1. Introduction
    1. Protection of personal data is very important for us and we take it very seriously. This Privacy Policy, the principles of which Elitium Services OÜ (hereinafter “Elitium”, “We” or “Our”) follows,
      provides detailed information on the personal data collected by Elitium about you, the purposes this data is used for and who has access to the data. Please take the time to read this Privacy Policy and feel free to contact us directly with
      any questions or suggestions concerning the Policy.
    2. Like most of companies, Elitium collects data when you visit our website (http: https://www.elitium.io/) or use our services. If you want to buy our service from our websites or to get more information about it, then sharing your personal data with us
      is necessary.
    3. We process personal data in compliance with applicable personal data protection laws, including the Regulation of the European Parliament and the Council (EU) 2016/679
      (“GDPR”) as well as the Personal Data Protection Act of Estonia.
    4. Elitium respects your right to control your privacy. It is important for us that you can exercise your rights. Below you will find details on how to do this.
    5. Please be aware that we can update our Privacy Policy and in that case we will notify you about the changes. 
  2. Terms and definitions
    1. The Privacy Policy of Elitium (legal name Elitium Limited) is based on GDPR. The Privacy Policy we apply must be clear and understandable to the visitors of our
      websites as well as to our contractual customers and to our partners. In order to ensure that all the parties understand their rights in the same way, we explain the most important terms here.
    2. Data subject: Identified or identifiable natural person whose data is processed;
    3. Personal data: Any information concerning an identified or identifiable natural person (“data subject”); identifiable natural person means a person who can be
      identified directly or indirectly, in particular on the basis of identifying attribute, including name, personal identification code, location information, network identifier, or on the basis of one or more physical, physiological, genetic,
      mental, economic, cultural or social characteristics of the natural person;
    4. Processing of personal data: Automated or non-automated operation or set of operations, including collection, documentation, organizing, structuring, storing,
      customizing and modifying, querying, reading, using, transferring, distributing, or making otherwise available, joining or combining, restricting, deleting or destructing of personal data or set of them;
    5. Profile analysis: Any automated processing of personal data involving the use of personal data for the assessment of certain personal aspects of the natural
      person. In particular, for analyzing or forecasting aspects related to the performance, financial situation, health, personal preferences, interests, reliability, behaviour, location or movement of the natural person concerned;
    6. Controller: Natural or legal person, public entity, agency or other body which alone or in cooperation with others determines the objectives and means of the
      processing of personal data; if the objectives and means of such processing are determined in the law of the Union or the Member State, the specific criteria for the Responsible Processor or for assigning the one may be established in the law
      of the Union or the Member State;
    7. Processor: Natural or legal person, public entity, agency or other body processing personal data on behalf of the controller;
    8. Set of data: Any organized set of personal data from which data can be derived on the basis of certain criteria, regardless of whether the set of data is
      functionally or geographically centralized, decentralized or distributed;
    9. Recipient: Natural or legal person, public entity, agency or other body to whom personal data is disclosed, whether or not it is a third party. The public
      entities which can obtain personal data as a result of specific inquiry in accordance with the law of the Union or the Member State, are not deemed to be recipients; these public entities process such data in accordance with applicable data
      protection standards in the basis of the processing purposes;
    10. Third party: Natural or legal person, public entity, agency or body, excluding the Data Subject, Controller, Processor and persons who can process personal data
      under the direct responsibility of the Controller or Processor;
    11. “Consent” of the data subject: Voluntary, specific, conscious and unambiguous statement by which the Data Subject in the form of an application or by explicit
      consent, agrees with the processing of his/her personal data.
  3. Data controller
    1. Company name: Elitium Services OÜ
      Address: Peterburi tee 47, 11415 Tallinn, Harju County, Estonia
    2. Registry code: 14164797
    3. We can be contacted by e-mail at [email protected] 
  4. Categories of personal data and purposes for processing
    Compliance and regulatory purposes

    1. We may ask you to provide us with documents such as IDs, passports, documents to prove a given address, documents to prove the source of funds/source of wealth), in order
      to comply with regulatory requirements related to the provision of financial services (GDPR Art 6(1)(c)).
      Queries
    2. If you want to buy Elitium’s service from our websites or get more information about it, then sharing your personal data with us is necessary. Queries can be submitted by
      filling the appropriate contact form or by sending us an email.
    3. In order to be able to respond to your queries, we may collect the following personal information: Your name, contact details (e-mail, telephone number), nationality,
      address, information about your economic profile and financial knowledge. 
    4. The legal basis for such processing of the personal data is processing of personal data for the performance of the contract entered into with the data subject, or for
      taking measures prior to the conclusion of a contract in accordance with the data subject’s request (GDPR Art 6(1)(b)). Access to the personal data mentioned above is granted for employees of Elitium. If you submit your query in the contact form,
      your personal data can also be accessed by our IT partner. We implement appropriate technical and organizational measures to ensure safety of the personal data.
    5. After we have responded to your query, we may keep your personal data to facilitate further communication with you. The legal basis for such processing is the legitimate
      interest (GDPR Art 6(1)(f)) of Elitium to ensure fast communication with its customers and other people who have shown interest in our company and its services.
      Providing service to the customers
    6. When Elitium provides service for you or your company, personal data is also processed and therefore sharing of your personal data with us is necessary.
    7. Processing of the personal data of our customers, in particular for preparation, conclusion and performing of contracts and offers. In this purpose, we process the
      following personal data: names, contact details and positions of company representatives. The legal basis for such processing of the personal data is processing of personal data for the performance of the contract entered into with the data
      subject or for taking measures prior to the conclusion of a contract, in accordance with the data subject’s request (GDPR, Sec. 6(1)(b)).
    8. Before entering into a contractual relationship with you, we are required to carry out a know-your-client (KYC) procedure, as this is obligatory due to the relevant
      anti-money-laundering and terrorism prevention related legal acts. For carrying out the KYC procedure, we process the following data about you: copy of identification document (passport or ID), proof of address (copy of utility bill or a
      certificate of residence for the last 3 months), proof of source of funds/proof of source of wealth (bank account statements, tax declaration filings, or similar). The legal basis for the processing of your personal data in this case is Art
      6(1)(c) in the GDPR.
    9. We process the personal data of our current customers during the customer relationship and the personal data of our former customers for 3 years after the end of the
      customer relationship. Elitium has a legitimate interest (GDPR Sec. 6(1)(f)) to be able to defend itself in case of potential legal disputes.
  5. Marketing
    1. For its customers and other individuals interested in receiving direct marketing communications, Elitium wishes to communicate relevant news about its services. If you
      subscribe our newsletter at our websites, we will send you email newsletters about our company’s activities, new services and upcoming events.
    2. In certain cases, when natural persons are concerned, we must ask for the consent of the data subject for sending email marketing communications. If you have not given
      your consent for such processing of personal data, we will not process your personal data for this purpose. Your consent will not expire, but if you no longer want to receive marketing communications, you can conveniently exit from the mailing
      list by using the link (“remove from the list” or unsubscribe”) found at the end of the message. You are also entitled at any time to object the processing of your personal data for direct marketing purposes.
    3. Sometimes, before sending a newsletter, we evaluate the behaviour of our contacts (opening of previous newsletters etc.). This is necessary for sending more
      personalized e-mail communications to you. Elitium has a legitimate interest (GDPR Art 6(1)(f)) to understand the needs and preferences of its contacts to provide more relevant information to them.
  6. CookiesTo the extent any personal information is collected through first-party Cookies, our Privacy Policy applies and complements this Cookie Policy. Personal information collected through a third-party Cookie is subject to the privacy policy of that third party, and not our Privacy Policy.
    1. Essential Cookies
      Essential Cookies enable you to navigate the Site and to use its services and features. Without these necessary Cookies, the Site will not perform as smoothly for you as we would like it to and we may not be able to provide the Site or certain services or features.
    2. Preference Cookies
      Preference Cookies collect information about your choices and preferences, and allow us to remember language or other local settings and customize the Site accordingly.
    3. Social Media Cookies
      Social media Cookies are used to enable you to share pages and content you find interesting on our Site through third-party social networking and other websites. These Cookies may also be used for advertising purposes.
    4. Google Adsense
      Some of the ads may be served by Google. Google’s use of the DART cookie enables it to serve ads to Users based on their visit to our Site and other sites on the Internet. DART uses “non personally identifiable information” and does NOT track personal information about you, such as your name, email address, physical address, etc. You may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy at http://www.google.com/privacy_ads.html
    5. Analytics Cookies
      Analytics Cookies collect information about your use of the Site, and enable us to improve the way it works. For example, Analytics Cookies show us which are the most frequently visited pages on the Site, help us record any difficulties you have with the Site, and show us whether our advertising is effective or not. Analytics Cookies allow us to see the overall patterns of usage on the Site, rather than the usage of a single person. We use information from Analytics Cookies to analyze the Site traffic, but we do not examine this information for individually identifying information.
    6. Google Analytics
      We use a third-party JavaScript plug-in provided by Google called « Google Analytics » to provide us with useful traffic statistics and to better understand how you use our site. We do not have direct access to the information obtained from Google Analytics, but Google provides us with a summary through their dashboard. We may share the information obtained from Google Analytics with business partners who are interested in advertising on our website. The information shared with these business partners will not contain any personally identifying information (Google does not provide us with direct access to the data and therefore we cannot see this information). You can opt-out of having your information collected by Google Analytics by downloading the Google Analytics opt-out browser add-on provided by Google. This will prevent your information being used by Google Analytics. Doing this will not effect your ability to use our Site in any way. You can download the optout browser add-on here. We also honor the Do Not Track header and will not track visitors who have Do Not Track switched on.
    7. Cookie Description Duration Privacy policy
      Google Analytics Google Analytics 1 year, 6 months go to site
    8. Advertising Cookies
      Advertising Cookies are set to manage our advertising. These Cookies collect information about your activities on this Site and other websites to provide you targeted advertising. In the E.E.A. advertising is not personalized or targeted based on your activities.
  7. How to disable or delete cookies
    1. User can disable or restrict storing of cookies on his/her computer. Furthermore, you can delete all the cookies that have been previously saved on your computer. To do
      this, you need to change privacy settings of your web browser. Please note that if you do this, you may need to adjust certain preferences manually every time when you visit the websites, and certain services and features may not work.
  8. Log data
    1. We collect information that your browser sends whenever you visit our Service (hereinafter “Log Data”). The purpose of
      collecting log data is to examine, if necessary, any incidents regarding your account. 
    2. This Log Data may include information such as your computer’s Internet Protocol (IP) address, browser type, browser version, the pages of our Service that you visit,
      the time and date of your visit, the time spent on those pages and other statistics.
  9. Profiling
    1. Elitium can use website visitors’ statistics to analyze the trends and demographics of the website visitors, but Elitium does not create individual profiles of
      visitors.
  10. Disclosure of personal data
    1. We do not sell, trade, or otherwise transfer to outside parties your personally personal data unless we provide you with advance notice. This does not include website
      hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you. Those parties will sign a confidentiality agreement before personal data is disclosed to them. 
    2. When Elitium discloses personal data to third parties, Elitium does this only if there exists a suitable legal basis for the disclosure. Elitium ensures that all
      relevant data protection related legal acts are complied with.
    3. In certain cases, Elitium discloses your personal data to its co-operation partners who are acting as data processors for Elitium. These can be co-operation partners
      who are offering accounting, IT support, marketing or other services to Elitium. Elitium shall sign a data processing agreement with every data processor. The agreement shall comply with Article 28(3) in the GDPR. 
    4. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights,
      property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
  11. Security of personal data
    1. Elitium aims to protect the security of your information as much as we aim to protect our own information and network. Elitium has implemented appropriate
      organizational and technical measures to ensure the safety of your personal data. 
    2. We will not permit any third parties to contact you directly on an unsolicited basis in relation to their own products or services. We do not sell, trade, or rent your
      personal identification information to others. You should never disclose your account password to unauthorized parties. We use certain security measures to help keep your personal information safe, but we cannot guarantee that these measures
      will stop any users try to get around the privacy or security settings on the Website through unforeseen and/or illegal activity.
  12. Your rights as a data subject
    By contacting Elitium by e-mail, you can exercise the following rights, taking into account the applicable restrictions stipulated in relevant data protection related
    legal acts:

    1. The right to view your personal data;
    2. The right to correct your personal data;
    3. The right to delete your personal data;
    4. The right to transfer your personal data;
    5. The right that you will not be judged solely on the basis of automated data processing;
    6. The right to withdraw your consent.
    7. In certain cases, you have the right to demand restriction for processing of your personal data and the right to object processing of your personal data.
    8. You can exercise your rights in accordance with the terms and conditions based on GDPR and other local regulations.
    9. If you believe that your privacy has been compromised, please contact us by the email address below. You also have the right to file a complaint to the data protection
      supervisory authority of the country of your residence. In Estonia, this is the Estonian Data Protection Inspectorate.
    10. This Privacy Policy shall be subject to the laws of the Republic of Estonia. 
    11. With any questions, please feel free to contact us at [email protected].