1. What information do we collect?
We collect personal information about you when you use our products or services, or deal with us in some way. We collect your information directly received from you, such as:
- First and last name
- Other information and your private data you deem necessary to submit to us during communication through SmartCredit.io
This includes collecting information when you:
- Contact us – for example, when you subscribe, fill in an application or order form, give us feedback or make a complaint
- Visit our website
The information we collect from you may include:
- Information about your identity — including your name, country, e-mail, and other information and your private date you deem necessary to submit to us during communication through SmartCredit.io
- Information about your actual address and residency
- Financial and transaction information
- When you visit our website —your location information, IP address and any third-party sites you access
- Other personal information, such as details of your interactions with us
When you verify as Individual or Corporate User at SmartCredit.io, we will ask for your name, identification information, contacts, residential address. For more information, please see below:
- Full name, date of birth
- Contact information, mailing address, e-mail address, phone number
- Proof of identity (for ex. passport, driver’s license or other government-issued ID)
- Residence verification information (for ex. Utility bill or similar)
- Additional information for analysis of user activity within the framework of Anti Money Laundering (AML)
- Full legal entity name
- Legal documents (such as the certificate of incorporation, memorandum and/or articles of association, documents confirming authorized person rights and ultimate beneficial owner rights)
- Verification information for legal entity related persons
- Additional information for analysis of user activity within the framework of Anti Money Laundering (AML)
2. How do we collect your information?
- We collect much of the information listed above directly from you when you submit it on our website. This includes information such as contact information, registration information, and service inquiries.
- If you do not want to share your information, you can choose not to participate in a particular service or activity.
Indirect Collection – Cookies and Other Technology:
- Provide you with personalized content based on your use of the Website
- Enable you to more easily use the Website by remembering and using contact information, purchasing information, and registration information
- Evaluate, monitor and analyze the use of the Website and its traffic patterns to help improve the Website and services
- Assist us with ad reporting functions such as to learn which ads are bringing users to the Website
We use the following types of technologies:
- Log Files – Like most standard website servers, we use log files. Log files track Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and the number of clicks. We utilize this information to analyze trends, administer the site, prevent fraud, track website navigation in the aggregate, and gather broad demographic information for aggregate use.
3. How do we use your information?
We are careful about how we use your information. We use it to deliver our products and provide our services. We also use your information for other reasons, such as to better understand you and your needs and to let you know about other products and services you might be interested in. We collect, use, and exchange your information so we can:
- Assess your application for a different issue
- Design, manage, price and provide our products and services
- Manage our relationship with you
- Minimize risks and identify or investigate fraud and other illegal activities
- Contact you
- Improve our service to you and your experience with us
- Comply with laws, and assist government or law enforcement agencies
- Manage our businesses
We shall use the personal data in compliance with the confidentiality and only use and retain such data as far and as long as this is necessary for platform utilization, rendering of services on the platform, and for keeping platform users informed of SmartCredit.io services. This shall include the following purposes, among others:
- Surveillance and improvement of the platform and services rendered by SmartCredit.io
- Verification and authentication of the platform users’ identity
- Creation and operation of platform access
- Prevention or detection of fraud and other criminal offenses or abuse of the platform Creation of anonymous statistics with the help of personal data
- Tailoring of marketing communications to ensure that the most relevant information reaches platform users
4. Disclosure of information
With whom does SmartCredit.io share my information? We may disclose information collected from customers, visitors, and surfers to affiliates, independent contractors, and business partners who may use the information for marketing, advertising, or other uses.
We may also disclose aggregate, individual, or anonymous data, based on information collected from customers, visitors, and surfers, to investors and potential partners or must or may be disclosed to law enforcement authorities in response to a valid emergency disclosure request. Finally, we may transfer information collected in connection with the sale of our product and services. We will not disclose any of your personally identifiable information except when we have your permission or under special circumstances, such as when we believe in good faith that the law requires it or under the circumstances described below.
These are some of the ways that your information may be disclosed:
- Service Providers – We occasionally hire other companies to provide limited services on our behalf, including Website development and operation, sending a postal mail or email, analyzing website use, processing payments, and processing data. We will only provide those companies the information they need to deliver the service, and they are contractually prohibited from using that information for any other reason.
- Data in the Aggregate – We may disclose “blinded” aggregated data and user statistics to prospective partners and other third parties. Blinded data is data that does not identify a person.
SmartCredit.io may share data with the state regulatory organs and other authorities when that is required by the applicable law or the provisions of the AML policy.
The Platform user will be made aware in most circumstances how and with whom their information will be shared.
Every Platform user shall agree with this policy and shall consent to his data being used following the provisions of this policy and the AML policy regarding the analysis of data and disclosure of data.
There are circumstances where the law allowsSmartCredit.io to disclose data (including sensitive data) without the data subject’s consent.
- Carrying out a legal duty or as authorized by the Financial Inspection of Estonia or any other competent legal authority.
- Protecting vital interests of any party, including the Platform user.
- The information was already made public by other third parties.
- For the conducting of any legal proceedings, obtaining legal advice, or defending any legal rights.
- Disclosing data to state authorities under the AML policy to avoid or prevent money laundering.
Any User shall have the right to obtain from the SmartCredit.io the erasure of personal data concerning him or her without undue delay and the SmartCredit.io shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- the personal data are no longer necessary to the purposes for which they were collected or otherwise processed;
- the data subject withdraws consent on which the processing is based (such a withdrawal constitutes that the User understands that the company will be entitled to terminate all cooperation with such a User);
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in the European Union or Member State law to which the SmartCredit.io is subject;
The information may not be removed if the information was gathered:
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation that requires processing by Union or Member State law to which the SmartCredit.io is subject or for the performance of a task carried out in the public interest or the exercise of official authority vested in the SmartCredit.io;
- for reasons of public interest in the area of public health in accordance;
- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes;
- for the establishment, exercise, or defense of legal claims.
- To this end, SmartCredit.io will adhere to the Principles of data protection set by the GDPR and the valid legal provisions of the Estonian personal data protection act.
Specifically, the Principles require that personal information:
- Shall be processed fairly and lawfully and, in particular, shall not be processed unless specific conditions are met.
- Shall be obtained only for the AML policy and shall be processed only to adhere to the risk analysis under the AML policy or to further develop the strategy of the company or to protect the vital interests of the data subject or another natural person, or for the performance of a task carried out in the public interest or the exercise of official authority vested in the SmartCredit.io, or when it is necessary for the legitimate interests pursued by the SmartCredit.io or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a minor.
- Shall be adequate, relevant, and not excessive concerning those purposes.
- Shall be accurate and, where necessary, kept up to date.
- Shall not be kept for longer than is necessary, but for no less than set by the AML policy. The gathered data is processed for the period that is reasonably necessary for the set purpose for which it was initially obtained.
- Shall be processed following the rights of data subjects under the Estonian personal data protection Act and the provisions of GDPR.
- Shall be kept secure by the SmartCredit.io who takes appropriate technical and other measures to prevent unauthorized or unlawful processing or accidental loss or destruction of, or damage to, personal information.
- Shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of Individuals/Service Users to the processing of personal information.
SmartCredit.io will, through appropriate management and strict application of criteria and controls:
- Observe fully conditions regarding the fair collection and use of information.
- Meet its legal obligations to specify the purposes for which information is used.
- Collect and process appropriate information, and only to the extent that it is needed to fulfill its operational needs or to comply with any legal requirements.
- Ensure the quality of information used.
- Ensure that the rights of people about whom information is held can be fully exercised under this policy.
- The right to be informed that processing is being undertaken,
- The right of access to one’s personal information,
- The right to provide information necessary to correct the information, should it be inaccurate.
- Take appropriate technical and organizational security measures to safeguard personal information.
- Ensure that personal information is not transferred abroad without suitable safeguards as set by chapter 5 of the GDPR.
5. Data Collection and Control
Informed consent is when a Platform user or his authorized representative:
- gives his consent by accepting the Terms and Conditions.
- clearly understands why the information is needed.
- understands what it will be used for and what the consequences are should the Platform participant decide not to give consent to the processing.
- As far as reasonably possible, grants explicit consent by registering on the website of SmartCredit.io at onboarding.smartcredit.io and using the Platform by filling out the requested forms.
- Is, as far as reasonably practicable, competent enough to give consent and has given so freely without any duress.
- Has received sufficient information on why their data is needed and how it will be used.
6. Data Access and Accuracy
All Platform users shall have the right to access the information SmartCredit.io holds about them. SmartCredit.io will also take reasonable steps to ensure that this information is kept up to date by asking data subjects whether there have been any changes.
Besides, SmartCredit.io will ensure that:
- Everyone processing personal information understands that they are contractually responsible to follow good data protection practices.
- Everyone processing personal information is appropriately trained to do so.
- Everyone processing personal information is appropriately supervised.
- It deals promptly and courteously with any inquiries about handling personal information.
- It will regularly review and audit the ways it holds, manages, and uses personal information.
- It regularly assesses and evaluates its methods and performance to handling personal information.
- All staff members are aware that a breach of the rules and procedures identified in this policy may lead to proper legal action taken against them.
This policy will be updated as necessary to reflect best practices in data management, security, and control.
The User shall have the right to obtain from the SmartCredit.io restriction of processing where one of the following applies:
- the accuracy of the personal data is contested by the data subject, for a period enabling the SmartCredit.io to verify the accuracy of the personal data;
- the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
- the SmartCredit.io no longer needs the personal data for the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;
- the User has objected to processing pending the verification whether the legitimate grounds of the SmartCredit.io override those of the data subject.
Any User whose data is being gathered and processed under this policy has the right to contact the SmartCredit.io on the following matters:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from the SmartCredit.io rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
- the right to complain to a supervisory authority;
- where the personal data are not collected from the data subject, any available information as to their source.
Any User shall have the right to obtain from the SmartCredit.io without undue delay the rectification of inaccurate personal data concerning him or her.
In case of any queries or questions with this policy, please contact the SmartCredit.io at firstname.lastname@example.org.
7. How do we keep your information safe?
We use multiple security measures to ensure the confidentiality of your information. We aim to only keep your information for as long as we need it. We store your hard copy and electronic records in secure buildings and systems. Access to your personal information is permitted only for SmartCredit.io authorized employees.
When you log in to our Website or apps, we encrypt data sent from your computer to our systems so no one else can access it. We have firewalls, intrusion detection, and virus scanning tools to stop viruses and unauthorized people from accessing our systems. We use Secure Sockets Layered (SSL) technology to ensure that your information is fully encrypted and sent across the Internet securely. Every session requires a password and username for your login into SmartCredit.io.
8. How can you control your personal information?
We offer our customers choices for the collection, use, and sharing of personal information. You may contact us through web-site application form if you wish to edit your private information and we will use commercially reasonable efforts to accommodate your request. If you believe that any inaccurate or inappropriate information has been obtained or provided to others through your use of this website, you should contact SmartCredit.io through web-site form.
9. What security precautions are in place to protect against the loss, misuse, or alteration of my information?
Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. Information that you disclose by use of the Website (as with any site that is non-secure), by posting a message or using e-mail, potentially could be collected and used by others. This may result in unsolicited messages from third parties or use of such information by third parties for their purposes, legal or illegal. As a result, while we strive to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us or from our services, and you do so at your own risk. Once we receive your transmission, we use commercially reasonable efforts to ensure its security on our systems.