Privacy Policy

Here you can find all the information regarding the Personal Data Processing principles of Wisefund Capital OÜ.


1.1 Data Subject is a natural person about whom Wisefund has got information or data enabling to identify the natural person. Data Subjects are, for example, the Users or their representatives, Visitors and our cooperation partners, our employees or other related persons of the above-mentioned who are natural persons and whose personal data are held by Wisefund.

1.2 Privacy Policy is this text which sets out the principles for Personal Data Processing by Wisefund. This Privacy Policy does not cover those Users and Visitors who are legal persons.

1.3 Personal Data is any information concerning an identified or identifiable natural person.

1.4 Personal Data Processing is any operation or set of operations which is performed on the Personal Data of a Data Subject.

1.5 User is any legal or natural person that uses or has expressed a desire to use the Services of Wisefund.

1.6 Agreement is the User Agreement, or any other agreement entered into between Wisefund and the User.

1.7 Portal Homepage means the website of Wisefund

1.8 Visitor is any person using the Portal Homepage of Wisefund.

1.9 Services are any services and products offered by Wisefund.

1.10 Cookies are the data files sometimes recorded in the device of a Visitor of the Portal Homepage.

1.11 User Profile a User-registered and password protected individual User’s page on Portal Homepage, available to the User upon registration for the use of Portal Services and management of User’s Sub-Account.

The above words and expressions are used in the meanings set out above in the Privacy Policy, User Agreement and in the communication between the parties.


2.1 Wisefund is the legal person Wisefund Capital OÜ, registry code 14675782, registered address Väike-Ameerika tn 8, Tallinn, Estonia.

2.2 Wisefund may process Personal Data as:

        (1) a controller, while determining the purposes and means of Processing;

        (2) a processor in accordance with the instructions from the controller; and

        (3) a recipient to the extent to whom the Personal Data are transferred.

2.3 This Privacy Policy of Wisefund constitutes an inseparable part of the User Agreement, Terms of Use and other Agreements entered into between Wisefund and the User.

2.4 The Privacy Policy shall apply to the Data Subjects, and the rights and obligations set out in the Privacy Policy shall be followed by all the employees and cooperation partners of Wisefund who come into contact with the Personal Data that are in the possession of Wisefund.


3.1 The objective of Wisefund is to Process Personal Data responsibly.

3.2 All the processes, guidelines, operations and activities of Wisefund that are related to Personal Data Processing are based on the following principles:

        (1) Lawfulness. There is always a legal basis for the Processing of Personal Data, i.e. consent or legitimate interest;

        (2) Fairness. Personal Data Processing shall be fair, while providing a Data Subject with sufficient information and communication on how the Personal Data are Processed;

        (3) Transparency. Personal Data Processing shall be transparent for the Data Subject;

        (4) Purposefulness. Personal Data shall be collected for legitimate purposes that have been established precisely and clearly and shall not later be processed in any manner which is in conflict with these purposes;

        (5) Minimisation. Personal Data shall be adequate, relevant and limited to what is necessary for the purpose of Processing the given Personal Data;

        (6) Accuracy. Personal Data shall be correct and shall be updated as necessary, and all reasonable measures shall be taken to ensure that Personal Data which are incorrect in the light of the purpose of Personal Data Processing shall be deleted or corrected without delay;

        (7) Limit of storage. Personal Data shall be stored in the format enabling the identification of Data Subjects only as long as it is necessary to achieve the purpose for which the Personal Data are processed.

        (8) Reliability and confidentiality. Personal Data Processing shall be carried out in the manner ensuring the adequate security of Personal Data;

        (9) Data protection by design and by default. Wisefund shall ensure that all the systems used shall meet the required technical criteria. The suitable data protection measures have been planned upon the renewal or design of every information or data system (e.g. the information systems and business processes are constructed using pseudonymisation and encryption).

3.3 Upon Personal Data Processing Wisefund shall act with the purpose of always being capable of evidencing the conformity to the aforesaid principles.


4.1 Wisefund collects following types of Personal Data:

        (1) the Personal Data disclosed to Wisefund by the Data Subject e.g.:

                a) first name and surname;

                b) personal identification number;

                c) date of birth;

                d) identity document data;

                e) country of residence;

                f) contact information (such as: email address; telephone);

                g) information on job applicant such as resume;

                h) work position;

                i) photography;

                j) communication language;

                k) bank account(s) information.

        (2) the Personal Data generated as a result of the day-to-day communication between the Data Subject and Wisefund (e.g. email content);

        (3) the Personal Data generated upon consumption of Services and Personal Data generated as a result of visiting and using the Portal Homepage and Wisefund Services:

                a) username;

                b) transaction data, including the User’s invested funds, investments, transactions, incoming payments, claimed disbursements of money, information regarding the concluded assignment agreements, net annual return, selected currency, available funds, accountancy accounts;

                c) financial data (incl. data relative to the origin of user’s funds invested);

                d) time spent on the Portal Homepage and the consumption of Services; IP address; the operating system of a device; browser type; language info; access times; addresses of the websites from which the Data Subject transferred to Wisefund Portal Homepage, network information, time zone settings;

                e) mobile device identifiers such as unique mobile device ID, hardware type, media access control ("MAC") address, international mobile equipment identity ("IMEI"), name of the device;

        (4) the Personal Data received from third persons;

        (5) information Wisefund has collected about the User on its own initiative from legally permitted sources (including via media and internet);

        (6) information collected using Cookies or other similar technologies (see also section 11).


5.1 Wisefund shall Process Personal Data only on legal bases.

5.2 Wisefund shall Process Personal Data on the basis of consent precisely within the limits, to the extent and for the purposes determined by the Data Subject. A Data Subject shall give the consent freely, specifically, informedly and unambiguously, for example by ticking a box on the Portal Homepage.

        (1) Informational materials. Wisefund sends occasionally marketing and products emails based on Users consent. Users or other Data Subjects may withdraw their consent by contacting us

        (2) Feedback. Wisefund does not post any Personal Data relating to its Users Feedback (e.g. feedback content, work position, photography, name), unless we have been given permission to do so by the User. We get in touch with our Users to confirm that they are happy for their Personal Data to be posted on our Portal Homepage before anything is posted to request their permission to do so. Users or other Data Subjects may withdraw their consent by contacting us

5.3 Upon entry into and performance of an Agreement, Personal Data Processing may be additionally provided for in the specific Agreement, but Wisefund may Process Personal Data for the following Purposes:

        (1) in order to take steps at the request of the Data Subject prior to entering into the Agreement;

        (2) to identify the User to the extent required by due diligence or by law. Contact information, transaction data, communication data is used and date of conclusion of an Agreement data is used.

Identification of the User and verification of the Users identification document is carried out via a verification portal developed by Wisefund, which processes the Users data and the due diligence data. During this process, the User submits a photo of self with visible User’s face and identification document to the verification portal using the secure file upload system. Uploaded files are stored on a secure encrypted environment;

        (3) conclude and fulfill the Agreement e.g. to perform the obligations to the User regarding the provision of its Services;

        (4) to ensure cash deposits and withdraws, send daily summaries and notices about deposits;

        (5) to communicate with the User this includes sending confirmations, invoices, updates, technical notifications, security alerts, support and administrative messages; Users will receive an automatic welcome email necessary to complete their registration process;

        (6) to ensure the performance of the payment obligation of the User;

        (7) to submit, realise and defend claims.

5.4 For the entry into an employment agreement the Processing of the Personal Data of a job applicant by Wisefund based on the entry into the agreement and legitimate interest shall include:

        (1) Processing of the data submitted by the job applicant to Wisefund for the purpose of entering into an employment agreement;

        (2) Processing of the Personal Data received from the person indicated as the referee by the job applicant;

        (3) Processing of the Personal Data collected from state databases and registers and public (social) media.

In case a job applicant is not selected, Wisefund shall store the Personal Data collected for the entry into an employment contract for one year in order to make a job offer to the job applicant in case a suitable position becomes vacant. When one year has passed after the submission of a job application, the Personal Data of the job applicant who was not selected shall be deleted.

5.5 Legitimate interest means the interest of Wisefund in the management and direction of its business in order to be able to offer the best possible Services on the market and improve the Products of Wisefund. In particular, Personal Data Processing may take place on the basis of a legitimate interest for the following purposes:

        (1) for ensuring a trust-based relationship with a User, e.g. using Personal Data Processing that is strictly necessary to determine the ultimate beneficiaries or to prevent fraud;

        (2) for the administration and analysing the User base to improve the availability, selection and quality of Services and products, and to make the best and more personalised offers to the User upon the User’s consent;

        (3) for the identifiers and Personal Data collected upon the use of Portal Homepage and Services. Wisefund shall use the collected data for web analysis, for ensuring and improving the functioning, for statistical purposes and for analysing the behaviour and using experience of Visitors and for providing better and more personalised Services;

        (4) for the organisation of campaigns, including organisation of personalised and targeted campaigns, carrying out User and Visitor satisfaction surveys, and measuring the effectiveness of the performed marketing activities;

        (5) for monitoring of the service. Wisefund may record the messages and instructions given in its premises as well as by means of communication (email, telephone, etc.), as well as information and other operations carried out by Wisefund, and shall use those recordings as needed to evidence instructions or other operations;

        (6) for network, information and cyber security considerations, for example for fighting against piracy and for ensuring the security of the Portal Homepage, as well as for the measures taken for making and storing backup copies;

        (7) for corporate purposes, in particular for the financial management;

        (8) for receiving feedback;

        (9) for targeted advertising online, form which Data Subject can opt-out (see section 12: Important Documents, Guidelines and Procedures);

        (10) for the establishment, exercise or defence of legal claims.

5.6 For performing a legal obligation, Wisefund shall Process Personal Data to perform the obligations set forth by law. Legal obligations derive, for example, from adhering to the rules of payment processing and prevention of money laundering. E.g. Wisefund processes the User’s KYC procedure, including, due diligence data, communication data, contact Information and information specified by the User in the User’s questionnaire.

5.7 In case Personal Data Processing is carried out for a new purpose, different from those for which the Personal Data were originally collected, or is not based on the consent given by the Data Subject, Wisefund shall carefully assess the permissibility of such new Processing. In order to determine whether the Processing for the new purpose is in compliance with the purpose for which the Personal Data were originally collected, Wisefund shall take into consideration, inter alia, the following:

        (1) any link between the purposes for which the Personal Data were collected and the intended further purposes Processing;

        (2) the context of collecting the Personal Data, in particular regarding the relationship between the Data Subject and Wisefund;

        (3) the nature of the Personal Data, in particular whether any special categories of Personal Data, or Personal Data related to criminal convictions and offences are processed;

        (4) possible consequences of the intended further processing for the Data Subjects;

        (5) existence of appropriate protection measures which may consist in, for example, encryption and pseudonymisation.


6.1 Wisefund and its cooperation partners process the Data Subject’s personal data within the European Economic Area (hereinafter – EEA). Wisefund does not disclose any personal data to state authorities or third parties without a legal basis.

6.2 Wisefund cooperates with third persons or is obligated to disclose data to third persons. Wisefund might disclose Personal Data based on legitimate interest, Agreement or legal obligation to the entities specified below:

        (1) to a person related to the fulfilment of commitments arising to Wisefund from the Agreement (including to communications service providers, payment intermediaries, credit institutions, IT service providers, etc.);

        (2) to outsourced service providers that Wisefund has engaged in the provision of services arising from the Agreement, insofar as such information is necessary for the performance of functions delegated to them;

        (3) to the companies binned legally to Wisefund, either Wisefund parent company or its governing enterprise and any enterprises dependent on the governing enterprise, other companies or enterprises, which directly or indirectly have obtained a significant share in the share capital of Wisefund or in which Wisefund has obtained direct or indirect participation, insofar as such information is necessary for the performance of functions delegated to them;

        (4) upon handing over (transferring) a claim to third parties;

        (5) to a third party, who is taking debt collection steps to recover debt from the User (such as debt collectors, lawyers, court bailiffs, insolvency administrators, etc.);

        (6) to the Loan assignor, with whom the User is binned by Loan and/or Assignment agreement, and in some cases, to the Borrower;

        (7) to Wisefund legal, accounting, or auditing service providers, ensuring that the said persons have undertaken not to divulge such information;

        (8) in the cases specified by law, Wisefund is obligated to disclose the User’s personal data to state authorities;

        (9) Wisefund may share Personal Data when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding;

        (10) Wisefund related companies (parent and subsidiaries) and Wisefund shareholders to the extent that such information is needed to carry out the functions they are entrusted;

        (11) To Affiliated Company to the extent necessary for the purpose of Clause 7.16 of the User Agreement.

6.3 Transfers. Wisefund shall transfer Personal Data outside of the EEA only if there is a legal basis such as:

        (1) if there is sufficient protection in the respective country;

        (2) if protection measures have been agreed upon (e.g. standard data protection clauses);

        (3) the Data Subject has given a clear and informed consent for such transfer.


7.1 The data that we collect from the Data Subject will be transferred to and stored at a destination inside the EEA. Personal Data provided to us is stored securely on our servers or servers of our partners. The information provided is encrypted.

7.2 Wisefund shall store the Personal Data strictly only for the minimum period required. All User related information including Personal Data that is collected, is stored as evidence confirming the identity of the User, conclusion of the Agreement, transactions made and fulfillment of the Agreement and is kept until the fulfillment of the Agreement, the data is no longer necessary to provide Services, the data storage time-frame or limitation period for legal proceedings established by the laws and regulations of the Republic of Estonia expires, whichever occurs later.

7.3 The Personal Data with an expired storage period shall be destructed.

7.4 Users are responsible for keeping their password secret and should be careful to log out of their User Profile after they have finished any given session, especially if they are using a public computer.

7.5 Unfortunately, the transmission of information via the internet is not completely secure. Even though Wisefund will do its best to protect your Personal Data, we cannot fully guarantee the security of your data transmitted to us; therefore, transmission is at your own risk.

7.6 If a User has any reason to believe that their interaction with us is no longer secure (for example, if they feel that the security of their User Profile might have been compromised), they should notify us of this problem immediately by contacting us via Once we have received your information, we will use procedures and security features to try to prevent unauthorised access.

7.7 The access to Personal Data within Wisefund is limited to those employees who have a good business reason to access or know this information, including Wisefund verification process managers, accountants, and legal department.

7.8 In case of an incident related to Personal Data, Wisefund shall take all necessary measures to mitigate the consequences and hedge any relevant risks in the future. Inter alia, Wisefund shall register all the incidents and shall inform the Data Protection Inspectorate and the Data Subject directly (e.g. by email) or in public (e.g. via the news) in prescribed cases.


8.1 Rights related to consent:

        (1) Data Subject will always be entitled to inform Wisefund about his or her wish to withdraw the consent for the Personal Data Processing;

        (2) You will be able to change and withdraw your consents given to Wisefund by contacting Wisefund. However, this will not affect the lawfulness of any Processing carried out before you withdraw your consent. Wisefund reserves the right to request additional information from the User in order to verify the identity of the person, who has sent the request, and to protect the User’s data from being disclosed to unauthorised persons.

        (3) For withdrawing consent regarding Cookies please manually delete all Cookies from your browser.

8.2 A Data Subject has also the following rights upon Personal Data Processing:

        (1) Right to receive information i.e. the right of a Data Subject to receive information regarding the Personal Data collected about him or her.

        (2) Right of access to data. The Data Subject has the right to access the personal data free of charge. However, if the Data Subject’s requests are manifestly unfounded or excessive, Wisefund retains the right to charge a reasonable fee or to refuse to act on the request. The Data Subject is entitled to receive information on whether or not Wisefund Processes the User’s personal data, and, if Wisefund Processes said personal data, request a copy of the User’s personal data undergoing Processing.

        (3) Right to rectification of inaccurate Personal Data. A Data Subject will be able to request the correction of inaccurate data or correct it via its User Profile, but Wisefund may retain a copy of the unrevised information. Wisefund may need to verify that the amended Personal Data is true and accurate.

        (4) Right to erasure of data i.e. in certain cases a Data Subject will be entitled to demand the deletion of Personal Data, for example if the Processing is carried out only on the basis of a consent. Wisefund reserves the right to reject the request to erase the User’s personal data if there is a legitimate legal ground for doing so, for example, to comply with a legal obligation which requires Processing, to establish, exercise or defend legal claims, or for statistical purposes, providing appropriate technical and organisational security measures.

        (5) Right to demand restriction of Personal Data Processing. This right is created, inter alia, in case the Personal Data Processing is not permitted under law or if the Data Subject challenges the accuracy of the Personal Data. Data Subject will be entitled to demand the restriction of the Personal Data Processing for a period enabling the processor to check the accuracy of the Personal Data or if the Personal Data Processing is unlawful, but the Data Subject does not request the deletion of the Personal Data.

        (6) Right to data portability i.e. a Data Subject shall have, in certain cases, the right to receive the Personal Data in a machine-readable format, and to take these data along or transfer them to another controller.

        (7) Rights related to automated Processing mean, inter alia, that a Data Subject will have the right to object, on grounds relating to his or her particular situation, at any time to Processing of Personal Data concerning him or her, based on automated decision-making;

        (8) Right to the assessment of a supervisory authority on whether the Processing of the Personal Data of the Data Subject is lawful;

        (9) Compensation for damage when there has been a violation of Data Subject’s rights for which Wisefund is liable.

8.3 Wisefund Services may, from time to time, contain links to and from the third-party websites. Please note that these websites and any services that may be accessible through them have their own privacy policies and we do not accept any responsibility or liability for these policies or for any Personal Data that may be collected through these websites or services.

8.4 Once Wisefund receives a Data Subject’s request to exercise any of the rights listed above, Wisefund will review the User’s request and provide a response without undue delay and in any event within 30 days of receipt of the request. This time period may be extended if the User’s request is complex or if due to the amount of received requests Wisefund cannot prepare a reply within the previously set time limit. In this case Wisefund informs the User about the extension of the time limit for preparing a reply to the User’s request and indicates the specific term for preparing a reply.


9.1 Exercising of rights. Data Subject will be entitled to address Wisefund using the contact details set out in section 12 in case of any question, request or complaint related to Personal Data Processing.

9.2 Filing of complaints. Data Subject will be entitled to address a complaint to Wisefund (, to the Data Protection Authority or to a court.

The contact details of Estonian Data Protection Authority are available on their website here; postal address: 9 Tatari St., Tallinn, Estonia; telephone (from abroad add +372) 627 4135, email:


10.1 Wisefund may collect data regarding the Visitors of the Portal Homepage by using Cookies or other similar technologies (e.g. IP address, equipment information, location information) and Process these data.

10.2 Wisefund uses the collected data:

        (1) to enable the provision of the Service in accordance with the habits of a Visitor or User (and its users);

        (2) to ensure the best Service quality; to inform the Visitor and User about the contents and give recommendations;

        (3) to update advertisements and make marketing efforts more efficient;

        (4) for counting the Visitors and recording their using habits.

10.3 Wisefund uses session Cookies, persistent Cookies and advertising Cookies.

A session Cookie is deleted automatically after every visit; persistent Cookies shall remain upon repeated use of the Portal Homepage, and advertising Cookies and third-party Cookies are used by the websites of the partners of Wisefund which are connected with the Portal Homepage of Wisefund. Wisefund does not control the generation of those Cookies, therefore information on these Cookies can be obtained from third persons. Further information on Cookies is available in the explanatory materials (see section 11.1.2: Important Documents, Guidelines and Procedures).

10.4 Most of the web browsers allow Cookies. However, some Services may not function properly if the User or Visitor disables Cookies The allowing or prohibiting Cookies and other similar technologies shall be under the control of a Visitor via the settings of the Visitor’s own web browser, settings of the information society service and platforms for making such privacy more efficient (see section 11.1.2: Important Documents, Guidelines and Procedures).


11.1 The Privacy Policy of Wisefund shall be implemented on the basis of the following documents, guidelines and procedures:

        (1) User Profile, through which a Data Subject will be able to access to his or her Personal Data held by Wisefund, correct and change them, and exercise other rights deriving from law and this Privacy Policy;

        (2) Here you can find links to the following webpages Your Online Choices; About Ads; Network Advertising i.e. the platforms of controlling and monitoring of Cookies and other web technologies, where Data Subjects themselves can change and control how their Personal Data are used and collected.


Regarding Personal Data issues, Wisefund can be contacted via email


13.1 Wisefund will be entitled to unilaterally amend this Privacy Policy. Wisefund shall inform Data Subjects about amendments on the Portal Homepage of Wisefund, via email or by other means.

13.2 Any version of the Privacy Policy that is published on the Portal Homepage replaces all previous versions of the Policy and takes effect immediately upon posting or from the effective date as indicated

13.3 The latest amendments and entry into force of the Privacy Policy:

Publication 15.04.2019
In force for Visitors and Users 15.04.2019
Main modifications: New full version of the Privacy Policy