Privacy Policy

1. Introduction

1. TFGCROWD OÜ (also "we", the "Company", the “Portal Operator”, or "us") protects and respects your privacy, fully implementing and complying with data protection principles and all relevant provisions of the EU General Data Protection Regulation (the "GDPR") and any other applicable data protection laws and regulations.

2. When you (also the “User”) use our services (the “Services”) on our website https://tfgcrowd.com (the “Website”), we collect, use and share your personal data. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

3. This privacy policy (the “Privacy Policy”) applies to our use of any of the personal data that you provide to us or which is collected by us about you.

4. Regardless of the country you access the Services from, reside in, or supply personal data from, your personal data will be collected, transferred, processed, stored, disclosed and otherwise used as described in this Privacy Policy.

5. By using our Services, you agree to this Privacy Policy.

6. Any data protection-related terms used herein (e.g. personal data, processing, controller, processor, etc.) should be understood as defined in the GDPR.

2. Controller of personal data

1. The controller of your personal data will be the Portal Operator:

TFGCROWD OÜ

Registration number: 14278391

Address: Hobujaama tn 4, Tallinn, 10151, Estonia

E-mail: [email protected]

3. Personal data that we collect and process

1. We collect personal data from you directly and from your use of the Website. We are also working closely with privately held third parties (including, for example identity verification agencies, marketing agencies and fraud prevention agencies) and we may receive information about you from them for the purposes of identity verification, marketing and fraud prevention.

2. When you apply to create an account on the Website, we will collect and process the following personal data concerning you:

3. We will use this information for the purposes of processing your application and, if your application is successful, creating and managing your account and providing Services to you. You will not be able to create an account or use our Services without providing this information.

4. Once your account will be created, in addition to the above data, we will also collect and process the following information for purposes of facilitating Services to you and preventing fraud:

4. Fraud and money laundering checks

1. In order to process your application and before we commence providing Services to you, we will need to verify your identity and use the information you provided to create your account to undertake checks for the purposes of preventing fraud and money laundering. This may involve sharing your personal data with fraud prevention agencies. We will continue to carry out these checks on a regular basis while you are a User of the Website.

2. When we and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in preventing fraud, terrorist financing and money laundering via our Website in order to protect our business and other Users of our Website.

3. We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.

4. Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to seven years.

5. As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if:

6. In case by automated means a decision has been made that you pose a fraud or money laundering risk, your access to our Services will be automatically suspended until one of our team reviews the data and makes a final decision.

7. You have rights in relation to automated decision making: if you want to know more, please contact us using our contact details below.

8. If we or a fraud prevention agency determine that you pose a fraud or money laundering risk, we may refuse to provide our Services to you, or we may stop providing existing Services to you.

9. A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us using our contact details below.

5. Automated decision-making

1. Other than the automated processing set out above, we shall not carry out solely automated decision-making using your personal data.

6. When you contact us

1. When you contact us, we will need to collect personal data about you to verify your identity before we disclose any information to you for data security purposes. We will be unable to deal with your query unless you provide the information we request. We may also collect any other personal data you choose to provide to us when communicating with us. We will only use that personal data for the purposes of dealing with your enquiry.

7. Purposes and legal basis for processing your personal data

1. We use your personal data for various purposes connected with your use of your account and Services. We will only do so where we have a lawful basis to do so. We will usually only use your data:

2. The following table provides further information about the purposes for which we use your data, as well as the corresponding methods of collection and legal basis on which we rely for its use:

Purpose

Lawful basis for processing

Creating and managing your account

  • to create your account
  • to administer and manage your account
  • to retain your account profile information

To fulfil our contractual obligations to you in providing the account and Services.

Carrying out due diligence and fraud checks

  • to perform the necessary due diligence on our Users to ensure you are who you say you are, and to reduce the risks of fraud in our system and across our Services and platforms

Our legitimate interests in preventing fraud and money laundering on our Website in order to protect our business and other Users of our Website.

Monitoring your use of the account and Services to detect fraudulent behavior

  • to detect, and prevent financial crime
  • to manage risk for us, you and our other users

Our legitimate interests in preventing fraud and money laundering on our Website in order to protect our business and other Users of our Website.

Assessing financial capability

  • to assess the capability of the User to immediately meet his/her financial obligations under relevant contracts

Our legitimate interests in operating our Services and to protect our business and other Users of our Website.

Facilitating your use of your account and Services

  • to administer your financial transactions (e.g. loans issued, loans received, interest earned etc.)
  • to carry out our obligations arising from any financing agreements you have concluded via the Website
  • to provide details of your transactions
  • to retain records of your transactions
  • to enable the use of our Services and to ensure that the content from our Services is presented in the most effective, safe and secure manner for you and your computer or device
  • to improve your user experience, to provide you with information and marketing materials, for advertising and for statistical purposes
  • for internal operations, including: troubleshooting, data analysis, testing, research and service improvement; and to notify you about changes to our Services

To fulfil our contractual obligations to you in providing the account and Services.

Our legitimate interests in operating and improving our Services to you.

Communicating with you and providing you with customer support

  • to investigate any complaint or query you may have
  • to inform you of important information or any changes to your terms of service
  • to enable us to effectively market investment opportunities to you and any incidental or related services that we consider may be of interest to you

To fulfil our contractual obligations to you in providing the account and Services.

Our legitimate interests in operating and improving our Services to you.

 

Protecting our rights and interests

  • to claim from you any undue payments or other claims, including via lawyers and in court

Our legitimate interest in protecting our rights and interests.

Fulfilling our legal obligations

Our obligation to fulfil our legal obligations.

Sharing data with our suppliers and other third parties (such as verification service providers, credit rating agencies etc.) where required

  • see the section Disclosures of your information section for more information

 

To fulfil our contractual obligations to you in providing the account and Services.

Our legitimate interests in operating and improving our Services to you.

Our legal obligations to comply with regulations that apply to us.

3. Where we require information to comply with legal or contractual obligations, then provision of such data is mandatory: if such information is not provided, then we will not be able to meet obligations placed on us or manage your transactions on our Website. In most other cases (e.g. when processing is based in your consent), provision of requested information is optional, however if you do not provide us the data we need for our legitimate interests, we may not be able to provide you the Services.

4. When the legal basis for the processing of your personal data is our or a third person’s legitimate interest, you have the right to object at any time, on grounds relating to your particular situation by contacting us on the contact details below.

8. Storing your personal data

1. We will retain your personal data for as long as your account is active or as needed to provide our Services. We will retain and use your personal data as necessary to comply with our legal obligations, resolve any actual or potential disputes, and enforce our agreements, which in some cases may involve the collection and processing of financial data and may therefore require a retention period of 7 or 10 years. For example:

9. Disclosure of your personal data

1. We will never disclose your personal data to any third parties without your consent, unless we are required to do so by law or in any of the cases described below.

2. We may disclose your personal data to the following third parties:

3. When the legal basis for the processing of your personal data is our or a third person’s legitimate interest, you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on our or a third person’s legitimate interest by contacting us on the contact details below.

10. Transferring your personal data outside the EEA

1. Your personal data are stored by our third-party data host provider inside the European Economic Area (the "EEA") – in Germany and England.

2. Your personal data may be transferred to and processed outside the EEA by fraud prevention agencies. Whenever fraud prevention agencies transfer your personal data outside the EEA, they impose the standard contractual clauses (Model Clauses) adopted by the European Commission on the recipients of those data in order to safeguard personal data when they are accessed from outside of the EEA. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.

11. Your rights

1. You have all the rights stipulated in the GDPR, including the following:

2. Note that not all rights listed above are absolute and may be restricted for purposes allowed under the GDPR.

3. You can exercise your rights either via the settings on the website or by contacting us on the contact details below.

4. You will not have to pay a fee to access your personal data (or to exercise any of the other rights above). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

5. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

6. We will respond to your queries within one month of receipt of the request. That period may be extended by two further months where necessary, considering the complexity and number of the requests, in which case we will notify you thereof.

7. We encourage you to come to us in the first instance with any complaints, but you are entitled to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or alleged infringement of the GDPR, including the Estonian Data Protection Inspectorate (www.aki.ee).

12. Security

1. You are responsible for keeping your chosen password confidential. During any communication between you and us, we will never ask you to disclose your account password. Remember to never reveal your password to anyone.

2. The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.

3. All personal data are being kept in our secure and firewalled network and servers. SSL encryption technology is used to ensure secure communication between you and us.

4. We shall not permit access of any unauthorized third parties to your personal data and any of our databases containing such data.

5. We shall only permit access to your personal data to a restricted number of our employees who need it for the performance of their duties and who agree to keep the  personal data confidential in accordance with any relevant confidentiality agreements entered into by them while employed by us.

13. Changes to Privacy Policy

1. Our Privacy Policy might be a subject to change. Any changes we may make to our Privacy Policy in the future will be posted on this page. Please check for updates regularly. We will notify you of any material changes via a pop-up on the Portal or by email.

14. Third-party websites

1. Our Services may, from time to time, contain links to and from the third-party websites. Please note that these websites and any services that may be accessible through them have their own privacy policies and we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services. Please check these policies before you submit any personal data to these websites or use these services.

15. Contact

1. Questions, comments and requests regarding this Privacy Policy and the processing of your personal data are welcome by email: [email protected].