Privacy policy
This Privacy Policy includes important information about your personal data, and we encourage you to read it carefully.
This Privacy Policy (“Policy”) describes how Dealflow ApS, CVR number 42666238, including all its subsidiaries, branches and other entities (“Dealflow”), collects, uses, and shares your personal data. This Policy also describes your rights and choices and how you can contact Dealflow about our privacy practices.
“Dealflow”, “we”, “our” or “us” means Dealflow entity responsible for the collecting and use of personal data under this Policy.
At Dealflow, we take your privacy very seriously. By visiting our site, using our website and/or mobile application (“App”), and by using our services, you are accepting the practices and guidelines set out in this Policy.
Purpose
1.1 This Policy aims to provide you with some helpful information regarding our use of your personal data and help you understand the rights you have in connection with your personal data.
What is Personal Data?
2.1 “Personal data” means all types of information that can identify a natural person. This data can include name, address, phone number or government rendered personal number.
2.2 Dealflow has built this Policy based on the EU’s General Data Protection Regulation 2016/679 (GDPR), which is currently the most comprehensive data protection regulation in the world offering the highest standard of privacy and data protection.
Whose Data Does Dealflow Collect?
3.1 Clients
When you directly use Dealflow as a Client, Dealflow is the data controller concerning the personal data provided by the Client to Dealflow once the Client registers for Dealflow’s services and during the registration process, provide information regarding their corporate structure, ownership, banking details and other.
3.2 Company and Company’s Representatives
When a Company uses Dealflow App and/or services, Dealflow is the data controller for personal data provided by the Company to Dealflow during the registration process providing information regarding the Company’s corporate structure and permitting us to pull applicable data from the public registries. Furthermore, we become the data controller for personal data provided by the Company concerning the Company’s representatives or personnel responsible for invoice approval.
3.3. Prospects
You may have been indicated by an existing Client or Company as a potential client of Dealflow’s services. In this case, some limited personal information may be controlled and processed by us to reach out to you.
3.4 Visitors
If you have visited Dealflow’s website, Facebook website, initiated the Dealflow App or used another form to communicate with us (e-mail, Facebook, LinkedIn, etc.), Dealflow controls some of your personal data. Regarding our website, Dealflow controls some data that may qualify as personal data, such as IP number, unique identifier of devices you use to access and use the services and our website.
3.5 Candidates
If you have applied to a position in Dealflow, we become the data controller for your personal data obtained in the recruiting process.
How do we use and share personal data and what are the legal bases?
4.1 Legal bases for processing data
For the purposes of the GDPR, we rely upon several legal bases to enable our processing of your personal data, including:
Contractual and Pre-Contractual Business Relationships. We process personal data to enter into business relationships with prospective Clients and Companies and to perform the respective contractual obligations.
Legal Compliance. We process personal data to verify the identity of our Clients and Companies to comply with fraud monitoring, prevention and detection obligations laws associated with the identification and reporting of illegal and illicit activity, such as Anti-Money Laundering (“AML”) and , Know-Your-Business (“KYB”) and/or Know-Your-Customer (“KYC”) obligations, and financial reporting obligations. For example, we may be required to record and verify the Clients’ identity for the purpose of compliance with legislation intended to prevent money laundering and financial crimes. These obligations are imposed on us by the existing regulation and industry standards and may require us to report our compliance to third parties and to submit to third-party verification audits.
Legitimate Business Interest. Where allowed under applicable law, we rely on our legitimate business interest to process your personal data. The following list sets out the business and operational purposes for which we have a legitimate interest in processing your data:
Detect, monitor and prevent fraud and unauthorised transactions;
Mitigate financial loss, claims, liabilities or other harm to Clients and Companies;
Respond to enquiries and provide customer support;
Improve our services, systems, and tools, and develop new products and services;
Improve our credit scoring when we collect additional data that you share with us directly or indirectly through other providers that you use;
Manage, operate and improve the performance of our website and Dealflow App by understanding their effectiveness and optimising our digital assets;
Enable network and information security on our website and Dealflow App;
Share personal data among our subsidiaries.
Consent. Additionally, we rely on consent to collect and process personal data related to how we communicate with you. When we process data based on your consent, you have the right to withdraw your consent at any time without affecting the lawfulness of previous processing based on your earlier consent.
4.2 Client, Company, and Company’s Representative
Categories of personal data we may collect and process include:
identification information (e.g. name, Instagram handle, photo, ID number or equivalent);
contact information (e.g. address, email, phone number or equivalent);
behavioural and tracking details (e.g. location data, behavioural patterns, IP number, cookie identifiers, unique identifier of devices you use to access and use Dealflow App);
financial data (e.g. bank account details, accounting information that are shared with us through third parties)
Purpose of collecting and processing your personal data:
Offer Our Services. To deliver our services, as agreed with you, we use your personal information in different ways. The data is used, e.g., to issue an invoice, consolidate your invoices, or complete payment operations.
Identity/Verification Information. To protect our services and comply with the existing regulatory obligations, we collect identification and contact data.
Credit assessment. We use third party data that you share with us through oyur accounting platforms and similar platforms to assess your business performance and creditworthiness.
Customer Care. We use your personal information to provide you with services if you contact us with questions, comments or complaints.
Fraud Detection. We use your personal data collected from you and available through Public Registries to detect and prevent fraud against us. We also use additonal data, such as your IP address or unique identifier of devices and others that independently may not qualify as personal data, but in conjunction with other data may. We collect this data to detect and prevent fraud and other illegal activity. In this regard, we may use third parties to help us assess and limit the fraud risk.
Advertising. We may use your personal data to share our special offers and other advertisements. We do not share your personal data with third parties for their marketing or advertising unless you give us or the third-party permission to do so. We do not sell your data.
The Purpose of ProcessingLegal Basis for the ProcessingTo provide our services and products.Contractual and pre-contractual business relationship. To comply with applicable laws and pursue Dealflow’s legitimate interests. To confirm your identity and verify your personal and contact details.Contractual and pre-contractual business relationship. To comply with applicable laws and pursue Dealflow’s legitimate interests. To establish, exercise or defend a legal claim or collection proceduresContractual and pre-contractual business relationship. To comply with applicable laws and pursue Dealflow’s legitimate interests. To comply with internal proceduresTo comply with applicable laws and pursue Dealflow’s legitimate interests. To administer Dealflow’s services, and for internal operations, including troubleshooting, data analysis, to develop and inform you about product enhancements, testing, research and statistical purposes.To pursue Dealflow’s legitimate interests.To ensure that content is presented in the most effective way for you and your device.To pursue Dealflow’s legitimate interests.To prevent misuse of Dealflow's services as part of our efforts to keep our services safe and secure.To comply with applicable laws and pursue Dealflow’s legitimate interests.To carry out risk analysis, fraud prevention and risk management.To comply with applicable laws and pursue Dealflow’s legitimate interests. To comply with applicable laws, such as anti-money laundering and bookkeeping laws, and rules issued by To comply with applicable laws and pursue Dealflow’s legitimate interests.
4.3 Prospects and Visitors
Categories of personal data we may collect and process include:
identification information (e.g. name, instagram handle);
contact information (e.g. address, email, phone number or equivalent);
behavioural and tracking details (e.g. location data, IP number, cookie identifiers, unique identifier of devices you use to access and use Dealflow App).
Purpose of collecting and processing your personal data:
Customer Care. We use your contact information, such as e-mail address to contact you in connection with questions and inquiries.
Fraud Detection. We use your personal data collected from you and available through Public Registries to detect and prevent fraud against us. We also use additonal data, such as your IP address or unique identifier of devices and others that independently may not qualify as personal data, but in conjunction with other data may. We collect this data to detect and prevent fraud and other illegal activity. In this regard, we may use third parties to help us assess and limit the fraud risk.
Advertising. We may use your personal data to share our special offers and other advertisements. We do not share your personal data with third parties for their marketing or advertising unless you give us or the third-party permission to do so. We do not sell your data.
Growth Analytics. Dealflow uses Facebook’s SDK. In case you interact on Facebook with the Dealflow adds and you have approved the use of Facebook’s SDKs, Dealflow may receive and process certain contact, location, identifier, and device information associated with Facebook users and their use of Dealflow’s application. The purpose of using Facebook’s SDK is to measure the performance of Dealflow’s app on Facebook. With Facebook’s SDK, Dealflow is able to collect data connected with various app events that are automatically logged, including app installations, activations or deactivations or app launches.
The Purpose of ProcessingLegal Basis for the ProcessingTo provide our services and products.To comply with applicable laws and pursue Dealflow’s legitimate interests. To confirm your identity and verify your personal and contact details.To comply with applicable laws and pursue Dealflow’s legitimate interests. To provide and market our services and/or products to you.To pursue Dealflow’s legitimate interests. To comply with internal proceduresTo comply with applicable laws and pursue Dealflow’s legitimate interests. To provide the support you seek for us.To pursue Dealflow’s legitimate interests.To measure interaction and growth of the AppBased on consent submitted to Facebook and/or to Dealflow.
4.4 Candidates
Categories of personal data we may collect and process include:
identification information (e.g. name, ID picture, position);
contact information (e.g. address, email, phone number or equivalent);
Purpose of collecting and processing your personal data:
Contact Information. We use your personal information to communicate with you.
Advertising. We may use your personal data to share our special offers and other advertisements. We do not share your personal data with third parties for their marketing or advertising unless you give us or the third-party permission to do so. We do not sell your data.
The Purpose of ProcessingLegal Basis for the ProcessingTo assess and recruit potential employeesBased on consent submitted to Dealflow and to comply with applicable laws and pursue Dealflow’s legitimate interest.Contact the candidate for future jobs.Based on consent - to retain for a period of 12 months
4.5 More ways we collect, use and share personal data
In addition to the ways we collect, use and share personal data that are described above, we also process your personal data as follows:
Online activity. We will collect information about devices and browsers across our Website and Dealflow App. Furthermore, we will collect usage data associated with those devices and browsers, including IP address, plug-ins, language used, and time spent. This data is important as it helps us detect fraud.
Communication and engagement data. We collect any information you provide to us, including your social media. When you respond to our emails or surveys, we collect your email address, name and any other information you choose to include in the body of your email response. We will also collect your engagement data, such as your registration for, attendance of, or viewing of Stripe events and other interactions with our website, Dealflow App or personnel.
Social media. When you share with us your personal data to participate in an offer or promotion, we will use the data to administer the offer or promotion.
Compliance with legal obligations. We use personal data to meet our legal obligations related to anti-money laundering, KYC laws, anti-terrorism, export control and prohibitions on doing business with restricted persons or in certain geographical areas, and other legal obligations. We strive to make our services safe, secure and compliant, and the collection and use of personal data is critical to this effort. For example, we may require additional information during our ad-hoc anti-money laundering reviews or may monitor patterns of payment transactions and other online signals to reduce the risk of fraud, money laundering and other activity that may be harmful to Dealflow, Clients or Companies.
Minors. Our services are not directed to minors, including children under the age of 13, and we request that they do not provide personal data through our App.
The Purpose of ProcessingLegal Basis for the ProcessingTo provide our services and products.To comply with applicable laws and pursue Dealflow’s legitimate interests and to pursue Dealflow’s legitimate interests.To comply with internal proceduresTo comply with applicable laws and pursue Dealflow’s legitimate interests. To administer Dealflow’s services, and for internal operations, including troubleshooting, data analysis, to develop and inform you about product enhancements, testing, research and statistical purposes.To pursue Dealflow’s legitimate interests.To prevent misuse if Dealflow’s services as part of our efforts to keep our services safe and secure.To comply with applicable laws and pursue Dealflow’s legitimate interests.To carry out risk analysis, fraud prevention and risk management.To comply with applicable laws and pursue Dealflow’s legitimate interests. To comply with applicable laws, such as anti-money laundering and bookkeeping laws, and rules issued by To comply with applicable laws and pursue Dealflow’s legitimate interests.
4.6 Personal data obtained from third parties
Dealflow also obtains and processes data from selected third parties, such as fraud detection agencies, sanction lists, registers held by credit-rating agencies and other commercial information providers providing information on, e.g., beneficial owners and politically exposed persons. We collect data from company registers, enforcement authorities, and various social media. Furthermore, in connection with payment processing, we collect information from third parties such as banks and other payment service providers.
Your rights and choices
5.1 Under the specific circumstance, you may have choices regarding our collection, use and disclosure of your personal data, including:
Opting out of receiving electronic communication from us. If you no longer wish to receive marketing-related emails from us, you may opt out via the unsubscribe link included in such emails. We will try to comply with your request as soon as reasonably practicable.
Request information regarding your data. You have the right to be informed about how we process your personal data. You can contact us at support@dealflow.live.
Right of access. You have the right to access the personal data that we hold about you. You may request a copy of the personal data that we hold about you. For any further copies, we reserve the right to charge a reasonable fee based on our administrative costs. To exercise this right, please contact us at support@dealflow.live.
Right to withdraw your previous consent. If you provided Dealflow with a consent to process specific personal data, you have the right to withdraw this consent.
Right to rectification. You have the right to rectification of any inaccurate or incomplete personal data that we hold about you.
Right to be forgotten. You have the right to erasure your personal data, under specific circumstances.
Right to object to the processing of your personal data. Where our lawful basis for processing your data is our legitimate interests, you have the right to object to the processing of your data if:
you can show that your interests, rights and freedoms regarding the personal data outweigh our interest to process your personal data, or
we process your personal data for direct marketing purposes, including but not limited to profiling.
This means that we will cease such processing unless we:
demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or
require the personal data to establish, exercise or defend legal rights.
If you choose to object to our further processing of your personal data as described in this Policy, please note that we may no longer provide you with the services you have requested and may terminate relevant agreements with you.
5.2 You can exercise your rights via email at support@dealflow.live, and we will do our best to address your concerns in the shortest time. You can also contact us by sending a letter to Dealflow ApS, Applebys Plads 7, 1411 Copenhagen, Denmark. If you are unhappy with our processing of your personal data you may lodge a complaint with or contact the Danish Data Protection Authority (Datatilsynet), at dt@datatilsynet.dk or send them a letter to Borgergade 28, 1300 Copenhagen, Denmark
Third country transfers
6.1 If we transfer your personal data to a country outside of the European Economic Area (“EEA”), i.e. to a third country, we will comply with applicable laws in respect of such transfer and ensure that appropriate safeguards are in place to ensure there is adequate protection.
Security and Integrity
7.1 Dealflow seeks maximum operational stability but is not responsible for any breakdowns or disruptions, including for operational disruptions caused by factors beyond Dealflow’s control. This means, among other things, power failure, equipment failure, Internet connection disruption, telecommunications connection disruption or the like.
Cookies
8.1 Cookies are text files placed on your computer to collect standard internet log information and visitor use of the website application and mobile application to compile statistical reports on website application and mobile application activities.
8.2 Our website application and mobile application uses cookies to distinguish you from other users. This helps us to provide you with a good experience when you use our website and mobile applications and also allows us to improve our solution.
Automated Decision Making
9.1 Currently, Dealflow does not carry out any processing defined as solely automated decision making, including profiling, under the GDPR that has “legal effects” or has otherwise significant effects on our customers.
Storage of Personal Data
10.1 Dealflow will not process personal data for a longer period than is necessary for fulfilling the purpose of such processing, as indicated by this Policy. Your personal data will be anonymised or deleted once it is no longer relevant for the purposes for which it was collected. Dealflow only retains your personal data to ensure the quality of services provided to you and ensure compliance with the existing regulatory requirements.
Changes to this Privacy Policy
11.1 We are constantly working on improving and developing our services, products and websites. This means that we may change this Policy from time to time. We will not diminish your rights under this Policy or under applicable data protection laws in the jurisdictions we operate.
11.2 If the changes are significant, we will provide a more prominent notice when we are required to do so by applicable law.
11.3 Please review this Policy from time to time to stay updated on any changes.
Copenhagen, Denmark, Ocotber 11th, 2023