Privacy Policy

Valid from 15.02.2022

This Privacy Policy (hereinafter also referred to as “Policy”) describes how the Personal Information you may provide on the Comistar Website and any of its related Services is collected, protected, and used. It also describes the choices available to you regarding our use of your Personal Information and how you can access and update this information. All the definitions used, and all circumstances not covered by this Privacy Policy shall be regulated by the Regulation (EU) 2016/679.

Comistar is committed to protect your privacy and will take all appropriate steps to ensure that your Personal Information is treated securely and will be collected, used, stored, and disclosed in accordance with this Policy and the applicable laws.

Please read this Privacy Policy before using the Website and/or Services or submitting your Personal Data.

  1. Definition
    1. Here you can find the meanings of the most important terms in this Privacy Policy to help you understand who and for what Comistar is Processing your Personal Data.

      ● Agreement - service agreement concluded with the Client.

      ● Client - a person who uses Comistar services.

      ● Cookie(s) - small pieces of information stored by the Client’s browser on the hard disk of the computer of any other device of the Client.

      ● Content - all the data and information contained on the Website . These include all messages, texts, photographs, graphics, icons, logos, technology, links, textures, drawings, sound and/or image files, recordings, software, appearance, graphic design, source code and, in general, any kind of material contained in the Site.

      ● Data Subject / you - refers to the entity or individual providing Personal Data for the purposes of executing an Agreement with Comistar, or for any other purpose falling in the scope of this Policy.

      ● GDPR(General Data Protection Regulation) - Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the Processing of Personal Data and on the free movement of such data and repealing Directive 95/46/EC.

      ● Personal Information or Personal Data - means any information which Comistar directly relates to you (a legal or natural person or an organization legally engaged in business activities or any other business). By reference to an identifier such as a name, date of birth, contact information, location data, an online identifier etc.

      ● Privacy Policy or Policy - this privacy policy.

      ● Process or Processing - means any operation set of operations which is performed by Comistar as part of the Services on Personal Data, whether by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission or otherwise making available, alignment or combination, restriction, erasure, or destruction.

      ● Processor or Controller - shall have the meanings given in the GDPR. Means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.

      ● Website/Site

  2. The content of Personal Data Comistar collects and Processes
    1. By using Comistar Services and Website, you agree that the Comistar will use, disclose and Process your Personal Data in accordance with this Policy.
    2. We collect and Process Personal Data relating to you.
      1. Personal Data means any information relating to Data Subject; an identifiable natural person is one who can be identified, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; to the extent that IP addresses (or similar identifiers) is static IP address which does not change over time we will manage such identifiers as Personal Data.
    3. We collect the information through the following means:
      1. Information you give us: We receive and store any Personal Information (including financial information) you provide to us including when you (your business) enquire for or make an application for the Services; register to use and/or use any Services; upload and/or store information with us using the Services; and when you communicate with us through email, SMS, a Website or the telephone or other electronic means, e.g. in the context of contacting us about your account or transactions. Such information may reference or relate to you or your end users:
        1. Name including first name and family name, date of birth, age, email address, job/company role, username, password and/or photograph, biometric information, address, occupation, nationality and country of residence, a copy of your identification, such as your driver’s license or passport and/or other government identification or registration data.
        2. Information about your use of the Services, such as information about how frequently you transact with us, your average transaction volume, account balances.
      2. Information we collect about you automatically: Comistar receives and stores certain information automatically whenever you interact with Comistar, whether you open an account or undertake a transaction with us; for example, by way of Cookies or similar technology. Collecting this information enables us to better understand the Clients who use and interact with Comistar, where they come from, and how they use our services. We use this information for our analytics purposes and to improve the quality and relevance of our services for our visitors and Clients. This information includes:
        1. Technical information, including the IP address used to connect your computer or device to the Internet, your login information, browser type and version, equipment type, time zone setting, browser plug-in types and versions, operating system platform, frequency and length of visits, and what links you click on.
        2. Information about your visit or whether you opened an email, including your geolocation, the full URL clickstream to, through and from our Website (including date and time); Services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information and methods used to browse away from the site page and any phone number used to call our Client service number. We may use such information for regulatory purposes, our own due diligence checks, fraud, and risk management, to better understand transaction patterns and to optimize your experience.
        3. Email and Other Communications: we may receive information about you and your use of Services when we communicate with each other, including when you open messages from us and from the use of electronic identifiers.
      3. Information from Other Sources: We may receive information about you from other sources and add it to our account information, including when you apply to use the Services. For example, we work closely with, and receive information from, third parties like business partners, banks and other financial institutions, merchants, subcontractors, payment providers, government lists and databases and fraud prevention agencies.
      4. Information about other people: if you give us information about other people, you must have informed them in advance and you must ensure you have the right to do so.
    4. Comistar Processes Personal Data only if it has your consent to do so, or if it is necessary for providing you the Services, or Comistar has the legitimate interest to do so, or if it is required by applicable legislation.

  3. The use of your Personal Data
    1. We may use and share the Personal Data we collect for the following purposes:
      1. To provide our Services to you;
      2. To improve and develop our business,;
      3. To manage and enforce our rights, terms of use or any other contracts with you, including to manage any circumstances where transactions are disputed; manage, investigate, and resolve complaints; or recover debt or in relation to your insolvency;
      4. To prevent and/or detect fraud, financial crime, manage risk and to better protect ourselves;
      5. To comply with applicable law;
      6. To comply with requests from law enforcement and regulatory authorities on public interest grounds or from commercial organizations with whom you have or have had dealings, to establish, exercise or defend legal claims, or to protect your vital interests or those of other persons. To help those authorities or other organizations in the fight against crime and terrorism.

  4. Disclosure and transfer of Personal Data
    1. Comistar only Processes your Personal Data on your consent if there is a legitimate interest in Process Data or if it is required by the law.
    2. Comistar reserves the right to transmit the Personal Data to law enforcement institutions, state authorities and financial institutions if it should be required to comply with valid laws.
    3. Except as otherwise provided in present Privacy Policy, Comistar does not disclose or provide your information to Third Parties except in the following cases:
      1. With your explicit authorization;
      2. Fraud prevention agencies and other organizations who assist us in managing fraud and business risk;
      3. With your permission, your information may also be used for other purposes for which you give your specific permission.

  5. Retention of Personal Data
    1. We shall store your Personal Data for as long as required by law or in accordance with the law, or for the purposes stated in this Privacy Policy.
    2. The retention period may also depend on the legal and regulatory requirements. We will retain Personal Information as evidence of our obligations with you, to manage any inquiries or disputes, including to defend or initiate any legal claims.
    3. After the expiration of the Personal Data storage period, we shall anonymize or permanently erase your Personal Data.

  6. Data Subject’s rights in relation to Personal Data
    1. If you wish to exercise any of your rights regarding Personal Data or ask questions about the Privacy Policy, please submit a corresponding request to us at We will respond to your request by email as a rule no later than one calendar month. Please note that before we can provide you with the requested information regarding your Personal Data, we need to verify your identity.
    2. You as a Data Subject have the following rights in relation to Personal Data:
      1. Right of access to Personal Data - you have the right to know which of your Personal Data we store and how we Process it, including the right to know the purpose of the Processing, the persons to whom we will disclose your Personal Data, information about automated decision-making and the right to receive copies of Personal Data.
      2. Right to rectification of Personal Data - you have the right to request the rectification of inadequate, incomplete, and misleading Personal Data.
      3. Right to withdraw the consent given for the Processing of Personal Data - you have the right at any time to withdraw the consent given to us for the Processing of Personal Data. Please note that withdrawal of your consent shall not affect the legality of the Processing that was made because of consent before the withdrawal.
      4. Right to erasure of Personal Data („right to be forgotten “) - you have the right to request that we erase your Personal Data (for example, if you take back the consent for the Processing of Personal Data, or if Personal Data is no longer needed for the purpose for which it was collected). We have the right to refuse the erasure of Personal Data if the Processing of Personal Data is necessary for the fulfilment of our legal obligation, to exercise the right to freedom of expression and information, for the preparation, presentation, and protection of legal claims, or in the public interest.
      5. Right to restriction of Processing - In certain cases, you have the right to prohibit or restrict Processing of your Personal Data for a certain period (e.g., if you have filed an objection to Personal Data Processing).
      6. Right to object - you have the right to file an objection to Processing of your Personal Data if your Personal Data Processing takes place based on our legitimate interest or public interest. You shall have the right to object at any time to Processing of Personal Data for direct marketing purposes, and we shall respond immediately.
      7. Right to data portability - In case your Personal Data Processing is based on your consent and Personal Data is processed automatically, you shall be entitled to receive Personal Data about you that you submitted to us as the Controller, in a structured, commonly used, and machine-readable format, and you shall have the right to transmit this Personal Data to another Controller. You also have the right to request that we transfer Personal Data directly to another Controller, where technically feasible.
      8. Automated decision-making (including profiling) - if we have informed You that we perform automated decision-making (including profiling) that will bring about legal consequences for you or have a significant effect on you, then you may require human intervention in the decision-making process.
      9. Submission of complaint - In case you find that your rights have been breached, you have the right to seek protection and file a complaint to the Data Protection Inspectorate.
      10. Please read more about your rights from chapter 3 of the GDPR.

  7. Security of Personal Data
    1. Security is of utmost importance to us. We do our best to protect Personal Data in our hands.
    2. We apply various measures (physical, technical, organizational) to protect your Personal Data from unauthorized or arbitrary rectification, disclosure, acquisition, destruction, loss, or unauthorized access.

  8. Applicable law and jurisdiction
    1. You understand and accept that the relationship between you and Comistar shall be governed in all respects by the laws of the Republic of Estonia without regard to its conflict of law provisions.
    2. Any disputes arising out of this Agreement shall be settled in Harju County Court pursuant to the laws of the Republic of Estonia.

  9. Cookies and other tracking technologies
    1. In this section you can find information about the usage of Cookies and other tracking technologies together with information where you can control your Cookie and add preferences.
    2. We use Cookies on our Website, that you can accept if you choose to use our Website. There are other similar technologies for example web beacons. Cookies allow us to recognize whether you have used the Service before, and it helps us to store your preferences and other information.
    3. We use Cookies in many ways. Cookies help us to improve the offered services and make use of our services more convenient. For example, we use session Cookies, persistent Cookies and advertising Cookies. A session Cookie is deleted automatically after every visit; persistent Cookies shall remain upon repeated use of the Website, and advertising Cookies and third-party Cookies are used by the Websites of the partners of Comistar which relate to the Website of Comistar. We do not control the generation of those Cookies, therefore information on these Cookies can be obtained from third persons.
    4. Most of the web browsers allow Cookies. Without fully allowing Cookies, not all the functions of the Website are available to a visitor. The allowing or prohibiting Cookies and other similar technologies shall be under the control of a visitor via the settings of the visitor’s own web browser.
    5. If you prefer that your Personal Data will not be Processed on our website, you can activate the private browsing feature of Your web browser.

  10. Availability and changes of the Privacy Policy
    1. Here you can find info on making changes to the Privacy Policy and informing you about the changes.

The current version:

Original version from 15.02.2022

Become the next success story with Comistar

Contact us