THE BASICS
MANIMAMA OÜ cares about the privacy of your data and is committed to protecting it. This Privacy Policy explains who we are, how we collect, share and use Personal Data, and how you can exercise your privacy rights. Personal Data is any information relating to an identified or identifiable natural person.
MANIMAMA OÜ processes Personal Data about you as a Client, Opponent, Representative of an Opponent, and so on as part of our client and case management in conjunction with our law firm’s business operations, when you visit our Website https://manimama.eu/, subscribe to our Telegram Channel, and so forth.
We recommend that you read this Privacy Policy in full to ensure you are fully informed. However, to make it easier for you to review the parts of this Privacy Policy that apply to you, we have divided up the document into sections that are specifically applicable to the Clients, Potential Clients, Opponents and Representatives of an Opponent(s), Visitors of the Website, Visitors of the Telegram Channel. Please note that you can combine several statuses, for example, Visitor of the Website and Opponent.
CONTACT INFORMATION
The data controller is MANIMAMA OÜ, a company incorporated under the laws of Estonia under registered number 14803352.
If you have any questions about MANIMAMA’s processing of your Personal Data or you wish to exercise your rights, you are always welcome to contact us:
- Legal and business address: Harju maakond, Tallinn, Kesklinna linnaosa, Pärnu mnt 158/2-88, 11317, Estonia;
- Tel.: +48 731853714
- Email: support@manimama.eu
If you are dissatisfied, you have the right to lodge a complaint with the supervisory authority for data protection issues – Estonian Data Protection Inspectorate (AKI), Tatari 39, Tallinn, 10134, Estonia, (e-mail: info@aki.ee/phone: 627 4135) or a claim to court. We would, however, appreciate the chance to deal with your concerns before you approach the AKI so please contact us in the first instance.
1. CATEGORIES OF PERSONAL DATA, PURPOSE AND LEGAL BASIS OF PROCESSING
1.1. We collect Personal Data from you when you become our Client, respond to a survey or marketing communication, fill out a form on our Website, or in any other circumstance listed in Table #1.
1.2. The types of Personal Data we collect are divided into categories and subcategories. The categories (purposes and legal basis) are following:
1.2.1. Money laundering. In cases where MANIMAMA provides assistance in advising on or performing transactions or opening a Clients’ account on behalf of a Client, there are a number of requirements in the anti-money laundering legislation that MANIMAMA must meet. In order to meet these requirements for the prevention of money laundering and financing of terrorism, we process Personal Data about you:
- national identification number;
- copy of ID (e.g. passport, driver’s license, or the like);
- photo/video with ID;
- company registered number;
- owner and control structure;
- beneficial owners, alternatively the day-to-day management (must be authenticated by identity information).
The legal basis for the processing is Article 6(1)(c) of the GDPR, according to which Personal Data can be processed when necessary for compliance with a legal obligation.
1.2.2. Case management. In connection with case management, MANIMAMA processes various categories of Personal Data. The type of Personal Data processed depends on the nature and context of the case. Case management subcategories of Personal Data are listed in Table #1 below. Please note that in some cases we will not collect all Personal Data types included in the section “Personal Data”, but only those ones which are applicable in every unique case:
Table #1
| CLIENTS’ PERSONAL DATA (you are our Client when you entered with an agreement with us) | |||
| Case | Personal Data | Purpose | Legal Basis |
| Legal advice in the field of cryptocurrency regulation, commercial law, including company law, M&A, tax law, etc. |
| These Personal Data are processed in order to advise our Clients on matters pertaining to particular laws |
|
| Establishing a company for the Client |
| These Personal Data are processed in order to provide registration of the company for the Client, authorization and corporate support to the Client. | |
| Applying for licenses for the Client |
| These Personal Data are processed in order to assist the Client in getting any type of license. The assistance includes making the list of necessary documents, help in developing procedural rules of the company, and support throughout the licensing process. | |
| Opening bank accounts for the Client | These Personal Data are processed in order to provide support on all stages: opening accounts, building the right payment and payout schemes, preparations of documents and going through currency control and financial monitoring. | ||
| Applying for the e-residency card for the Client | These Personal Data are processed in order to apply and get the e-residency card for the Client | ||
| Virtual office service |
| These Personal Data are processed in order to provide your company with daily administrative support and physical facilities requirements without large, ongoing and unnecessary expenses. | |
| Creating a mining farm | |||
| Trading on behalf of Clients, money broking, currency exchange, money remittance, and payment providing | |||
| Unblocking frozen funds and accounts | |||
| POTENTIAL CLIENTS’ PERSONAL DATA (you are our Potential Client when you fill out the contact form on our website, email us or phone us or other way contact us) | |||
| Case | Personal Data | Purpose | Legal Basis |
| Entering the Potential Client in our database, drafting and sending offers |
| MANIMAMA processes Personal Data in order to identify the Client, to add him/her to our database and for further communication |
|
| OPPONENTS AND REPRESENTATIVES OF AN OPPONENTS | |||
| Case | Personal Data | Purpose | Legal Basis |
| Responding/sending to Opponents to inquiries/complaints and other types of legal correspondence |
| MANIMAMA processes Personal Data in order to communicate with Opponents and Representatives of the Opponents in the interests and on behalf of the Client |
|
| VISITORS OF THE WEBSITE (you become a Visitor of our Website when you using our Website [with or without active interaction]) | |||
| Case | Personal Data | Purpose | Legal Basis |
| Providing all Visitors with fully functioning Website |
|
|
|
| VISITORS OF OUR TELEGRAM CHANNEL | |||
| Case | Personal Data | Purpose | Legal Basis |
| Provide Visitors of our Telegram Channel with information that might be interesting to them |
|
|
|
1.2.3. Business operations. In connection with MANIMAMA’s business operations as a law firm, we process Personal Data concerning our suppliers and business partners. The Personal Data we process may include:
– name;
– place of work and contact information; as well as
– information about the relationship and correspondence.
The legal basis is MANIMAMA’s legitimate interests in managing and practicing law (Article 6(1)(f) of the GDPR). In some cases, the legal basis is Article 6(1)(b) of the GDPR, according to which processing is necessary for the performance of a contract to which the data subject is a party.
1.3. Please note that you must provide complete, accurate and correct details and you hereby confirm the details you provided are correct. We may refuse to enter into an agreement with you if you do not provide us with the requested data that is necessary for each activity. If you provide false, incorrect, or outdated information or only partial information, it may impair our ability to contact you.
2. SOURCES OF PERSONAL DATA
2.1. MANIMAMA primarily obtains Personal Data directly from the Clients but may also obtain Personal Data from publicly available sources, public authorities and Opponents (Representatives of Opponents).
2.2. Information for the prevention of money laundering and financing of terrorism is generally obtained from the Client but may also be obtained from public registers.
2.3. We obtain information in connection with marketing from you as a data subject.
2.4. Please note that when you visit our website, you automatically submit information about your activities, usage, etc. on our website to MANIMAMA and third parties (read more in our Cookie Policy and Section 5).
3. PERSONAL DATA RETENTION
3.1. MANIMAMA keeps Personal Data for as long as it is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).
3.2. In connection with client management, case management and legal advice, MANIMAMA generally stores your information for five years from the end of the year in which the case was closed unless otherwise required according to legislation or in case of original documents.
3.3. If no case has been created and we have registered information about you only in connection with creating a possible relationship, we will store your information for up to six months after ending the correspondence.
3.4. Information for money laundering control purposes, etc. is stored for five years after the case is closed pursuant to the money laundering legislation.
3.5. Information about you as a supplier or cooperating partner is stored for up to five years after the end of the year during which the delivery took place or the cooperation was terminated.
3.6. We will erase your Personal Data without undue delay where one of the following grounds applies:
3.6.1. the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
3.6.2. you withdraw consent on which the processing is based and where there is no other legal ground for the processing;
3.6.3. you object to the processing and there are no overriding legitimate grounds for the processing (for example where Personal Data are processed for direct marketing purposes, you shall have the right to object at any time to processing of Personal Data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing);
3.6.4. the Personal Data have been unlawfully processed;
3.6.5. the Personal Data has to be erased for compliance with a legal obligation in Union or Member State law to which the MANIMAMA is subject.
4. YOUR RIGHTS AS A DATA SUBJECT
4.1. Users are afforded certain rights regarding their Personal Data:
4.1.1. the right to contact us for confirmation of whether we are processing your Personal Data and to find out:
4.1.1.1. the purpose of the processing;
4.1.1.2. what categories of your Personal Data we process;
4.1.1.3. to whom we transfer your Personal Data and / or categories of such recipients;
4.1.1.4. the period of storage of Personal Data, or, in the absence of the appropriate opportunity, indicate the exact period – the criteria by which you can determine it;
4.1.1.5. the sources of our obtaining your Personal Data if we did not receive the Personal Data from you.
Most of these questions can be answered in this Privacy Policy;
4.1.2. right to access your Personal Data – you have the right to request from us a copy of your Personal Data that we process. The first copy will be free of charge, and all subsequent copies will be charged a fee sufficient to cover our costs of making them;
4.1.3. the right to object to the processing of Personal Data – you have the right to object to our processing of your Personal Data. You have an undeniable right to object to our processing of your Personal Data for marketing purposes, in particular with the aim of adapting content, recommendations and advertising to your interests. In other cases, we have the right to continue processing your Personal Data if we have legal grounds to do so. If the basis for processing Personal Data is a legitimate interest, we have the right to continue processing Personal Data only if such processing does not violate your right to privacy and protection of Personal Data;
4.1.4. the right to rectify your Personal Data – you have the right to ask us to correct your Personal Data that you believe is inaccurate. If you believe that your data is incomplete, you also have the right to contact us with a request to complete your data by providing us with the missing information. If, based on our purposes for the processing of Personal Data, we do not need such additional information, we can deny you this request;
4.1.5. you have the right to receive your Personal Data that you have provided to us in a structured, commonly used and machine-readable format and you can transfer it to another controller if:
4.1.5.1. processing is carried out on the basis of your consent;
4.1.5.2. processing is carried out using automated means.
It allows you to easily move, copy or transfer Personal Data from one IT environment to another in a secure and reliable way, without interfering with usability;
4.1.6. the right to delete your Personal Data. We have described our policy for retention and deletion of Personal Data in section 3;
4.1.7. the right to withdraw consent to the processing of Personal Data. If the basis for the processing of your Personal Data was your consent, you have the right to withdraw that consent at any time. Such revocation will not affect the legality of the processing prior to revocation. However, this may affect the number of services we can provide to you. For example, if we needed your consent to provide some of the services, then after you revoke it, we will no longer be able to provide you with such services.
4.2. You may exercise any of your rights in relation to your Personal Data by contacting us at email support@manimama.eu. You must note that prior to accessing and making changes to your Рersonal data, we will need to verify your identity properly.
5. DISCLOSURE AND TRANSFER OF PERSONAL DATA
5.1. Your Personal Data is disclosed only in connection with case management and legal advice, and only when MANIMAMA is legally obliged to do so, or when you have given your consent. You can always withdraw your consent by contacting MANIMAMA via the above contact information. Personal Data may be disclosed to the following parties:
5.1.1. the parties to your case;
5.1.2. public authorities, including courts, tax authorities, prosecuting authority, banks, etc;
5.1.3. in connection with auditing;
5.1.4. third party organizations that provide applications/functionality, data processing or IT services to us;
5.2. For verifying the identity of our Clients, we use our internal KYC department and may hire other persons who are relied on is required to comply and actually complies with requirements equal to those established by Directive (EU) 2015/849 of the European Parliament and of the Council, including requirements for the application of due diligence measures, identification of politically exposed persons and data retention.
5.3. For behavior statistics and business intelligence we use the service by Google LLC (“Google Analytics”), a company located in the United States. Personal Data that we may provide to Google Analytics may include your IP address and that data is used by Google Analytics to generate information about your usage of our Website.
5.4. For tracking server errors, we use an internal self-hosted monitoring system accumulating stacktraces, logs and metrics.
5.5. For processing notification information, we use chatbots and e-mail notifications.
5.6. MANIMAMA may transmit Personal Data data to third countries, complying with the requirements set out in the legislation, and by adopting appropriate measures to ensure data security. Where we transfer personal data outside of the EEA to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be under an agreement that covers the EU requirements for the transfer of personal data outside the EEA, such as the European Commission approved standard contractual clauses. The European Commission approved standard contractual clauses are available here.
5.7. Any disclosure of Personal Data is carried out in strict accordance with the requirements of the law. When we disclose your Personal Data to a Third Party, we take all reasonable steps to ensure that those Third Parties are bound by confidentiality and privacy obligations with respect to the protection of your Personal Data. The disclosure is conducted in compliance with legal requirements, including entering into data processing agreements with the relevant Third Parties, to ensure that Personal Data is only processed in accordance with our instructions, applicable law and regulations and for the purpose specified by us and to ensure adequate security measures.
6. SECURITY OF PERSONAL DATA
6.1. We take the security of all the data we hold very seriously. We have a framework of policies, procedures and training in place covering data protection, confidentiality and security and regularly review the appropriateness of the measures we have in place to keep the data we hold secure.
6.2. Our Website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visits as safe as possible. Your Personal Data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.
6.3. Our Website uses an HTTPS protocol that ensures the security of data exchanged via Transport Layer Security (TLS) protocol. The TLS provides three layers of protection: encryption, data integrity and authentication.
7. CHANGES TO PRIVACY POLICY
7.1. This Privacy Policy will be updated on an ongoing basis so that it is always up-to-date. Below you can always find the date of the last updated version of the Privacy Policy.
7.2. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make.
7.3. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.