Welcome to Capila.io (“we”, “us” or “Capila”)!We are a SaaS (Software as a Service) finance solution, providing a platform for aggregation and analytics of third-party financial data.To provide our Services we need to collect some of your personal data, whether you are usingwww.capila.io or our accounting platform (“Platform”) (collectively, our “Services”).This Privacy and Cookies Policy (the “Privacy Policy”) is intended to inform you about our practices regarding the collection and use of your personal data that you may submit to us through our website.This Privacy Policy is binding to (i) all our Customers who are Contracting Parties provided with the Services based on the Agreement as defined in the General Terms And Conditions Of Service (our “Terms of Service”), (ii) visitors of our websites, (iii) individuals who contact us through our website (all the previously mentioned individuals hereinafter referred to as “you”).This Privacy Policy should be read alongside, and in addition to our Terms of Service.
Unless otherwise defined in this Privacy Policy, terms used have the same meaning as in the Terms of Service.
This Privacy Policy was last modified on 1 February 2022 and may be sporadically updated to reflect changes in legislation.You can always find the most recent version on our Site.If we make substantial changes, we may provide at least a 30-day notice prior to any changes taking effect.What constitutes a substantial change will be determined at our sole discretion.By continuing to access or use our Service after those revisions become effective, you agree to be bound by the revised terms.If you do not agree to the new terms, please stop using the Services.
We process your data with due care, in accordance with all applicable laws and regulations, including the regulation (EU) 2016/679 of the European Parliament and of the Council, the General Data Protection Regulation (the “GDPR”).
The Privacy Policy only covers data processing carried out by us. The Privacy Policy does not address, and we are not responsible for, the privacy practices of any other parties.
We do not knowingly collect or ask for information from people under the age of 18. If you are such a person, please do not use our service or send us your information. We delete information that we learn is collected from a person under the age of 18 without verified parental consent.
Who collects and processes your personal data?
What are the purposes and legal basis for collecting and processing your personal data?
carry out the agreement existing between us based on your decision to use our Service
This purpose includes mainly the following processing activities:
We process the email address, payment information and other data provided by you voluntarily when you use our Service.
Legal basis for such processing: the performance of a contract in accordance with Article 6 (1) (b) of GDPR.
We process this personal data as the Controller within the meaning of Article 4 (7) GDPR.
carry out the agreement existing between our Customers and us
This purpose includes mainly the following processing activities:
We process the personal data provided by our Customers about their clients upon our Customer’s instructions. Personal data can include but is not limited to name, surname, email address, earnings, bank statement, and any other personal information logged in the Customer’s existing accounting tools they choose to integrate.
Legal basis for such processing: your consent in accordance with Article 6 (1) (a) of GDPR.
We process this personal data as the Processor within the meaning of Article 4 (8) GDPR.
market our Services
We may market current or future Services to You if you subscribe to our newsletter or consent to marketing cookies, as described above.
We processes your email address on the following legal basis: your consent in accordance with Article 6 (1) (a) of GDPR (granted during submitting your email address to our newsletter bar) or legitimate interest in accordance with Article 6(1) (f) of GDPR (if you have an existing relationship with Us) .
You can stop direct marketing communications from us by:
We process this personal data as the Controller within the meaning of Article 4 (7) GDPR.
improve our Services
This purpose includes the following processing activities using technical information:
We process technical information under the following legal basis: legitimate interest in accordance with Article 6(1)(f) of GDPR.
We process this data as the Controller within the meaning of Article 4 (7) GDPR.
What personal data is collected?
We may collect the following types of information about you:
Personal Data
We may collect and process your names, email address, payment information and any other data that identifies you, provided by you voluntarily when you use our Services.
Technical Information
We and our authorised external service providers (as stated in this Privacy Policy) may automatically collect technical data when you visit or interact with our website. Technical data may include, in particular, the URL of the website you visited before using our Service, the time and date of user visits, surfing habits, IP address, the browser name, the type of computer or device accessing our Service, time spent on the website and other similar technical information.
Cookies
Who are recipients of your personal data?
it is necessary for the performance and improvement of our Services To the extent that our external service providers (sub-processors) need access to your personal data to help us perform our Services for you, we have taken the appropriate contractual and organisational measures to ensure that your personal data are processed in accordance with all applicable laws and regulations.
When indicated, providers will only receive your personal data upon your approval.
The list of external service providers we use may change from time to time as we change or remove some of the providers listed above and/or put in place other providers to assist us in providing the Services.
It is necessary for legal reasons
We may share your personal data with recipients outside the Controller if we have a good-faith belief that access to and use of your personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues; and/or (iii) protect the interests, properties or safety of the Controller, our users or the public as far as in accordance with the law. When possible, we will inform you about such processing.
Capila as a Processor
Do we transfer your data to countries outside the EU/EEA?
What is the storage period?
What are your rights?
As a Controller we shall respond to the follow requests:
May you complain?
Is data secured? 1. We take all reasonable, appropriate security measures to protect us and our Customers from unauthorised access to or unauthorised alteration, disclosure or destruction of personal data we hold. Measures include, where appropriate, encryption, firewalls, secure facilities and access rights systems. Should despite the security measures, a security breach occur that is likely to have negative effects to your privacy, we will inform you about the breach as soon as reasonably possible. If you have any questions, feel free to contact us at [email protected].
“We are making the world of finances more comprehensible and bring simplicity into complexity by digitalization and automation of the financial world.”
CEO & Co-Founder