Like most companies, Uniborn collects data when you use our App, visit our website or use our services. If you want us to provide our services to you from our website or App or to get more information about it, then sharing your personal data with us is necessary.
We process personal data in compliance with applicable personal data protection laws, including the Regulation of the European Parliament and the Council (EU) 2016/679 (“GDPR”) as well as the Personal Data Protection Act of Estonia.
Uniborn respects your right to control your privacy. It is important for us that you can exercise your rights. Below you will find details on how to do this.
Terms and definitions
Client (“You”) — means any individual or legal entity, who uses or otherwise enters into a legal relationship with Uniborn, or who expressed wish to use the services provided by Uniborn and those, who had used services provided by Uniborn and beneficiaries and representatives, who’s personal data is being processed and transferred in accordance applicable law and internal regulations of Uniborn.
“Consent” of the data subject: Voluntary, specific, conscious and unambiguous statement by which the Data Subject in the form of an application or by explicit consent, agrees with the processing of his/her personal data.
Controller: Natural or legal person, public entity, agency or other body which alone or in cooperation with others determines the objectives and means of the processing of personal data; if the objectives and means of such processing are determined in the law of the Union or the Member State, the specific criteria for the Responsible Processor or for assigning the one may be established in the law of the Union or the Member State;
Data subject: Identified or identifiable natural person whose data is processed;
Personal data: Any information concerning an identified or identifiable natural person (“data subject”); identifiable natural person means a person who can be identified directly or indirectly, in particular on the basis of identifying attribute, including name, personal identification code, location information, network identifier, or on the basis of one or more physical, physiological, genetic, mental, economic, cultural or social characteristics of the natural person;
Processing of personal data: Automated or non-automated operation or set of operations, including collection, documentation, organizing, structuring, storing, customizing and modifying, querying, reading, using, transferring, distributing, or making otherwise available, joining or combining, restricting, deleting or destructing of personal data or set of them;
Processor: Natural or legal person, public entity, agency or other body processing personal data on behalf of the controller;
Profile analysis: Any automated processing of personal data involving the use of personal data for the assessment of certain personal aspects of the natural person. In particular, for analyzing or forecasting aspects related to the performance, financial situation, health, personal preferences, interests, reliability, behaviour, location or movement of the natural person concerned;
Recipient: Natural or legal person, public entity, agency or other body to whom personal data is disclosed, whether or not it is a third party. The public entities which can obtain personal data as a result of specific inquiry in accordance with the law of the Union or the Member State, are not deemed to be recipients; these public entities process such data in accordance with applicable data protection standards in the basis of the processing purposes;
Set of data: Any organized set of personal data from which data can be derived on the basis of certain criteria, regardless of whether the set of data is functionally or geographically centralized, decentralized or distributed;
Third party: Natural or legal person, public entity, agency or body, excluding the Data Subject, Controller, Processor and persons who can process personal data under the direct responsibility of the Controller or Processor.
The controller for your personal information is Uniborn OÜ, registry code 16515953; address: Rotermanni 6, 10111, Estonia, email address: email@example.com
Should you have any questions about how we process your Personal Information, or should You wish to exercise any of your rights as a data subject, You can contact us, using the contact details provided above.
Categories of personal data and purposes for processing
Uniborn may collect the following information about you upon signing up for an account:
First name and last name;
date of birth;
country of residence;
The legal basis for processing the personal data listed in section 4.1. is Article 6(1)(b) in the GDPR or Article 6(1)(f) in the GDPR.
Uniborn may collect the following information to carry out the KYC/AML procedure:
national identity card;
state ID card;
proof of Your address;
declaration about sources of funds and/or sources of wealth;
any other information which Uniborn is required to ask from You based on applicable AML related legal acts.
The legal basis for processing the personal data in section 4.3. is Article 6(1)(c) in the GDPR or Article 6(1)(f) in the GDPR (the legitimate interest of Uniborn to reduce risks related to its customer relations).
We collect information that your browser sends whenever you visit our Service (hereinafter „Log Data“) The purpose of collecting log data is to examine, if necessary, any incidents regarding your account.
This Log Data may include information such as your computer’s Internet Protocol (IP) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.
Disclosure of Personal Data
We do not sell, trade, or otherwise transfer to outside parties your personally personal data unless we provide you with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you. Those parties will sign a confidentiality agreement before personal data is disclosed to them.
The third party includes our KYC partner (Sumsub) who will have the necessary KYC information.
When Uniborn discloses personal data to third parties, Uniborn does this only if there exists a suitable legal basis for the disclosure. Uniborn ensures that all relevant data protection related legal acts are complied with.
In certain cases, Uniborn discloses your personal data to its co-operation partners who are acting as data processors for Uniborn. These can be co-operation partners who are offering accounting, IT support, marketing or other services to Uniborn.
Uniborn has entered into data processing agreements with all data processors. The data processing agreements comply with Article 28(3) in the GDPR.
Uniborn processes Your Personal Data for the following purposes:
to comply with legal obligations and verification of identity, to comply with the law and regulations that regulates the activity of Uniborn;
to provide services, including customer support, to perform the agreements where You are the party or in order to take steps at the request of the Client prior to entering into a contract, or updating the information;
to carry out a compliance checks to comply with applicable law when providing services, performance of the agreement or in order to take steps at the request of the Client prior to entering into an agreement or compliance of a legal obligation, to fulfil transparency requirements, to prevent, discover, investigate and report potential money laundering, terrorist financing;
to manage customer relations in general, to conclude and execute agreements with Client, to keep the Client data updated and correct;
to protect the interests of the Client, to examine the quality of services, to prove transactions and other business communication based on performance of the agreements;
to establish, exercise and defend legal claims, complaints and requests for the purposes of the legitimate interests;
to administrate and perform the concluded agreements;
to protect its (Uniborn) right (e.g. forwarding data to legal advisors, consultants, auditors and dispute settlement authorities);
to provide the access to Personal Account in Uniborn’s App and other platforms that Uniborn uses for providing the services, to improve technical systems, to prevent unauthorized access and misuse of those and to ensure the safety of information;
to send marketing and service information to the Client (upon Client’s consent), which contain research information, information about new products and terms and to offer services and products;
to send information and transfer data to third parties in accordance to part 4 and 5 of the present Principles.
For the purposes listed in clauses 3.1, Uniborn processes the Client Personal Data which is publicly available on the Client (e.g. data received from different search engines as well as from the databases of the state and the local government) and received from third parties, if these have been presented to Uniborn considering the requirements of law.
Sharing your Personal Data within EEA
You hereby acknowledge, agree and consent for Uniborn to disclose your personal data to other parties, located within the EEA, who collect, use, disclose and/or process your personal data for one or more of the above Purposes. Such third parties include:
the companies which raise capital through our website;
other registered users of the website;
third party service providers assisting us in providing services to you;
auditors, legal and financial consultants, or any other entity authorized by Uniborn;
to relevant authorities and regulators, courts (based on a court order or legal process that we receive or are involved in) or other involved entities at their request with the aim of compliance with applicable law and internal regulations of the Uniborn;
credit and financial institutions and intermediaries or other involved entities at their request with the aim of compliance with applicable law and their internal regulations;
any other third parties to whom disclosure by us is for one or more of the Purposes and where such third parties would in turn be collecting and processing your personal data for one or more of the Purposes.
We require all third-party service providers to maintain appropriate technical and organisational measures to meet the requirements of applicable law and protect your rights.
Sharing your personal data outside the EEA
Having the legal grounds, Uniborn has a right to transfer and process Your Personal Data outside the EEA.
If Uniborn sends You Personal Data outside the EEA, the background of the receiver of the Client Personal Data outside the EEA is verified thoroughly, and measures are applied to ensure secure data transmission including, if possible, measures to accord equivalent protection to You Personal Data as those which exist in the EEA, e.g. forwarding data to a country that has adequate level of data protection as decided by the EU Commission, or the recipient is certified under the Privacy shield (e.g. USA).
In the absence of appropriate protection measures, Uniborn is entitled to forward You Personal Data outside the EEA in situations where forwarding the data is, for example, necessary for performing a contract between You and Uniborn.
Your rights as a data subject
You have the following rights as a data subject, considering the relevant conditions stipulated in applicable data protection laws:
right to access – your right to obtain from Uniborn a confirmation as to whether or not Personal Information concerning You is being processed, and, where that is the case, access to the Personal Information;
right to the erasure of your Personal Information (“right to be forgotten”);
right to the correction of any inaccurate Personal Information;
right to the restriction of our processing of your Personal Information;
right to data portability;
right to object to the processing of your Personal Information, including, but not only, to data processing for marketing purposes;
right to withdraw your consent for data processing, in cases where the legal basis for the processing of your Personal Information is your consent;
You may also request the deletion of your Account and Personal Information by sending an email to us at: firstname.lastname@example.org. Uniborn will accept your request only when this is not inconsistent with its legal and regulatory obligations.
In addition to the above, you have the right to file a claim with your local supervisory authority (www.aki.ee) or with a competent court (www.kohus.ee), if You believe that Uniborn has infringed your rights as a data subject.
Decision-making and profiling
The decision to establish a business relationship with You is not based on automated processing of Your Personal Data.
Uniborn may process some of Your Personal Data with the use of automatic processing facilities, in order to assess certain personal aspects relating to You (profiling).
In addition, Uniborn may process Your Personal Data to contact Client, primarily by email and/or by phone, in order to provide You with information concerning products and services that may be of interest to You.
If you no longer wish to receive any marketing or promotional communications, you may always opt out in the communications preference section of your User Account, send us an e-mail or click an unsubscribe link in the e-mail sent to you. If you are having difficulties unsubscribing, please contact us at email@example.com.
Security of personal data
Uniborn aims to protect the security of your information as much as we aim to protect our information and network. Uniborn has implemented appropriate organizational and technical measures to ensure the safety of your personal data.
Accessing or correcting your Personal Information
You can access and change any Personally Identifiable Information we store through your “My Account” page or in Uniborn App.
Uniborn is a community-led platform for sourcing, sharing, syndicating, and amplifying startups.
We are not intended to be a substitute for legal, tax or financial advice.