Datenschutz-Richtlinie — Nibble Finance


This privacy policy is incorporated and an integral part of OÜ NIBBLE ITSF’S terms of service ( OÜ Nibble ITSF a company incorporated in Estonia, registry number 14831029 at 21/10/2019, has created this privacy statement in order to disclose our data collection and use practices in relation to the OÜ Nibble ITSF website. please read this document carefully as it contains important information you should know before using our website or services (as defined in the terms of services). by continuing to use the OÜ Nibble ITSF website and services you will be deemed to have accepted this privacy policy.


  1. This Privacy Policy (hereinafter «Policy») establishes the general rules for the collection, processing, distribution, use and storage of the Website user’s Personal Data, including any dispute concerning privacy under the applicable General Data Protection Regulation (GDPR), and in accordance with the data protection legislation of the Republic of Estonia applicable to OÜ Nibble itsf, a company incorporated in Estonia, registry number 14831029 (hereinafter the «Nibble», «Company», «Us», «We»).
  2. It is understood and presumed that by using the Website and its services or by clicking «I AGREE WITH THE TERMS OF USE AND PRIVACY POLICY» button the User gives Consent, that the User has read, understood and accepted this Policy in entirety. If a User does not agree with this Policy or any part of it, the User should stop using the Website and its services.
  3. Definitions
    The following definitions and rules of interpretation apply in this Privacy policy.

Personal Data

Personal Data is any information relating to an identified or identifiable natural person («data subject»). An identifiable natural person is an individual that can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, address or other identification data.

Data Subject

A Data Subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.


Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of Processing

Restriction of Processing is the marking of stored personal data with the aim of limiting future processing.


Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.


Consent is the data subject’s freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to the person.


A Controller is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and methods of the processing of personal data; where the purposes and methods of such processing are determined by Estonian legislation.


A Processor is a natural or legal person, public authority, agency or other body processing personal data on behalf of a controller.


A Recipient is a natural or legal person, public authority, agency or another body, to who personal data is disclosed, whether a third party or not. However, public authorities receiving personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be considered recipients; the processing of such data by public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

Third Party

A Third Party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor or other persons who, under the direct authority of the controller or processor, are authorized to process personal data.


A website owned and operated by DEAC, available on the Internet at


This Privacy Policy may be amended, changed, supplemented and/or updated at any time with prior written notice from Nibble. Your continued use of the Website and its services after any amendments or alterations of this Privacy Policy without notification of Nibble shall constitute your consent hereto and acceptance hereof of an updated version of this Privacy Policy. In any case, the date of the most recent amendments and alterations will be indicated at the top of this webpage. If the User does not agree to the amended Privacy Policy or Terms of Use, the User must stop using this Website and related accounts and may withdraw from obligations under this Privacy Policy.

Legal basis for the processing of personal data

Nibble may process the following personal data obtained through the use of methods specified in this Policy:

Personal data

Name, username, password, date of birth, age, preferred language(s). Contact details: address, telephone number (including mobile phone number), e-mail address, any other information provided when filling out a contact form.

Consent records

Records of any consents given, together with relevant information.

Online details

Information obtained through the use of the Website, which may or may not be personal data, depending on the circumstances and applicable legislation: non-precise information about the approximate physical location, IP address, information collected through the use of cookies, JavaScript or other technologies, log files and similar information. During normal business operations, Nibble will not process personal data that may be deemed sensitive: race or ethnicity, political views, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life and sexuality, any actual or alleged criminal offences or penalties, or any other information that may be deemed to be sensitive under GDPR. Nibble will not process personal data of minors. Our services, Website and marketing materials are not intended for use by children, especially those under 13-years-old. They may not be used by persons under 18-years-old.

How we use the collected data

We use the collected data to understand your needs and provide you with a better service, and in particular for the following purposes: 1) To provide you services purchased via the website and to process your payments. 2) For statistics and administrative analyses to Manage the Website or to improve our products and services. 3) For internal record keeping, administrative purposes, to inform you about our events, services or products, or for communicating other related information that we think would be of interest to you, as explained above. 4) For marketing, e.g. sending marketing messages, newsletters and details regarding our business or businesses of carefully selected third parties, which we think may be of interest to you, by post or email or similar technology (you can inform us at any time if you no longer wish to receive marketing messages). 5) From time to time, we may also use your information to contact you for market research purposes or to personalise the Website according to your interests. Your information will not be disclosed to any third party without your consent. You may at any time ask us to stop sending you marketing messages by sending us an e-mail with the word «UNSUBSCRIBE» in the subject line to Nibble. If we contact you by e-mail, then each time you receive a message you will be provided with an option to unsubscribe from further messages of that type. If you would like us to remove information we store about you, please let us know. However, please note that if you use any of our services which require you to provide personal information, deleting our records may mean that you will need to resubmit the same data to continue using our services. We may disclose aggregated statistics about our website’s visitors, clients and sales in order to describe our services to prospective partners, advertisers and other reputable third parties and for other lawful purposes. Such aggregated statistics will not include any personal data. Personal data provided via subscription forms and/or a KYC procedure is collected in full compliance with the GDRP. The project’s Data Protection Officer is Ivan Sharafiev. Contact Any data subject may, at any time, contact the Data Protection Officer directly with any request regarding data protection. Personal data provided via a subscription form and/or a KYC procedure, may be disclosed to our partners: Registration no. Contacts Legal requisites Registration no. Contacts Legal requisites


We take precautions to protect your data. When you submit sensitive data via the Website, your data is protected both online and offline. Wherever we collect sensitive data (such as credit card data), that information is encrypted and transmitted to us securely. You can verify this by looking for a padlock icon in the address bar and «https» at the beginning of the Website’s URL. While we use encryption to protect sensitive data transmitted online, we also protect your data offline. Only employees who need the information to perform a specific job (for example, billing or customer services) are granted access to personal data. Personal data is stored on computers/servers kept in a secure environment.


We use «cookies» on this Website. A cookie is a piece of data stored on a visitor's hard drive and used to help us improve your access to our Website and to identify returning visitors. For example, when we use a cookie to identify you, you would not have to log in more than once, thereby saving time while on our Website. Cookies can also enable us to track and target the interests of our users, to enhance the experience on our site. The cookies we use are not linked to any personal data.

Social Media

If you share our content through social media, for example by liking us on Facebook, following or tweeting about us on Twitter, or giving us a "+1" on Google Plus, the relevant social networks will record the action and may set a cookie for this purpose. In some cases, where a page on our Website includes content from a social network, such as a Twitter feed, or a Facebook comments box, those services may set a cookie even when you do not click a button. As is the case for all cookies, we cannot access those set by social networks, just as those social networks cannot access cookies we set ourselves.

Log Files

Our systems automatically collect some anonymous information about visitors, including their IP address, browser type, language, and the times and dates of Webpage visits. The data collected does not include personal data and is used, as described above, for statistical analysis, to understand user behaviour, and to administer the site.

Google Analytics

Our Website uses Google Analytics, a web analytics service provided by Google, Inc. («Google»). The information generated by the cookie about your use of our Website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for evaluating your use of our Website, compiling reports on Website activity for Website operators and providing other services relating to Website activity and Internet usage. Google may also transfer this information to third parties if required by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data stored by Google. Further information about Google’s privacy policy is available at If other organizations use cookies or other methods to track site visitors to your Website, insert a paragraph like this in your privacy notice: Some of our business partners (for example, advertisers) may use cookies on our Website. However, we have no access to or control over these cookies. Information collected by registering on the website


We may amend this privacy policy from time to time. If we amend our privacy policy, we will publish the changes on this page. If the amendment in our privacy policy affects the use of your personal data, we will use our best endeavours to contact you by e-mail to obtain your consent. Continued use of the service will signify agreement with the amendments.

Acceptance of this privacy policy

If you do not agree to this privacy policy, please do not use our Website. By using our Website, you consent to the collection and use of data by us. Owing to the global nature of the Internet infrastructure, the data you provide may be transferred in transit to countries outside the European Economic Area, that do not have similar protections in place regarding your data and its use as set out in this policy. However, we have taken the steps outlined above to improve the security of your data. By submitting your data you consent to such transfers.