BENEDIXUS OÜ

Private limited company | Registry code N 14733195

Estonia,  Harju maakond,  Tallinn,  Lasnamäe linnaosa,  Peterburi tee 53-008, 11415

+372-6170484  |  info@benedixus.com  |  www.benedixus.com  |  VAT N EE102164174

Reference id:

7/2020

Date:

05-JUN-2020

Category:

GDPR

Subcategory:

N/A

Confidentiality:

Version:

1.0

Version effective date:

05-JUN-2020

Issued by:

Oleksandr Tseitelman
Management board member

Date of issue:

05-JUN-2020

Approved by:

Oleksandr Tseitelman
Management board member

Date of approval:

05-JUN-2020

Privacy Policy

Version:

1.0

Date:

05-JUN-2020

Author:

Oleksandr Tseitelman
Management board member

Description of change First issued version

This Privacy Policy establishes general principles how Benedixus OÜ (hereinafter Benedixus), registration code 14733195, processes personal data. Specific details on the processing of personal data might be also included in agreements entered or to be entered between the Customer and Benedixus and is reflected in Website www.benedixus.comwww.benedixus.ee and www.benedixus.eu .

Benedixus ensures, within the framework of applicable law, the confidentiality of personal data and has implemented appropriate technical and organizational measures to protect personal data of Customers and to provide transparent data protection rules.

The respective Privacy Policy is applicable if the Customer uses, has used or has intention to use financial services provided by Benedixus, including the relationship with the Customer established before this Privacy Policy enters into force.
Benedixus has the right to make changes to the Privacy Policy at any time by posting them on the Platform, as well as by informing the Customers individually by sending them an e-mail.
Name and Address of the Controller
Controller of personal data proceeded by web-site is:
Benedixus OÜ
Registry code 14733195
Estonia, Harju maakond, Tallinn, Lasnamäe linnaosa, Peterburi tee 53-008, 11415
Categories of Personal Data
 
Personal data categories which Benedixus process are the following:
 1.  identification data such as:  
  • 1.1. first, middle and last name; 
  • 1.2. date and place of birth;​ 
  • 1.3. personal identification code (if applicable);
  • 1.4. identification documents data;
 
       2. contact data such as:
 
  • 2.1. telephone number;
  • 2.2. e-mail address;
  • 2.3. country of residence;
  • 2.4. actual, registered and mail address (if applicable);
  • 2.5. other means of communication declared by person
       3. professional data such as educational or professional career;
 
       4. financial data such as income and liabilities;
 
       5. due diligence data that enables Benedixus to perform its due diligence measures regarding money laundering and terrorist financing prevention, such as origin of funds, information on the purpose and intended nature of the business relationship and whether the Customer is a politically exposed person;
 
       6. data about the Customer’s tax residency such as data about the country of residence, tax identification number, citizenship;
 
    7. communication data collected when the Customer communicates with Benedixus via telephone, visual and/or audio recordings, e-mail, messages and other communication channels, data related to the Customer’s visit at www.benedixus.com
 
Purposes of Processing Personal Data
 
Benedixus processes personal data primarily to:
  • provide services to the Customer. Upon submission of the registration application and registration with the Platform, personal data of the Customer is used to enter into the agreement and create the virtual account to be used to receive the services;
  • manage customer relations in general and provide and administrate access to financial services Benedixus offers;
  • to protect the interests of the Customer and/or Benedixus and examine the quality of services provided by Benedixus and for the purpose of providing proof of a commercial transaction or of other business communication;
  • provide additional services, perform customer surveys, market analyses and statistics. Offer to the Customers the services of carefully selected cooperation partners, including personalized offers, based on consent of the Customer;
  • to comply with legal obligations and verification of identity. To comply with applicable law, prevent, discover, investigate and report potential money laundering, terrorist financing, if the Customer is a subject to financial sanctions or is a politically exposed person;
  • prevent misuse of financial services and ensure adequate provisions of services;
  • to process incoming and outgoing payments.
Profiling, Personalized Offering
 
Profiling refers to the automatic processing of personal data used to assess certain personal characteristics of the Customer. Profiling is used for direct marketing purposes.
 
Benedixus may process personal data to improve the Customer experience of the digital services. Benedixus always ensures that Customers can make their choices and use a convenient tool to manage their privacy settings.
 
Benedixus may also collect statistical data regarding the Customer. Statistical data for creating segments profiles can be collected from external sources and may be combined with Benedixus internal data.
Recipients of Personal Data
 
Personal data is shared with other recipients, such as:
 
  • authorities (such as tax authorities, supervision authorities);
  • credit and financial institutions in order to process incoming and outgoing payments;
  • auditors, legal and financial consultants, or any other processor authorized by Benedixus;
  • third parties maintaining registers (such as credit bureaus, population registers, commercial registers, or other holding personal data);
  • debt collectors upon assignment of claims;
  • courts, out-of-court dispute resolution body and insolvency administrators;
  • other persons related to provision of services of Benedixus such as providers of postal services or analytical services.
 
We note that Benedixus does not transfer Customer’s personal data to third countries.
Storage of Personal Data
 
Benedixus stores personal data of the Customers no less than five years after termination of the business relationship according Money Laundering and Terrorist Financing Prevention Act.
 
If the Customer wishes to delete his/her account and want to use right to be forgotten according to Article 17 of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 “on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC” (General Data Protection Regulation, GDPR) on the website, he/she should notify Benedixus and Benedixus may delete relevant personal data except data related to AML/CFT measures.
 
In accordance with the Estonian accounting and taxation laws, invoice-related information is retained for a period of 7 years as of the end of the financial year when such information was provided to Benedixus.
 
Information on any legal transactions between Benedixus and the Customer may be retained for a period of 10 years as of their provision to Benedixus in accordance with the general limitation period set for civil claims in the Law of Obligations Act of Estonia and General Part of the Civil Code Act of Estonia.
Minors data processing
 
The website is not intended for minors and we do not collect personal data relating to minors. If Benedixus recognizes that we have collected personal data from a child, Benedixus will delete that information as quickly as possible. If you suppose that a child under 13 may have provided us personal data, please contact us at info@benedixus.com
Data Subject’s Right
 
A data subject (a Customer) has the rights regarding his/her data processing that is classified as personal data under applicable law. Such rights are:
 
  • receive information about Customer’s data we process;
  • require personal data to be corrected if it is inadequate, incomplete or incorrect;
  • ask Benedixus to stop or restrict processing, disclosing or enabling access to, delete or close Customer’s personal data the processing of which is not permitted on the basis of law;
  • withdraw his/her consent to process his/her personal data;
  • ask his/her personal data portability;
  • not to be the subject to fully automated decision;
  • lodge complaints pertaining to the use of personal data to the Data Protection Inspectorate, (info@aki.ee, Tatari 39, Tallinn 10134), if he/she considers that processing of his/her personal data infringes his/her rights and interests under applicable law
Contact details
 
If you have any questions, comments, complaints or requests regarding the use of personal data, you can contact us at info@benedixus.com.