The Data Controller
Private Financial Services OÜ, a company registered under the laws of Estonia with registration number 12461485 and having its registered address at Tornimäe tn 7-169, Tallinn, Harjumaa, Estonia, 10145 is the data controller and responsible for your personal data (hereinafter referred to as the “Company” “we”, “us” or “our”).
We have appointed a Data Protection Officer (hereinafter referred to as the “DPO”) who is responsible for overseeing questions in relation to this Policy. If you have any questions about this Policy, including concerns about your personal data or our data collection practices, please contact our DPO via e-mail at email@example.com or via telephone on +372 668 310 8 during office hours.
The terms “personal data” or “personal information” mean any information about an individual for which that person can be identified. It does not include data where the identity has been removed (anonymous data).
The provision of your personal data is not a statutory or contractual requirement. You are not obliged to provide us any personal data and it is your choice whether to provide us or not.
1. INFORMATION WE MAY COLLECT FROM YOU
1.1. Details of your visits of our website and the resources that you access including, but not limited to: traffic data, location information associated with your IP address, device model, browser version and other communication data.
1.2. Information that you provide by filling in forms on our websites, such as when you register to receive information such as a newsletter, when you request information or support from us or purchase a product or service from us. In such cases we also have a legitimate interest to process any personal data submitted in the form as this information is necessary to process and address your request in the way you expect us to.
1.3. Information that you provide via e-mails, telephone, instant messaging, hard copy or any other electronic and non-electronic data sharing method.
2. INFORMATION FROM OTHER SOURCES
We may obtain information, including personal information, from third parties, such as social networks, our partners, advertisers, and Integrated Services. If we combine or associate personal information with information that we collect through other sources, we will treat the combined personal information in accordance with this Policy.
3. SERVICE PROVIDERS
We may provide your personal information to Data Processors – companies that provide services to help us with our business activities such as registering your business or offering customer service. Data Processors are authorized to use your personal information only as necessary to provide these services and only in line with our instructions.
4. COOKIES AND SIMILAR TECHNOLOGIES
Strictly necessary cookies
These cookies are essential in order to enable you to navigate and use certain features. Without these strictly necessary cookies, the online services you have asked for, like saving of your language preferences, cannot be provided. Consent is not required for strictly necessary cookies as they are required for us to provide the services requested by you.
We use Google, Yandex and JivoSite analytics cookies. These cookies are used to collect information about how visitors use our website. The information is collected anonymously, and used to report on the number of visitors, where they have come from, and the pages they have visited. You can find more information about these cookies and processing of data at:
Targeting or advertising cookies
Third-party targeted advertising cookies may be placed on your device by third-party advertisers, ad networks, data exchanges, marketing analytics and other service providers. Third-party targeted advertising cookies collect information about your browsing activity across multiple websites and online services in order to provide you with relevant advertisements on the websites and online services of third parties. Ad networks may share this information with the advertisers using their network. The information collected using these third-party advertising cookies does not identify you personally.
For more information about cookies, read the guidance at https://www.allaboutcookies.org/.
We may send following items to your browser’s memory:
|Analytics||2 years||One of the main advertising cookies on non-Google sites is named ‘IDE‘ and is stored in browsers under the domain doubleclick.net. Another is stored in google.com and is called ANID. We use other cookies with names such as DSID, FLC, AID, TAID, and exchange_uid. Other Google properties, like YouTube, may also use these cookies to show you more relevant ads.|
|Yandex||Analytics||1 year||A Cookie which is contains a unique identifier that is assigned to each browser to track user interaction with the website.|
|Yandex||Analytics||Session||Yandex session cookie|
|Analytics||1 month||These cookies are used to collect website statistics and track conversion rates.|
|Analytics||6 months||The NID cookie contains a unique ID Google uses to remember your preferences and other information, such as your preferred language (e.g. English), how many search results you wish to have shown per page (e.g. 10 or 20), and whether or not you wish to have Google’s SafeSearch filter turned on.|
|Website||System||1 month||The "pfser-cn" cookie is used to show/hide cookie notice bar and turn on/off analytics on the website.|
|Website||System||Session||Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables.|
|JivoSite||Analytics||12 hours||source of the visit to the site|
|JivoSite||Analytics||12 hours||time that proactive invitation appeared|
|JivoSite||Analytics||12 hours||UTM tags indicating the marketing campaign|
|JivoSite||Analytics||12 hours||number of pages viewed by the user|
|JivoSite||Analytics||12 hours||time the visitor to entered the site|
|JivoSite||Analytics||1 year||number of visits to the site|
|Yandex.Metrica||Analytics||1 year||This cookie is necessary for Yandex.Metrics to work. The cookie specifies a randomly generated user ID.|
|Yandex.Metrica||Analytics||1 day||The cookie is used by Yandex.Metrics and determines whether the user has an ad blocker enabled or not.|
|Yandex.Metrica||Analytics||30 minutes||This cookie is necessary for the operation of Yandex.Metrics and determines whether the Webvisor is enabled for a particular user or not. Webvisor is a tool from Yandex.Metrics toolkit which allows to analyse user actions on the site. More about Webvisor|
|Website||System||Used in mobile version only to save a state of contacts bar (whether it should be hidden or not).|
5. USE OF YOUR INFORMATION
We may use the information that you provide to us or that we collect about you for any purpose to which you consent, as well as for the following purposes:
5.1. To process your service requests.
5.2. To notify you about requested service status.
5.3. To provide you with information requested from us relating to our products or services and to provide information on other products which we feel may be of interest to you if you have consented to receive such information.
5.4. To meet our contractual commitments to you.
5.5. To operate, enhance, monitor, improve, or modify our operations, and our other products and services, and to create new products and services.
5.6. To process, track, and deliver entries and rewards in connection with promotions that may be offered from time to time on via mailing.
5.7. To detect, investigate and prevent activities that may be illegal.
5.8. If you are a new customer, we will only contact you or allow third parties to contact you only when you have provided consent and only by those means you provided consent for.
5.9. If you are an existing customer, we may contact you with information about goods and services similar to those which were the subject of a previous sale to you.
5.10. Please be advised that we do not reveal information about identifiable individuals to our advertisers but we may, on occasion, provide them with aggregate statistical information about our visitors such as your area of residence or age group.
6. SHARING YOUR INFORMATION
6.1. We do not sell your personal information to third parties.
6.2. We will not share your personal information with anyone else unless you have consented to this, other than in limited circumstances including the following:
6.2.1. Where our Data Processors perform email delivery, hosting, payment processing, or other services for us or on our behalf.
6.2.2. To the extent that we have a good-faith belief that we are required to do so by applicable law, by a governmental body or by a law enforcement agency, for crime prevention purposes, or in response to a court order, judicial, or other government subpoena, warrant, or request.
6.2.3. Information about our users, including personal information, may be disclosed and otherwise transferred to an actual or prospective acquirer, successor, or assignee in connection with any merger, acquisition, debt financing, sale of assets, change of control, or similar transaction, as well as in connection with an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets. You will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
6.2.4. Where necessary to protect the safety of our users and third parties, to take precautions against liability, to investigate and defend ourselves against any third-party claims or allegations, to protect the security or integrity of our data or any facilities or equipment used to make our website available, to protect our rights or property or the rights or property of other users and third parties (including, but not limited to, enforcement of our agreements), or in other cases if we believe in good faith that disclosure is required by law.
7. STORING YOUR PERSONAL DATA
7.1. We are trying to store as less as possible data about you.
7.2. We are doing our best to avoid this, but we may transfer data that we collect from you to locations outside of the European Economic area for processing and storing. In addition, it may be processed by staff operating outside the European Economic area who work for us or for one of our suppliers. For example, such staff may be engaged in the processing and concluding of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all reasonable steps to make sure that your data is treated securely and in agreement with this Policy.
7.3. Data provided to us is stored on secured servers with 24/7 monitoring. Details relating to any transactions entered into/via our site will be encrypted using adequate ciphers to ensure its safety.
7.4. The transmission of information via the internet is not completely secure and therefore we cannot guarantee the security of data sent to us electronically and the transmission of such data is entirely at your own risk. Where we have given you (or where you have chosen) a key files/certificates to access certain areas of our infrastructure, you are responsible for keeping this keys confidential.
8. THIRD PARTY LINKS
You might find links to third party websites on our websites or inside our communications. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
9. ACCESS TO INFORMATION AND RIGHTS AT LAW
9.1. The Data Protection Regulation (EU) 2016/679 (GDPR) gives you the right to access the information that we hold about you. Please note that any demand for access may be subject to payment of a fee of €59 or more which covers our costs in providing you with the information requested (printing, shipping and handling by courier services, etc). Should you wish to receive details that we hold about you or you consider that our processing of your personal information infringes data protection laws please contact our DPO.
9.2. To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. However, this is not an absolute right. In spite of a request for erasure, we may be justified to keep personal data which we need to keep, e.g. (i) to comply with a legal obligation (for instance, we are required by personal data for VAT reporting purposes); and (ii) in relation to the exercise or defence of any legal claims. When you ask us to delete your personal data, we assume that you do not want to hear from us again. To ensure that we do not send you any special offers in the future, we will retain just enough of your personal data solely for suppression purposes. Other than as described above, we will always comply with your request and do so promptly. We would carry out our best efforts to notify Data Processors – any third parties with whom we have shared your personal data, about your request so that they could also comply. Withdrawal will not affect the lawfulness of processing before the withdrawal.
9.3. You have the right to transfer your personal data from one organisation to another. If you ask for a data transfer, we will give you a copy of your personal data in a structured, commonly used and machine-readable form (e.g. a JSON or CSV file format). We can provide the personal data to you directly or, if you request, to another organisation. Please note that we are not required to adopt our processing systems to be compatible with another organisation, so it may be that the recipient organisation cannot automatically use the personal data we provide. When making a transfer request, it would be helpful if you can identify exactly what personal data you wish us to transfer.
10. OPT-OUT PREFERENCES
We may send you messages about our new services or updates related to services you requested before. Some of these messages are required, for example service-related messages (such as transactional messages or legal notices). Other messages are not required, such as newsletters. We respect your privacy and give you an opportunity to opt-out of receiving marketing communications. Users may opt-out of receiving marketing communications from Private Financial Services by clicking the “unsubscribe” link embedded within the communication you receive. The opt-out list is single and distributed across all our departments.
11. CONTACT US
We welcome any queries, comments or requests you may have regarding this Policy please do not hesitate to contact us via official contact details specified on our website.