Last revision date: “28” February 2020
This privacy policy (hereinafter called “the Regulation”) is developed on the basis of the Federal Law of the Russian Federation “On personal Data Protection” No. 152-FZ and Regulation No. 2016/679 of the European Parliament and the Council of the European Union “On the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) ”, as well as other international and Russian legal acts. This Regulation sets common goals, principles and rules for the processing of personal data when using the Capitalist Application (hereinafter called “the Application”) and defines the main measures that we implement to protect your personal and other User data.
1.1. For the purposes of this Regulation, the following basic concepts are used:
1.1.1. Personal data - any information relating to a directly or indirectly identified or identifiable individual (subject of personal data);
1.1.2. Banking application is a personal account in your bank that provides online access to the services of your bank, as well as to information about operations on your bank cards and accounts.
1.1.3. Processing of personal data - any action (operation) or set of actions (operations) with personal data performed using automation tools or without using such tools, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
1.1.4. Personal data information system - a set of personal data contained in databases and processing information technologies and technical means;
1.1.5. Personal data Confidentiality - a mandatory requirement not to disclose to third parties and not to allow the distribution of the User’s personal data without consent of the personal data subject or availability of any other legal foundation;
1.1.6. Protection of personal data - an activity aimed at preventing the leakage of protected personal data, unauthorized and unintended influences on protected personal data.
2.1. Information that you provide to us
- Contact information you enter when registering an account in the Application, including first name, last name, email address, encrypted password, preferred language, device identifier;
- Data of the Banking application, including the username in the online bank, password, secret questions and answers, codes for entering banking applications, multifactorial information;
- Other information that you provide to us, including information about banking operations (amount, date, currency, category), wallets and their data (name, balance), goals, plans, achievements, reports, other data.
2.2. Information that we receive from banking applications based on the data you provide in an automated and secure manner
- Names and locations of banking organizations, identifier of connection with banking organizations, amounts of banking operations, categories of expenses, identifier of connection with a bank.
2.3. Cookies
- We do not automatically collect information about you through the use of cookies and similar technologies.
3.1. If you want automatically upload to the Application data on transactions made on your bank card or bank account, then you can initiate the integration of the Application with your Banking application through Salt Edge.
3.2. For integration, you need to enter the login and password from the Banking application in the Application interface. This data is immediately transferred to Salt Edge and is not stored in any way by the Application. By submitting this data you agree to the Salt Edge security policy, which can be found at the following link https://www.saltedge.com/pages/privacy_policy.
3.3. All data is obtained from your Banking application in an automated manner and described in this Privacy Policy. We do not have access to funds in your bank account, do not store or process accesses to your online banking.
3.4. When information is uploaded, Salt Edge enters your Banking application in read mode and receives data from there. You can read more about the data obtained by the link in paragraph 3.2. of this Privacy Policy.
4.1. We may use your personal data for the following purposes:
- Development, administration, improvement of the Application;
- Providing access to technically accessible functionality of the Application;
- Accounting for information about your banking operations in order to provide access to the functionality of the Application;
- Compliance with the prescribed legal obligations in the collection of personal data;
-Implementation of measures to ensure the security of personal data during their processing;
- Prevention and protection against fraud and other risks of legal or information security.
We do not sell or otherwise disclose your personal data collected by us, except in cases specified by this Regulation.
If and when we transfer your personal data, we are guided by the legislation of the foreign state into whose territory personal data are transferred, Federal Law of the Russian Federation “On personal Data Protection” No. 152-FZ and Regulation No. 2016/679 of the European Parliament and the Council of the European Union “On the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General data Protection Regulation)” and other international and Russian legal acts.
In cases established by this Privacy Policy, personal data may be transferred to the Salt Edge platform (Operator - Salt Edge Inc., the official website www.saltedge.com).
In addition, your personal data collected using the Application can be stored by third-party hosting providers in any country that provides adequate protection for personal data, which has signed and ratified the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data of January 28, 1981. ETS No. 108.
We apply administrative, technical and physical preventive measures to protect personal data that you provide or collected by us from accidental, illegal or unauthorized destruction, loss, alteration, access, disclosure or use.
We also take measures to delete your personal data or store it in a form that does not allow you to be identified after we have achieved the goals of processing this data, unless we are required by law to store this information for a longer period.
In the automated processing of personal data, encryption, depersonalization and other information protection methods can be used.
We strive to maintain the confidentiality, integrity and security of your data. We apply advanced physical and technical measures to protect your bank data, including: measures to physically protect databases from unauthorized access, use the AES-256-GCM security algorithm, use several authentication procedures to enter the Application, which may include biometric recognition, the use of a combination of firewall barriers, other security measures. We also regularly check our security systems for points of failure that could lead to cracking.
We reserve the right to amend this Regulation an unlimited number of times. Any changes to this Regulation shall enter into force on the day of their publication.
If you have any questions, comments or comments regarding this Regulation, please write to us at the email address contact@capitalistapp.net.
Limited liability company "Real Transit".
PSRN 1187746096900.
ITN 9701099097.
Postal address 105082, Moscow, nab. Rubtsovskaya, d. 3, str. 1, pom. 1, kom. 31, of. 4.
Telephone WA: +7(995)658-59-67
Email: contact@capitalistapp.net