Last Updated: 23 December 2021.
Copyright ©2023 ONINO. All rights are reserved.
This is the Privacy Policy of ONINO GmbH, in the following referred to as "ONINO". ONINO request you take time to carefully read through this information. The information contained within this Privacy Policy is applicable to any person or entity who accesses, uses, relies on, interacts or engages with our Site, Products and Services.
If there are any terms in this Privacy Policy that you do not agree with, please discontinue use of our Site, Products and Services immediately. This Privacy Policy applies to all information collected through our Site, Products and Services, as well as any related services, sales, marketing, products and events. Please also read our Website Terms of Use (“Terms”) which govern all ONINO web pages (“Site”).
ONINO are committed to safeguarding your Personal Information (“PI”), your right to privacy and where applicable processing PI in line with applicable privacy and data protection laws as applicable in each jurisdiction we operate in. ONINO may use third-party providers to collect and process information, including financial information (for example relating to debit and credit card details to process payments via a third-party) to provide the Site, Products and Services to you. If you have any questions or concerns about this Privacy Policy, or our practices with regards to your personal information, please contact ONINO at team@onino.io.
When you visit the ONINO website and, more generally, use any of the ONINO website (the Site and/or our Products and Services (the “Services”), ONINO may request certain information from you. References to “you” or “your” refers to individuals whose PI is processed by ONINO, including by clients with direct or indirect relationships (such as employees, contingent workers, consultants, officers, agents (together “Representatives” of ONINO).
This Privacy Policy sets out the purposes for which ONINO may collect, use and disclose (collectively “processing”) PI and how it is treated and protected. Furthermore, it sets out an individuals’ rights in relation to the processing of their PI.
For information purposes only and not advice, please always seek independent advice. PI is information relating to an individual, which can be used either alone or with other sources of information to identify that individual. PI does not include information where the identity of the individual or the specific detail of the information has been removed and is therefore anonymous. Sensitive personal information (SPI) is a sub-category of PI that includes PI relating to race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about health and genetic and biometric data, none of which ONINO collects.
The nature of the information that ONINO or our Service Providers may collect will depend on the Products and Services ONINO provide and ONINO ’s relationship with you. PI that may be processed by ONINO is categorised as follows (the PI listed for each category is non-exhaustive examples):
Identification data - Full name, title, date of birth
Contact data - Personal address, telephone number, email address
Electronic Monitoring data - To the extent permitted by law, ONINO my record and monitor your electronic communications with ONINO
Financial data - Bank account number and details; credit card number and details
Marketing and Communications data - Marketing and communication preferences; tracking data relating to whether you have read marketing communications from ONINO (please also see our Cookies Policy)
Professional Information data - Position/job title, work address; telephone number; email address, sector and area
Profile data - Username and password for our online services that you have access to; Services requested; marketing communications responded to; survey responses
Services data - Payment details to and from you; details of services you have provided to ONINO and ONINO have provided to you
Product data – details about products you have used, purchased, interacted with and the ways you may interact with our Products
Site data – any interaction and data usage or upload onto or with our Site.
Technical data - Your use of and interaction with our Site, Products and Services including your IP address, browser type, browser type, browser plug in types and versions, operating system, data and technical data inputs and outputs, information you provide onto the platform or download from the platform.
Sensitive Personal Information (SPI) – ONINO will never collect Sensitive Personal Information.
when you provide it to ONINO in connection with interaction with the ONINO Site, Products or Services, such as a completed account application, system interaction and usage, order, download or purchase
throughout the course of the relationship with you, including where you change your details, provide additional PI, or where the services ONINO are providing to you change
from public sources where you have manifestly chosen to make your PI public, including via public profiles on social media, articles, marketing and through any other platforms or mediums
from visits to the ONINO Site or through logging into any of ONINO Services or password protected areas and usage or purchase of ONINO Products.
When you subscribe to the newsletter, sign-up & log-in to and/or use ONINOs products & services, ONINO and it's data processors may collect personal data. This is a list of data processors ONINO uses:
Data Processor Mailchimp:
To send newsletters and other information via mail, ONINO uses "MailChimp", a service provided by The Rocket Science Group LLC, a company based in the State of Georgia in the United States. MailChimp stores your personal data in the USA, where the level of data protection is lower than in the EU/EEA.For more information, please see MailChimp's privacy policy: https://mailchimp.com/legal/privacy/
Data Processor Google
ONINO uses Google Cloud, G Suite and Google Analytics, a service provided by Google Ireland Limited, a company incorporated under the laws of Ireland with offices at Gordon House, Barrow Street, Dublin 4, Ireland, to store your personal data. Google stores your personal data in the EU/EEA and the US, where the level of data protection is lower than in the EU/EEA.For more information, please see Google's privacy policy: https://policies.google.com/privacy
Data Processor SumSub
ONINO uses SumSub for KYC and Identification purposes, a company located in London in the United Kingsdom. Sumsub adheres to the principles of personal data protection as envisaged in the EU GDPR and the UK GDPR. For more information, ONINO refers to SumSubs privacy policy: https://sumsub.com/privacy-notice-service/
Pament Provider Stripe
ONINO uses Stripe for the processing of payments. For more information ONINO refers to Stripes privacy policy:https://stripe.com/de/legal/privacy-center
Heroku & Vercel & Netlify
ONINO uses Heroku and Vercel for deploying and hosting backend respectively frontend functionality. Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Service (AWS) technology. For more information on Heroku we encourage visiting their privacy policy: https://www.heroku.com/policy/security
Netlify is the modern development platform for Enterprises to realize the speed, agility and performance of a scalable, composable web architecture. https://www.netlify.com/privacy/
Vercel provides a cloud platform for on-demand deployment, related hosting and sharing services and analytics tools ("Services").For more information visit Vercels privacy policy: https://vercel.com/legal/privacy-policy
Amazon Web Services
Amazon Web Services (AWS) is a cloud computing platform that offers a wide range of infrastructure and services, for more information ONINO refers to the AWS privacy policy: https://aws.amazon.com/de/privacy/
AI Model Hosting Microsoft Azure
Microsoft Azure is a cloud computing platform that provides various infrastructure and services, for more information ONINO refers to the Azure privacy policy:
https://azure.microsoft.com/en-us/explore/trusted-cloud/privacy
The below table sets out the purposes and basis for which ONINO and our third-party service providers may process PI.
Processing Purpose
Category of PI
Basis of Processing
To consider opening an account and purchasing Site, Products and Services
Identification data
Contact data
Financial data
Profile data
Services data
Performance of a contract
Legal or regulatory obligation
Legitimate interests: ensuring ONINO do not accept or assist or further any fraudulent or any unlawful activities, such as terrorism or money laundering
To deliver the Site, Products and Services you have requested
Identification data
Contact data
Financial data
Profile data
Services data
Technical data
Marketing & Communications data
Performance of a contract
Legal or regulatory obligation
Legitimate interests: ensuring that you are provided with the best client services and visitor services ONINO can offer, and securing a prompt payment of any fees, costs and debts in respect of our Services
To manage payments, fees and charges and to collect and recover money owed
Identification data
Contact data
Financial data
Services data
Performance of a contract
Legitimate interests: ensuring ONINO can manage payments, fees and charges and to collect and recover money owed
To manage the relationship with you which will include notifying you about changes to ONINO terms of business or this Privacy Policy
Identification data
Contact data
Profile data
Marketing & Communications data
Performance of a contract
Legal or regulatory obligation
Legitimate interests: ensuring ONINO can notify you about changes to ONINO terms of business or this Privacy Policy
(Where applicable)To interact with governmental or regulatory bodies or other competent national authorities
Identification data
Contact data
Financial data
Services data
Legal or regulatory obligation
Public interest
To detect or prevent fraud and/or other criminal activity and to protect the company and company assets
Identification data
Contact data
Electronic monitoring data
Financial data
Profile data
Services data
Technical data
Legal or regulatory obligation
Public interest
Legitimate interests: protecting ONINO detecting, and protecting against breaches of ONINO’s policies and applicable laws
Review and update to ensure the systems and Services are adequate
To manage and protect ONINO business, including improving data security, troubleshooting data and systems, system maintenance and testing, data hosting, managing our offices and other facilities
Identification data
Contact data
Profile data
Technical data
Marketing & Communications data
Legal or regulatory obligation
Legitimate interests: ensuring the efficient and secure running of ONINO business, including through office and facilities administration, maintaining information technology services, network and data security and fraud prevention
To invite you to take part in market insight or other events or similar events, and to manage your participation in them
Identification data
Contact data
Profile data
Technical data
Marketing & Communications data
Legitimate interests: ensuring ONINO client records are up-to-date; promoting ONINO ’s client services; receiving feedback; improving ONINO ’s services; identifying ways to expand ONINO business
To send you marketing (including by paper and electronic channels) communications and service updates
Identification data
Contact data
Profile data
Technical data
Marketing & Communications data
Legitimate interests: reviewing how clients use, and what they think of, ONINO services; identifying ways to improve and expand ONINO business
In relation to vendor services (as applicable):
Purpose and/or Activity
Type of Data
Legal Basis of Processing
To engage you or the organisation or entity you work for as a new supplier, including performing background checks
Identification data
Profile data
Contact data
Financial data
Services data
Performanceof a contract
Legalor regulatory obligation
Legitimate interests: ensuring ONINO do not deal with proceeds of criminal activities or assist in any other unlawful or fraudulent activities for example money laundering or terrorism
Public interest
In connection with one or more of the purposes outlined in the section ‘Purpose and Legal basis for processing your PI’ above, ONINO may disclose PI to:
professional advisors, third parties, agents or independent contractors that provide services to ONINO (including, but not limited to: legal representatives, professional consultants, consultants, contractors, parts suppliers, services suppliers, third party agencies and individuals), which includes their professional advisors, third parties, agents, independent contractors that provide services to them (such as IT systems providers, payment services providers, platform providers, financial advisors, payment processors, brokers, consultants (including legal representatives and accountants);
goods and services providers (such as providers of marketing services where ONINO are permitted to disclose your personal information to them); payment processors, intermediaries, brokers, and other individuals and entities that partner with ONINO;
competent authorities (including any national and/or international regulatory or enforcement body, agency, court or other form of tribunal or tax authority) or their agents where ONINO is required or allowed to do so under applicable law or regulation;
(where applicable) a potential buyer, transferee, merger partner or seller and their advisers in connection with an actual or potential transfer or merger of part or all of ONINO’s business or assets, or any associated rights or interests, or to acquire a business or enter into a merger with it;
(where applicable) credit reference agencies (including professional and retail agencies) or other organisations that may help ONINO to provide data, Products and Services and also to conduct anti-money laundering and anti-terrorist financing checks and to detect fraud and other potential criminal activity; or
any person to whom disclosure is allowed or required by local or foreign law, regulation or any other applicable instrument or agency.
ONINO will not process your PI for marketing purposes if you have informed ONINO that you do not wish to receive marketing materials. You can request that ONINO stop processing your PI for marketing purposes at any time by clicking on marketing opt-out links in any electronic marketing materials ONINO send you (unsubscribe) and/or by using the contact details set out in the “Contacting ONINO” section of this Privacy Policy.
ONINO do not share or sell your PI to third parties for the third-party to use for their own marketing or other purposes.
ONINO will process your PI for as long as is necessary to fulfil the purpose for which it was collected including to fulfil Site, Products and Services, until you opt-out or until Onino has met its obligations, for example to comply with legal, regulatory, accounting, auditing, reporting, internal policy requirements or for the establishment or defence of legal claims.
ONINO may use a range of physical, electronic, and managerial measures to ensure a level of security appropriate to the risk of PI processing. These measures may include any or all the following:
education and training of relevant staff to ensure they are aware of ONINO privacy obligations when processing PI as well as training around social engineering, phishing, spear phishing, and password risks;
the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
the ability to restore the availability and access to PI in a timely manner in the event of a physical or technical incident;
administrative and technical controls to restrict access to and process PI;
technological security measures, including firewalls, encryption, and anti-virus software;
segregation of networks and backup facilities;
application security;
endpoint security;
real-time monitoring of data leakage controls;
layered and comprehensive cybersecurity defences; and
security incident reporting and management.
The security of data transmitted over the internet (including by e-mail) cannot be guaranteed and carries a risk of access and interception by third parties. ONINO endeavour to protect personal information but cannot guarantee the security of data transmitted to ONINO or by ONINO.
In certain circumstances you may have the following rights in relation to the processing of your PI:
Access: To request a copy of the PI ONINO process in relation to you and to be informed about how ONINO use and (where applicable) share your PI – subject to any legal and regulatory obligations.
Object: To object to the processing of your PI if (i) ONINO are processing your PI on the grounds of legitimate interests or for the performance of a task in the public interest (including profiling); or (ii) if ONINO are processing your PI for direct marketing purposes.
Correction: To request that ONINO update the PI it processes in relation to you, or to correct PI that you think is incorrect or incomplete.
Erasure: To ask that ONINO delete PI that ONINO process in relation to you where ONINO do not have a legal or regulatory obligation or other valid reason to continue to process or retain it.
Restriction: To request that ONINO restrict the way in which ONINO processes your PI, for example, if you dispute the accuracy of your PI or have raised an objection which is under consideration.
Portability: To request a copy of your PI that you have provided to ONINO in a commonly used electronic format such as through the completion of an application form.
Automated decision making: To request manual intervention if you are subject to automated decisions where the decision results in a legal or similar effect to you.
You may exercise your rights at any time by using the details set out in the Contacting ONINO section. To the extent permitted by applicable law or regulation ONINO reserve the right to charge an appropriate fee in connection with you exercising your rights.
ONINO may need to request specific information from you to help ONINO confirm your identity and ensure your right to access to the PI requested, or to exercise any of your other rights. This is to ensure that PI is not disclosed to any person who does not have authority to receive it. ONINO may also request further information in relation to your request to help ONINO to locate the PI processed in relation to you, including, for example, the nature of your relationship with ONINO.
ONINO aim to respond to all legitimate requests within one calendar month. If ONINO think it may take longer than one calendar month, (such as where your request is particularly complex or you have made a number of requests), ONINO will notify you and keep you updated. You will not be disadvantaged in any way by exercising your rights in relation to the processing of your PI.
If you wish to exercise any of your rights or have any questions concerning this policy, please contact: team@onino.io. You also have a right to complain to a data protection or other competent authority with jurisdiction over privacy and data protection law in the country you live or work, or in the country where you believe an issue in relation to the processing of your PI has arisen. Please contact team@onino.io for further details.
This Privacy Policy is not applicable to third-party websites that ONINO do not own or control (including those that are linked, hyperlinked or otherwise to products, policies, terms, warranties, or any other information whatsoever), or to any third-party website where ONINO advertisements and marketing are displayed.
ONINO may modify or amend this Privacy Policy from time to time and you are advised to visit our website and Privacy Policy regularly to check for any amendments and updates. Any material changes will be communicated to you through an appropriate channel, depending on how ONINO normally communicate with you. It is your responsibility to ensure that you remain informed of our policies when interacting with any Onino Site, Products or Services.
%201.png){kind=icon}
