1.1. Personal data is any information relating to a natural person which enables the person to be identified. To provide its services, the portal needs to collect information about the user, including:
• information to identify and contact the person (such as name, date of birth, email address, telephone number, postal address);
• information concerning the transactions and other activities of the user (details of payments, applications, agreements and other data concerning the use of the services provided by the portal);
• information concerning the use of the account (login and password details, IP address and other data concerning the use of the account);
• registered communication with the portal (such as recommendations, comments, requests, inquiries, either submitted through the portal, using e-mails or phone calls).
Processing of personal data
2.1. Processing of personal data means any operation which is performed upon the personal data, including but not limited to collecting, recording, retention, arrangement, use, amending, delivering, disclosure and deleting of user’s personal data by the portal operator. Whether automated or not, all above mentioned activities are deemed as processing of personal data.
2.2. The controller of the processing of the personal data will be the portal operator IUVO Group OÜ.
2.3. The portal operator keeps a database about the users’ personal data and other information which primarily reflect the following personal data of the users:
• First name and surname;
• Date of birth;
• Residence and/or location;
• Communication means (phone, e-mail, etc);
• Communication language;
• Bank account information;
• Data of identity document;
• User’s portal user data (log-in data, beginning and end of registration in the portal, etc.);
• Other information the user has delivered to the portal operator, or which the portal operator has collected at its own initiative from the sources permitted by legislation (incl. via media and Internet);
• Information about the agreements of the user entered into via the portal.
2.4. The portal operator may process other user related information if there is a justified need for it regarding the performance of the agreements and if processing of such data does not contradict the law.
2.5. The moment the user has registered himself or herself as the user of the portal is deemed as giving consent by the user to the portal operator to process personal data (including transfer and disclosure of user’s personal data) described in these terms and conditions.
The purpose of processing personal data
3.1. The portal operator processes the personal data with the goal to ensure the welfare of the users, perform the agreements entered into with and/or between the users and adhere to the requirements prescribed to the portal operator by the law.
3.2. The main goals of the portal operator in connection with processing of user’s personal data are as follows:
• To ensure the identification of the user;
• To ensure immediate due performance of the contractual financial duties;
• To enable the portal operator to deliver to the user the portal operator’s products and related promotional materials and/or notices, also the products and/or promotional materials and/or notices of the persons belonging to the same Group with the portal operator or third party cooperation partners of the portal operator if the user has given his or her prior consent to the portal operator;
• To analyse the user satisfaction and preferences towards the products and services of the portal operator and persons belonging to the same Group with it to enable more effective product and service development and marketing activities.
3.3. The portal operator is entitled to process user’s personal data also for other purposes if they are necessary for performance of the obligations provided by the law or if such goals are justified for performance of the agreements entered into with and/or between the users.
General principles of processing of personal data
4.1. Portal operator processes user’s personal data fairly, in a manner and to the extent provided for by the law.
4.2. The portal operator and its employees apply all diligence and security measures required by the law at processing user’s personal data to ensure that it is only done for a purpose and to protect user’s personal data against inadvertent or unauthorised use, disclosure or destruction.
4.3. The portal operator enables access to the user’s personal data only to
• its employees with whom a non-disclosure agreement is concluded;
• a third person, who processes the data on behalf of the portal operator, with whom a non-disclosure agreement is concluded.
The portal operator excludes access of the unauthorised third persons to user’s personal data and database of the portal operator containing such data.
Transfer and disclosure of personal data
5.1. The portal operator is entitled to transfer user’s personal data in accordance with the user terms and the law, primarily to:
• The third persons who fulfil any of the processing assignments of the portal operator;
• Credit institutions for identification of the user, if needed;
• Persons whose economic or professional activity includes provision of service of collection of debts and other related services for collection of contractual debt(s) of the user;
• Other users to facilitate the conclusion and performance of agreements between the users;
• Persons to whom the portal operator is obliged to transfer user’s personal data based on the law;
• Person providing the accounting services to the portal operator, also the persons providing legal assistance in connection with agreements entered into with or between the users.
The portal operator is entitled to transfer user’s personal data to the third persons in any other case only when there is justified interest for ensuring the performance of the agreements entered into with or between the users and transfer of information to such person does not contradict the law.
5.2. If the user has separately given such consent to the portal operator, the portal operator is entitled to transfer user’s personal data (primarily the user’s name and e-mail address) to the persons to who the portal operator has assigned a duty to market and promote portal operator’s products to the user.
5.3. In case of financial debt(s) from the agreement(s) entered into by the user via the portal, the portal operator is entitled to disclose user’s personal data (primarily the name, personal identification code/business ID, amount of debt) in a manner, by procedure and via channels not prohibited by the law. If the law prescribes the consent of the user for disclosure of the personal data, it is deemed that the user has given such consent to the portal operator with registration.
5.4. Based on the agreements entered into/to be entered into, the portal operator agrees to oblige all third persons to whom user’s personal data are transferred to process user’s personal data only and exclusively for the purposes prescribed above as well as in the user terms.
User rights and obligations in connection with processing of the personal data
6.1. The user agrees to transfer to the portal operator the required personal data described in these terms and conditions, which must be correct, valid and complete.
6.2. The user agrees to inform the portal operator immediately about the changes in the personal data, also about incorrectness or invalidity of personal data by delivering the portal operator also the correct and valid personal data to replace the incorrect and/or invalid ones.
6.3. The user shall be fully responsible for his or her correct and valid personal data during the use of the portal.
6.4. The user is entitled to demand information from the portal operator at any time about the personal data collected by the portal operator about him or her, also about the persons to who the portal operator has delivered the user’s personal data. For that, the user submits relevant application in a format which can be reproduced in writing to the portal operator. The portal operator performs the application within five (5) working days from receiving the application from the user. The portal operator is entitled to refuse from transfer of the above specified information in cases and extent provided by the law.
6.5. The user is entitled to demand termination of the processing of the personal data by the portal operator, and the portal operator is obliged to terminate processing of user’s personal data if the user has duly performed all obligations of the agreements entered into with the portal operator and/or another user and the user’s agreements entered into with the portal operator and/or other user are terminated.