to public authorities upon their legitimate request.
We may use or share the collected information in aggregated, anonymous form, which means that the information will not contain any personally identifiable information about you or any other person.
We will retain your personal data only for so long as it is required for the purposes it was collected. This period may extend beyond the end of your relationship with us, but it will be only for so long as it is reasonably necessary for us to have sufficient information to respond to any issues that may arise after the end of your relationship with us. When your personal information is no longer required, we will destroy, delete, or convert it into an anonymous form.
Generally, Dealum will keep your personal information for as long as your user account is active. If your user account is deleted, we may keep your data for the limitation period of possible claims (2 years by default).
Please note that by derogation from the previous your data may be retained longer if other users of the Services have the right to process your data. The data will be retained as long as the other user continues using the Services. All your communication and data entered on the Website shall remain accessible to such users as long as their account is not deleted.
The information contained in the accounting records will be retained for seven years in accordance with the law.
Credit card information is stored on certified credit card service provider servers. We do not retain any credit card information on our servers.
If the data is transferred from the Website’s main data center, we implement appropriate safeguards and means depending on the circumstances of each transfer (e.g. the standard data protection clauses adopted by the European Commission, the EU-U.S. Privacy Shield Framework etc.). We will use technical and organizational measures to safeguard your personal data.
You may at any time request to see, update, or remove your personal information on the Website. However, please note that certain Services cannot be provided after you have removed the information.
You can opt out of receiving promotional communications at any time by following the instructions in those communications. If you opt out, we may still send you non-promotional communication, such as technical notices, support or administrative notifications, or information about your account.
You have the right to receive information about the personal data processed by Dealum, including the categories of data processed, the sources of the data, purposes of processing etc. You are also entitled to receive copies and extracts of personal data processed. You have the right to request the correction or updating of data that is inaccurate.
You have the right to object to processing of your personal data, on grounds relating to your particular situation, if such processing is only necessary for the purposes of the legitimate interests pursued by Dealum.
You have the right to obtain from Dealum restriction of processing or the erasure of your personal data. Dealum will erase your data or implement other measures that result in the data becoming permanently anonymous if:
Dealum will fulfil your request within a reasonable time, but no later than one month after receiving the request.
We may use data subprocessors to process your data. We may store your data in servers hosted by third party cloud service providers. We may additionally disclose your personal information to other third parties if it is necessary for the purposes of providing, maintaining, reviewing, or improving the Services. The full list of third party data subprocessors and the purpose of processing is available on our Website.
We take appropriate technical and organizational measures to ensure any third party processing of your personal information is carried out in accordance with applicable laws. If the data is transferred outside the European Union territory, we implement additional safeguards required by the European Parliament and the Council regulation 2016/679 (GDPR).
Cookies are files with a small amount of data, which may include an anonymous unique identifier.
Cookies are sent to your browser from a web site and stored on your computer's hard drive.
We use cookies to collect information such as to confirm that you are logged in or to compile aggregated data about site traffic and site interactions to offer better site experiences and tools in the future. We may also use third party services that track this information on our behalf. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of the Services.
We endeavor to maintain appropriate physical, procedural, and technical safeguards with respect to our offices and information storage facilities to prevent any loss, misuse, unauthorized access, disclosure, or modification of your personal information.
We further protect personal information by restricting its access to those employees, contractors, advisers, affiliates, and service providers that we determine to reasonably require access to such information for any of the purposes stated in this Privacy Policy.
The Website and Services may provide you access to websites or services owned and operated by third parties. These third party websites and services may have their own privacy policies and are not governed by this Privacy Policy. We are not responsible for the privacy practices or the content of any third party websites or services. Third party websites and services may collect, use and disclose personal information differently than us, so we encourage you to carefully read and review the privacy policy for each third party website and service that you access or use.
If you have any questions related to this policy or in case of any suspected infringement of your privacy, please contact us at support@dealum.com. We’ll try to resolve the dispute by negotiation. However, you also have the right to lodge a complaint with a supervisory authority (Estonian Data Protection Inspectorate, Tatari 39, Tallinn, 10134, Estonia, email: info@aki.ee) or Estonian court.
Any revisions to this Privacy Policy will be posted on the Website. We recommend periodically visiting our Website to review any changes that may be made to this Privacy Policy. If you continue to use our Website and Services, it constitutes your agreement to be bound by this Privacy Policy and any possible changes.