Dives Enterprises | Privacy Policy

Dives Enterprises Holdings OÜ interchangeably as (“Dives Enterprises,” “we,” “us,” or “our”).

This Privacy Policy explains how Dives Enterprises collects, uses, shares, and protects personal data of clients, vendors, employees/representatives, and other individuals (“you,” “your”). It applies to all interactions, including services, transactions, website usage, and other communications with Dives Enterprises Holdings OÜ and its subsidiaries (collectively, “Dives Enterprises Holdings”).

1. Controllers and Joint Controllers

Controller: The entity you engage with (e.g., Dives Enterprises Holdings OÜ or a specific subsidiary) determines the purposes and means of processing your personal data.
Joint Controllers: Where two or more Dives Enterprises entities jointly decide how your personal data is processed, we act as joint controllers under GDPR Article 26. In such cases, we will provide information on each controller’s responsibilities and how to exercise your rights.

2. Data Subjects Covered

This Policy applies to:

Clients and Investors – Individuals investing in or receiving services from Dives Enterprises.
Vendors and Suppliers – Individuals providing goods or services to Dives Enterprises.
Employees, Representatives, and Agents – Individuals acting on behalf of clients, vendors, or Dives Enterprises itself.
Other Individuals – Beneficial owners, third-party contacts, or prospective clients whose data we process indirectly.

3. Personal Data We Collect

We collect and process personal data and special categories of personal data (GDPR Article 9) for legitimate business purposes, legal obligations, or with consent.

Examples include (non-exhaustive):

Category	Examples
Contact Data	Email, phone, address
Financial Data	Bank account details, transaction history, payment records
Professional Data	Employer, job title, qualifications
Profile & Data	Preferences, service usage, account details
Technical Data	IP address, browser type, device information
Security Data	Access logs
Special Categories of Data (SPI)	Race, ethnicity, religious beliefs, health data, political opinions, biometric data etc. (only when applicable & with consent or where it is legally mandatory)
Other Sensitive Data	Criminal convictions, dietary or disability information where legally required

Sources of Data:

Directly from you (forms, applications, communications).
From your organization (if you are a representative).
Public sources (social media, professional profiles).
Third parties (credit agencies, background check providers).
Automated collection (website cookies, online service usage).

4. Purpose and Legal Basis for Processing

We process personal data based on one or more lawful bases under GDPR (Articles 6 and 9).
Find more about processing of personal data here.

5. Sharing and Disclosure of Personal Data

We may share your personal data with:

Other Dives Enterprises entities.
Professional advisors, auditors, consultants, IT or platform providers.
Regulatory authorities, courts, or law enforcement where required.
Prospective buyers or merger partners in business transactions.
Credit reference agencies, AML/KYC verification providers.
Subprocessors acting on our behalf (e.g., cloud or IT service providers).

Data Minimization: Only necessary data is shared for the intended purpose.

6. International Transfers

Personal data may be transferred outside the EEA (e.g., USA, India, Singapore) for business operations. Safeguards include:

EU Commission-approved Standard Contractual Clauses (SCCs).
Adequacy decisions where applicable.
Binding Corporate Rules (BCRs) for internal transfers.

7. Retention

We retain personal data only as long as necessary to:

Fulfill the purpose of collection.
Comply with legal, regulatory, accounting, or reporting obligations.
Defend or establish legal claims.

Note: Our detailed internal Data Retention Schedule specifies the retention periods applicable to each data category and processing activity. A summary of these periods can be made available upon request by contacting [email protected].

8. Security Measures

We implement appropriate technical and organizational measures to protect personal data, including:

Staff training and privacy awareness.
Access controls, encryption, firewalls, antivirus software.
Physical security for buildings and assets.
Vendor due diligence and security audits.
Incident detection, reporting, and response procedures.

Note: Internet and email transmissions carry inherent security risks. Avoid sharing sensitive data over unsecured channels.

9. Your Rights Under GDPR

You may exercise the following rights:

Right	Description
Access	Request a copy of your personal data and how it is used.
Correction	Correct inaccurate or incomplete data.
Erasure	Request deletion where legal grounds permit.
Restriction	Request limitation on processing.
Portability	Receive data in a structured, commonly used electronic format.
Objection	Object to processing based on legitimate interests or marketing.
Withdraw Consent	Withdraw consent at any time.
Automated Decisions	Request human intervention for automated decisions.

Exercise Rights:
Contact our Head of Privacy and Data Protection:
    Email: [email protected]
    Phone: +421 951 997 241
    Address: Tornimäe 7, Tallinn 10145, Estonia

You may also lodge a complaint with your local supervisory authority.

10. Marketing Communications

Consent is required in certain jurisdictions.
You may opt out at any time via:

Provided unsubscribe links.
Contacting your Dives Enterprises representative.
Using mechanisms in our Cookie Policy.

No Sale of Data: Dives Enterprises does not sell your personal data to third parties for marketing purposes.

11. Cookies and Tracking

Please see our separate Cookie Policy to understand the usage and tracking.

12. Linked Websites

This Policy does not apply to third-party websites or platforms. Use caution when sharing personal data externally.

13. Changes to This Privacy Policy

We may update this Policy periodically. Material changes will be communicated via email, website notification, or other appropriate channels.

14. Contact Information

Head of Privacy and Data Protection
    Email: [email protected]
    Phone: +421 951 997 241
    Address: Tornimäe 7, Tallinn 10145, Estonia

PRIVACY POLICY