DCGRP OÜ, registry code 14660740, located at Sepapaja 6, Tallinn 15551, Estonia (hereinafter "DCGRP", "we", "us" and "our") is providing a solution via website www.digitalcoregroup.com. During the precontractual negotiations and provision of service, DCGRP is collecting and processing customer's personal data as described herein.
The privacy of customer's personal data is important to DCGRP. Therefore, we consider it necessary to inform our customers about data being collected, the purposes of such collection, requirements for retention and rights related to the processing of the personal data.
If the Customer does not agree with any or all terms of this policy or any possible changes to it, then he/she should immediately close the website and cease using the services provided by DCGRP.
1. Personal data being collected
DCGRP processes the following data about the Customer (hereinafter "Personal Data"):
- Data concerning the identification and verification of a person: full name (surname and given name), gender, personal identification code, date of birth, nationality, data concerning whether the Customer is politically exposed, URL of a Portfolio or LinkedIn profile, contact postal address, email, name of the bank where the personal bank account exists, copy of a passport.
- Data concerning payments for DCGRP services and state fees: account number (IBAN), account holder name, bank name; transaction details;
If the Customer chooses to pay for the Service by credit card or by PayPal, his/her payment details are not stored by DCGRP and therefore cannot be accessed by DCGRP.
- Other data obtained by the use of the website or during the provision of service: Customer's correspondence with DCGRP, inquiries submitted via the website, email, social media or chat; Customer's activity logs. See also sections "Cookies and tracking technologies" and "Google Analytics and ads" below.
We may combine the data we collect in relation to the Customer with data that we receive about the Customer from other sources, such as public databases.
2. Purposes for collecting and processing Customer's Personal Data
Personal Data collected by DCGRP is processed for the purposes established in the law or as described herein, including but limited for the following purposes:
- to provide our Service (i.e. for the performance of service agreement);
- to comply with anti-money laundering requirements, and combat fraud;
- to manage, analyse and improve our Service;
- to personalize our Service and the content provided to the Customer;
- to contact the Customer for administrative purposes such as customer service, address technical or legal issues related to the Service provided, or share updates and notifications about the Service;
- to send relevant promotional information to the Customer about DCGRP services and the related offerings by third parties we work with, if the Customer has granted an explicit consent to use his/her personal data for this purpose.
DCGRP shall not use Customer's Personal Data for any other purpose incompatible with the purposes outlined above or required, permitted or authorized by law.
3. Transfer of the Personal Data
DCGRP may transfer Customer's Personal Data to third parties, such as legal and regulatory authorities (e.g. commercial register), accountants, auditors, lawyers and other outside professional advisors; and to companies that provide services to DCGRP (such as banks, IT systems suppliers and support; cloud service provider or other outsourcing providers). DCGRP has taken steps to ensure that these data recipients protect the confidentiality and security of Personal Data, and to ensure that Personal Data is processed only for the provision of services and in compliance with applicable law.
Such third parties may be located in countries outside of the European Economic Area ("EEA") whose privacy regulations may differ and which are not subject to adequacy decisions of the European Commission. In those countries the security of the Personal Data (inc. protection against misuse, unauthorized access, disclosure, alteration or destruction) may not be ensured as it is secured in the European Union, due to the lack of adequate data protection level.
For example, DCGRP may transfer Customer's Personal Data to the US, in which case DCGRP shall ensure that the recipient of the Personal Data is certified in accordance to the EU-US Privacy Shield entered by and between the US Department of Commerce and the European Commission. To learn more about the Privacy Shield program, please visit https://www.privacyshield.gov/.
When transferring collected Personal Data outside of the EEA, DCGRP shall ensure the application of the appropriate safeguards. If the Customer wishes to receive a copy, please contact us as instructed below.
DCGRP will take appropriate legal, organisational, and technical measures to protect Personal Data consistent with applicable privacy and data security laws. Security measures shall be applied in order to protect Personal Data from involuntary or unauthorized processing, disclosure or destruction. Recipients have been made aware that Personal Data may only be used in accordance with the purposes described in this notice.
Customer's Personal Data is only accessible to authorized persons, who are bound by confidentiality obligations.
5. Integrity and retention of the Personal Data
DCGRP will retain Personal Data for the period required or permitted by applicable law, but no longer than it is reasonably necessary in order to achieve the purposes for which the Personal Data was collected.
DCGRP takes reasonable steps to ensure that the Personal Data we process is reliable for its intended use, accurate, and complete as necessary to carry out the purposes described herein.
6. Customer's rights in regarding to the collection of Personal Data
Customer has the right to:
- Request access and/or corrections to Personal Data collected about him/her;
- Have the Personal Data erased, removed and/or transferred from our active files in line with provisions of applicable regulations;
- Request restriction of processing of his/her Personal Data or to object to such processing;
- Receive the Personal Data concerning him/her in a structured, commonly used and machine-readable format where technically feasible;
- Raise concerns about the handling of his/her Personal Data to us;
- Withdraw his/her consent for the processing of personal data, where the Personal Data is being processed on the basis of the consent, without affecting the lawfulness of the processing before the withdrawal.
In order to exercise any rights referred herein the Customer is required to submit a written application to DCGRP. DCGRP has the right to decline this application by justifying the reasons for the refusal.
If Customer considers that his/her rights have been infringed, the Customer is entitled to lodge a complaint with the Estonian Data Protection Inspectorate.
The collection of certain Personal Data referred herein may be required under the law and/or inevitably necessary for the provision of service to the Customers (such as data necessary for the verification of the Customer). Failure to provide data may result in adverse consequences, such as, our inability to comply with our obligations under law. The Customer is welcome to ask for clarifications regarding the obligation to submit any specific Personal Data and also about possible consequences arising from the failure to provide the Personal Data.
7. Cookies and tracking technologies
DCGRP is using automatically collected information and other information collected within its website through cookies and similar technologies for the following purposes:
- Store authentication information and protect Personal Data from third parties;
- Personalize our Service, help remember Customer's choices within the website, understand and save Customer's preferences for future visits;
- Provide customized advertisements, content and information;
- Track Customer's entries, submissions, and status in any promotional or other activities on the Service
- Monitor and analyse the effectiveness of the Service;
- Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future.
Cookies are small text files that a website or its service provider transfers to the Customer's computer hard drive through their website browser (if Customer allows) that enables the website's or service provider's systems to recognize Customer's browser and capture and remember certain information.
Within the website first-party and third-party cookies are in use.
DCGRP may use third-party analytics tools (such as Google Analytics), to help us measure traffic and usage trends for the LeapIN service. Web analytic service providers analyse the usage of the LeapIN website and services so that LeapIN could improve and amend our website/app and function thereof.
The Customer can delete or block cookies through his/her browser settings at any time. However, some cookies might be necessary for the functionality of the LeapIN services and usage of the website. Therefore, the Customer understands that when blocking or deleting the cookies some features within the website might not function correctly. For more general information about cookies please see www.allaboutcookies.org.
8. Google Analytics and ads
DCGRP have implemented the following Google Analytics features:
- Google Display Network Impression Reporting;
- Demographics and Interests Reporting.
We along with third-party vendors, such as Google, use first-party cookies (such as the Google Analytics cookies) and third-party cookies or other third-party identifiers together to compile data regarding Customer interactions with ad impressions, and other ad service functions as they relate to our website.
Customers can set preferences for how Google advertises to them using the Google Ad Settings page. Alternatively, the Customer can opt out by visiting the Network Advertising initiative opt out page or permanently using the Google Analytics Opt Out Browser add on.
We use Google Analytics to measure and evaluate access to and traffic on the public area of our website and create user navigation reports for our website administrators.
We take measures to protect the technical information collected by our use of Google Analytics. The data collected will only be used on a need to know basis to resolve technical issues, administer the website and identify visitor preferences.
9. Commercial Communication
If a Customer receives commercial emails from us, he may unsubscribe at any time by following the instructions contained within the email or by sending an email to [email protected]
The Customer is able to view and modify settings relating to the nature and frequency of promotional communications that they receive from us by accessing the "Settings" section in the restricted area of the website.
The Customer has to be aware that if he/she opts-out of receiving commercial emails from us or otherwise modify the nature or frequency of promotional communications he/she receives from us, it may take up to five (5) business days for us to process the request. Additionally, even after he/she opts-out from receiving commercial messages from us, he/she will continue to receive administrative messages from us regarding the Service.
10. Contact Information
Should the Customers have any questions regarding this policy or processing of Personal Data, they are welcome to contact DCGRP with requests, inquiries or any complaints via email: [email protected]