Privacy Notice

Your privacy is important to us

We value your right to privacy and data protection. We want you to know for which purposes and how we collect and use your personal data (also known as personal information) and which rights you have. You will find important information about the processing of your personal data in this Privacy Notice. The Privacy Notice may be supplemented by other privacy notices and notices applicable to cookies QUANTCAST published on the SEG’s website.

This Privacy Notice applies to the processing of personal data by SEG EU OÜ (a limited liability company incorporated in the Republic of Estonia with the registration number 16255825 and registered address at Narva mnt 5, 10117 Tallinn, Estonia; hereinafter SEG, we or us).

We use your personal data only to support Platform functionality and to maintain the availability of our Services. No data will be transmitted to third parties without the consent of the person concerned or without a legal basis.


The following terminology is used in this Privacy Notice in the following meaning:

  • Data Subject is a natural person on who SEG has data or information that can be used to identify the natural person. Data Subjects are, for example, clients who are natural persons, individuals associated with the co-operation partners (e.g., representatives or employees);
  • Personal Data is any information relating to an identified or identifiable Data Subject, including the client or natural person related to the co-operation partner;
  • GDPR is the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons about the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC;
  • Third Party is a natural or legal person, public authority, agency or body, and any person other than the Data Subject, SEG, an authorized employee of SEG, or a person who may process the Personal Data of the Data Subject under the authority of SEG or Processor of SEG;
  • Agreement is a contract with any content concluded between SEG and the Data Subject, primarily Terms and Conditions;
  • Processing means any operation or set of operations, which is performed on Personal Data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction, regardless of the method of operation or the used means;
  • Processor means a natural or legal person, public authority, agency, or other body which Processes Personal Data on behalf of SEG, the controller.

SEG takes the security of all data in its possession very seriously. SEG ensures the confidentiality of Personal Data under applicable law and implements appropriate technical and organisational measures to protect Personal Data from unauthorized access, unlawful Processing or disclosure, accidental loss, alteration, or destruction.

SEG may use Processors for Processing of Personal Data. In such cases, SEG will ensure that the Processing of Personal Data is carried out in accordance with SEG's instructions and in accordance with the applicable law and this Privacy Notice. We apply contractual and appropriate security measures to protect your Personal Data and maintain confidentiality.

As soon as we receive your data, we implement reasonable security measures and procedures to avoid unauthorised access from any third party. However, transmission of such data over the Internet using personal computers or mobile devices is not completely safe and, therefore, we cannot guarantee absolute security of all information submitted to our website and/or to us. Any transmission of such information and documents is at your own risk.

How Do We Collect Your Personal Data?

SEG collects Personal Data primarily in the following ways:

  • we mainly collect Personal Data from the Data Subject itself or from the persons acting on the Data Subject's instructions (e.g., registering an account, through requests, applications, conclusion, and performance of Agreements);
  • in the context of providing services (e.g., managing and delivering digital artwork);
  • Personal Data, including e-mail correspondence, emerged as a result of normal communication between the Data Subject and SEG;
  • Personal Data clearly disclosed by the Data Subject (e.g., in social media);
  • Personal Data generated using services provided by SEG;
  • Personal Data received from Third Parties;
  • by automatic means when using our website and/or services (e.g., tracking the Data Subject use of our website and services; see also our Cookie Notice how and which cookies and similar technologies are used);
  • Personal Data combined by SEG (e.g., history of provided services and client communication).
Which Personal Data Do We Process?

The categories of Personal Data that SEG mainly, but not exclusively, collects and processes are the following:

  • person’s identification data necessary to ensure the smooth provision of the Services (e.g., name, personal identification code, date of birth, gender, nationality, personal picture, details of the identification document (e.g., copy of passport, ID card and/or driving license), tax ID number);
  • contact details required to facilitate communication between collaborating parties (e.g., address, phone number, e-mail address, language of communication);
  • financial information required to process transactions between collaborating parties (e.g., credit and debit card numbers, PANs, IBANs, sort codes, bank account numbers and details);
  • transaction data (e.g., data about transactions you make on our website, the name of the recipient, the amount of the transaction and the time);
  • Information relating to the provided services (e.g., performance or non-performance of Agreements, concluded and terminated Agreements, submitted applications, queries and complaints);
  • client’s satisfaction data (e.g., activeness of using the services, data on services used, client's complaints);
  • data connected with the website and account usage (e.g., member ID, user ID, user PIN, login status, services which you plan to use, log information, device information, browser information, location information (if enabled), activeness of using services, Internet Protocol (IP) address);
  • communication data (e.g., data collected via e-mail, messages, and other communication means (incl. social media));
  • data about the Data Subject’s relationships with legal persons (e.g., information submitted by the Data Subject or retrieved from public registers or received through Third Parties for making transaction on behalf of a legal person);
  • information on the Data Subject's authorisations.

SEG primarily uses the following Personal Data for marketing purposes:

  • identifying information (incl. name and date of birth of the Data Subject);
  • contact information (incl. email address and postal address);
  • information on the provided services.

In addition to the categories of Personal Data explicitly stated in this Privacy Notice, SEG may collect additional and other Personal Data in accordance with the law, if needed.

The provision of Personal Data for using services, e.g., registering an account, is statutory and required to enter into Agreement, therefore, the Data Subject is obligated to provide required Personal Data. Without providing required Personal Data it is not possible to use services or some services are limitedly accessible, and SEG could refuse to provide services.

For Which Purposes And On Which Legal Basis Do We Process Your Personal Data?

SEG processes your Personal Data primarily:

  • to manage customer relations in general, to keep data updated and corrected by verifying and enriching data, to respond to your requests and questions, to notify about changes of our services, to contact you, to provide customer support, based on:
    performance of Agreement or to take steps at the request of the Data Subject prior to entering into Agreement or compliance with a legal obligation;
  • to provide access to services or provision of services, to conclude and execute Agreements, to establish an account, to identify you, keep data updated and corrected by verifying and enriching data, based on:
    performance of Agreement or to take steps at the request of the Data Subject prior to entering into Agreement or compliance with a legal obligation;
  • to comply with requirements set out to us by law, to properly identify you, monitor your use of services, to transfer data to supervisory authorities, based on:
    compliance with our legal obligations;
  • to prevent misuse of website and/or services and ensure adequate provisions of website and/or services, to authorize and control access to functioning of digital channels, to prevent unauthorized access and misuse of those and to ensure the safety of information, based on:
    performance of Agreement or take steps at the request of the Data Subject prior to entering into Agreement or compliance with a legal obligation or SEG’s legitimate interests to have control over authorizations, access to and functioning of website and services;
  • to protect interest of SEG, based on:
    performance of Agreement or to take steps at the request of the Data Subject prior to entering into Agreement or compliance with a legal obligation or SEG’s legitimate interests, to prevent, limit and investigate any misuse or unlawful use or disturbance of website and/or services;
  • to establish, exercise, and defend legal claims, based on:
    performance of Agreement or to take steps at the request of the Data Subject prior to entering into Agreement or compliance with a legal obligation or SEG’s legitimate interests to exercise legal claims;
  • to administrate and improve the website and/or services, for our internal records, for statistical analysis, based on:
    SEG’s legitimate interests to improve its services and user experience;
  • improve technical systems and structure of information technology, based on:
    SEG’s legitimate interests to improve its services and user experience.

In the case that we are going to use your personal data for other purposes as provided above, we will communicate it to you in a timely manner.

Use Of Data for Marketing Purposes

SEG uses Personal Data for marketing purposes for sending SEG´s offers, promotions, contents, entitlements, and other marketing information that may be of interest to you, if the Data Subject has agreed to this. If the Data Subject has not given separate consent for direct marketing, SEG may process the Personal Data for the purpose of offering SEG´s services in respect of similar products or services that the Data Subject has bought or consumed, in accordance with SEG's legitimate interest.

SEG uses profiling for sending marketing information about similar service and product groups and personal campaigns. Profiling is automated processing of Personal Data consisting of the use of personal data to evaluate personal preferences and interests of the Data Subject, i.e., to choose recipients of direct marketing information. Profiling is used so that SEG would send only relevant information to the Data Subject.

You can opt-out of and withdraw your consent for receiving marketing communications from us any time by clicking on the ‘unsubscribe’ link at the bottom of each e-mail or contacting us at

To Whom Do We Transfer Your Personal Data?

SEG transfers Personal Data to the following recipients:

  • employees authorised by SEG for such purpose;
  • public authorities (e.g., law enforcement agencies, courts, bailiffs, tax authorities, and supervisory authorities);
  • persons related to the provision of services and performance of Agreement concluded with the Data Subject (e.g., designers, payment intermediaries, providers of communication, IT, data backup, translation, IT application providers, advertising, and marketing partners);
  • auditors, accounting service providers, financial consultants or other SEG’s consultants;
  • the debt collection service providers, courts, and trustees in bankruptcy if the Data Subject has violated Agreement;
  • acquirers, successors, or assignees as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets;
  • participants and/or parties involved with payment systems and payment solutions.
Where Your Personal Data Is Being Processed?

Generally, Processing of Personal Data takes place within the European Union / European Economic Area (EU/EEA). If there is a need to Process Personal Data outside EU/EEA, the transfer will only take place if appropriate safeguards are implemented. Examples of appropriate safeguards include:

  • an adequate level of data protection is in place in the country outside of the EU/EEA in accordance with the decision of the European Commission;
  • existence of a valid agreement containing standard contract clauses developed by the EU or approved codes of conduct or certifications or other similar things that comply with the GDPR.

In the absence of appropriate safeguards, SEG has the right to transfer Personal Data outside the EU/EEA in situations where:

  • the Data Subject has given an explicit and informed consent about the lacking protection measures;
  • it is necessary for the conclusion or performance of Agreement between the Data Subject and SEG or for the implementation of pre-contractual measures taken at the request of the Data Subject;
  • it is necessary for the conclusion or performance of a contract concluded in the interest of the Data Subject between SEG and another natural or legal person;
  • it is necessary for the establishment, exercise, or defence of legal claims;
  • it is necessary to protect the vital interests of the Data Subject or other persons, where the Data Subject is physically or legally incapable of giving consent;
  • the transfer is made from a register which according to European Union or national law is intended to provide information to the public and which is open to consultation either by the public in general or by any person who can demonstrate a legitimate interest, but only to the extent that the conditions laid down by European Union or national law are fulfilled in the particular case;
  • the transmission is not repetitive, concerns only a limited number of Data Subjects, is necessary to protect SEG’s legitimate interests, for which the interests, rights or freedoms of the Data Subject are not predominant, and if SEG has assessed all data transfer circumstances and established based on the assessment appropriate safeguards for Personal Data protection. SEG will notify the supervisory authority of the transfer.

For receiving more information about the transfer of Personal Data outside the EU/EEA, please contact us by e-mail:

How Long Do We Store Your Personal Data?

SEG does not Process Personal Data for longer than it is necessary for the purposes related with such data and/or to comply with the statutory data storing obligations. The retention period may also be based on the Agreements with the Data Subject (e.g., to settle a dispute arising from the Agreement concluded with the Data Subject), SEG's legitimate interest or applicable law (e.g., legislation about accounting or limitation period).

Generally, the retention period for Personal Data and documentary evidence used during provision of our services is maximum of 5 years from the termination of the user account and/or the Agreement. Personal Data Processed under your consent will only be Processed until the consent is withdrawn. However:

  • information on legal transactions is retained for as long the Agreement between us is in force and for a period of 10 years from the end of the Agreement unless otherwise provided by law;
  • billing information is retained for 7 years as of the end of the financial year in which the information was provided to SEG;
  • cookies’ information is retained according to QUANTCAST.
Which Rights Do You Have?

The Data Subject has the following rights in connection with the Processing of his/her Personal Data:

  • to obtain information about the Processing of their Personal Data and the right to request a copy of the Personal Data being Processed;
  • to request the rectification of their Personal Data if it has changed or is otherwise inaccurate;
  • to object to the Processing of their Personal Data if the Processing of Personal Data is based on a legitimate interest. For example, the Data Subject may prohibit the use of their contact information for sending offers, to use it, the Data Subject can remove itself from the list of the recipients upon receipt of the marketing email;
  • to request restriction of the Processing of their Personal Data, for example at a time when SEG assesses whether the Data Subject is entitled to delete its Personal Data;
  • to withdraw their consent for Processing of Personal Data. Upon withdrawal of the consent, SEG will no longer Process the Personal Data of the Data Subject for the purpose of the respective consent. The consent is valid until it is withdrawn;
  • data portability right;
  • to request deletion of their Personal Data, for example, if SEG has no right to Process such data or if the Processing of Personal Data is based on a consent and the consent has been withdrawn. Such right does not apply (or to such an extent) if Processing of Personal Data that is requested to be deleted has also been Processed for other legal bases, for example, under Agreement or for the performance of legal obligations;
  • to contact us at any time regarding the use of their Personal Data. To do so, please send us an e-mail. You also have the right to lodge a complaint to the Estonian Data Protection Inspectorate (website: or to a competent court.

The Data Subject can exercise its rights by contacting us at We will respond to the request without delay, but not later than within one month from receiving the request. To protect the integrity and security of the Personal Data SEG holds, we may ask that the Data Subject follows a defined access procedure, which may include steps to verify Data Subject´s identity.

Please note that the Data Subject´s rights are not absolute and are subject to such considerations as allowed under the applicable law.

Responsible Persons and SEG’s Contact Details

SEG EU OÜ is the controller for the Processing activities described in this Privacy Notice. If you have any questions regarding the Processing of your Personal Data, please contact us in the following ways:

SEG will reply to the request within 30 days after receiving the request. If more time is needed to reply to the request, SEG may extend the term for responding by a reasonable time.

Validity And Changes to Privacy Notice

SEG has the right to unilaterally amend the Privacy Notice at any time in accordance with the applicable law.

SEG will notify the Data Subject of any changes to the Privacy Notice via the website and by the e-mail at least one month before the changes take effect, except if the Privacy Notice is amended because of changes in legislation.