Privacy Policy

Effective date: Jan 1, 2021


The following Privacy Policy shall govern the lawful, fair and transparent processing of Personal Data of natural persons conducted by Bimosoft Corp. as the operator of Website and provider of the rent a company Service.

Certain terms used in this privacy policy, if not defined here, are defined by art. 2.1. of the Winglio Terms of Service (Hereafter: ToS).

Relevant persons pursuant to the Regulation EU 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, or „GDPR“):

  1. The Data Controller is
    Bimosoft E OÜ
    Laki tn 30, 12915 Tallin
    (hereafter: the „Controller“ and to be considered equivalent to “Winglio” or “we” or “our” or “us” as defined by the ToS);

In line with GDPR changes, we are updating our Privacy Policy so you can better understand why and how we collect, process and erase your data. We are committed to protecting and respecting your privacy. This Policy (together with the ToS and any other documents referred to within) sets out the legal basis on which any Personal Data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it.

This Privacy Policy shall describe

  • the type of Personal Data we collect
  • the legal basis and legal requirements for Personal Data collection,
  • the scope, purpose and method of Personal Data collection,
  • the security measures to be undertaken to protect any and all collected Personal Data,
  • Personal Data management rights,
  • the time limit (duration) of storage of collected Personal Data.


We collect Personal Data of natural persons signed up as users of our Service (hereafter:  “Users” to be understood as equivalent to “Verified Users” or “Winglio Partners” as defined by the ToS). The Users themselves provide these Personal Data.

We also collect Personal Data of other natural persons (Clients as defined by the ToS as well as other “Third Parties”) provided to us by the User in the process of providing our Services.

We will inform you if providing some Personal Data is optional, including if we ask for your consent to process it. In all other cases, if you fail to provide the requested Personal Data, we may be unable to provide you with our Service.

We collect and/or process Personal Data when the User:

  1. signs up for our Services;
  2. browses our sites or uses our apps;
  3. uses our Services;

A) Personal Data we collect and process when you sign up for our Services:

  1. First name
  2. Last name
  3. E-mail address
  4. Date of birth
  5. Gender
  6. Address
  7. Phone number
  8. City
  9. Postal Code
  10. Country
  11. Copy of a Users’ passport or national ID (both sides)
  12. Copy of a Users’ ID card or recent utility bill (electricity bill / phone bill / bank statement)
  13. User's digital signature

What do we use this Personal Data for?

This is the information we process to enable you to become a “Verified User”. Only a Verified User may enter into an Agreement with Winglio and may use our Services. Without these Personal Data we are unable to provide you with our Services.

These Personal Data may, with your consent, also be used to promote the Winglio Service.

B) Personal Data we collect when you browse our Website or use our apps:

  1. your IP address through the placement of cookies; and
  2. location data, which might be gained through your IP address or GPS data

This information we collect by placing cookies on your devices, following your consent pursuant to our Cookie Policy.

What do we use this Personal Data for?

This is the information we collect while you browse our Website and use our apps, mainly to improve our Service. Read our Cookie Policy to find out more.

C) Personal Data we may collect and process while providing our Service:

  1. Users’ bank account information (name of bank, bank account number SWIFT number)
  2. amount and currency to be invoiced to a Client for services rendered
  3. type of service rendered to a Client

Furthermore, at this stage, the User may provide us with the following Client Personal Data (relevant only if a Client is a natural person):

  1. Clients' first and last name
  2. Clients' address
  3. Clients' e-mail address
  4. Clients' digital signature

Pertinent Personal Data protection information for Clients/Third Parties can be found here.

What do we use this Personal Data for?

This information we collect in order to execute our Agreement with the User, which, in essence, means to provide services to Clients in cooperation with the User.


We may use the Personal Data you provide about yourself to fulfill your requests for our products, programs, and services, to respond to your inquiries about the Service, and to offer you other products, programs, or services we believe may be of interest to you. We may also use your Personal Data to administer sweepstakes and contests.

We may use or disclose your information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.

If we consider it necessary, we may disclose your Personal Data to third parties in good faith that such disclosure is reasonably necessary to (i) take action regarding suspected illegal activities; (ii) investigate, enforce or apply Winglio Terms of Service, Cardholder Rules, or this Privacy Policy; (iii) comply with legal process, such as a search warrant, subpoena, statute, or court order; or (iv) protect our rights, reputation, or property or that of our Users, affiliates, the public or other third parties. Please note that we are not required to question or contest the validity of any search warrant, subpoena, or other similar governmental request we may receive.

We use information about which links have been followed and whether an action has been taken on another party’s website in order to improve our offerings and customize the Service.

Technical and navigational information, such as computer browser type, IP address, pages visited, and average time spent on our the Winglio Website, may be used, for example, to alert you to software compatibility issues, or it may be analysed to improve our website design and functionality.


The legal basis for processing of Personal Data:

  1. Processing is necessary for the performance of a contract to which the User is party or in order to take steps at the request of the User prior to entering into a contract;

    The processed Personal Data is necessary to enable us to enter into an Agreement with the User, to execute the Agreement and provide our Services pursuant to the Agreement within the scope of the ToS.
  2. Processing is necessary for compliance with a legal obligation to which the Controller is subject;
    Due to the nature of the Services provided by Winglio (payment, financial services, share transfer), we are legally obligated to process, store, and, if needed, reproduce Personal Data pertaining to financial transactions made by the User if so requested by law enforcement agencies; financial regulators and other relevant regulatory authorities; government bodies; tax authorities; courts tribunals and complaints/dispute resolution bodies and other bodies as required by law or regulation if such a request has sound legal basis.
    Furthermore, we must process and store certain Personal Data because we are legally obligated to allow the User to exercise his or her rights under the GDPR.
  3. Processing is necessary for the purposes of the legitimate interests pursued by the Controller;

    We collect your Personal Data for the following legitimate interests:
    • Provision of our financial products and Services;
    • Promotion of ideas and events relating to Services we provide;
    • Accuracy of User records;
    • Transparency of company ownership structure;
    • Maintenance of records of communications and management of your relationship with us;
    • To respond to your enquires;
    • To comply with any present or future law, rule, regulation, guidance, decision or directive (including those concerning anti-terrorism, fraud, anti-money laundering and anticorruption);
    • To carry out, in appropriate cases, KYC checks and other procedures that we undertake prior to you becoming a User;
    • Prevention and detection of fraud and other illegal activity or misconduct
    • For informing you about compliance with legal and regulatory obligations and provide related guidance.
  4. The User has given consent to the processing of his or her Personal Data for one or more specific purposes;

    Usually, this is the case when you request us to disclose your Personal Data to other people or organizations, or otherwise agree to disclosures.

    This is also the case when we ask to collect your Personal Data while you browse our Website, all in accordance with our Cookie Policy.

    This is also the case with all Personal Data we collect and process for promotional and marketing purposes.


Due to the sensitive nature of our Service we retain your Personal Data to protect our legitimate business interests and to meet legal obligations for a minimum period required by law, which in any case may be no shorter than 10 years after your User account closure, or after your User Account has been deemed inactive.

Personal Data collected exclusively for promotional purposes shall be retained for no shorter than 3 years after such Personal Data processing consent is given.

After this period has passed your Personal Data (will be automatically deleted, or/and deleted per your request).


We may share your Personal Data with the following types of recipients:

  1. With companies in our business group, sub-contractors, third-party service providers and partners who provide data processing services to us, such as but not limited to payment processing, other payment and money withdrawal issues, legal and financial advisory services, IT-support, etc. All such parties are obligated to use your Personal Data in accordance with our internal privacy Document, this Privacy Policy and our ToS.
  2. With any competent law enforcement body, regulatory authority, government agency, court of law or other third party where we believe disclosure is necessary
    1. as a matter of applicable law or regulation,
    2. to exercise, establish or defend our legal rights, or
    3. to protect your vital interests or those of any other person.
  3. With a potential or actual buyer (and its agents and advisers) in connection with any proposed or actual purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information solely for the purposes disclosed in this Privacy Policy.
  4. With any other person, such as Clients and Third Parties, with your consent for such disclosure.

Except as otherwise stated in this Privacy Policy, we generally do not sell, trade, rent or share Personal Data that we collect with third parties unless we have your consent to do so.


During the provision of our Service, the User provides us with Personal Data regarding his/our Client (if the Client is a natural person).

The User providing us with Client data, is contractually obligated to inform the Client that their data shall be shared and processed by Winglio, and will provide them with the link to this Privacy Policy wherein they can find all the information about their Personal Data that is being Processed by Winglio, as well as their data privacy rights.

Pursuant to applicable regulations, we provide Clients with the following information:

  1. identity and contact details of the data controller, and data protection officer

    Data controller – Here
    Data Protection Officer – Here
  2. purpose and legal basis for processing Personal Data:

    Purpose for processing – Here
    Legal basis for processing – Here
  3. recipients or categories of recipients of Personal Data

    Recipients or categories of recipients – Here
  4. period for which the Personal Data will be stored or criteria used to determine that period

    Period for which the Personal Data will be store – Here
  5. when processing is based on the legitimate interests pursued by the controller or this party

    Legitimate interests of the controller – Here
  6. right to request controller access to, rectification and erasure of Personal Data and/or restriction of processing, right of data portability, right to lodge a complaint with a supervisory authority

    Data subject rights – Here
  7. source of Personal Data – the source of Personal Data of Clients is always the User.


We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your Personal Data against loss, misuse, unauthorized access, disclosure, and alteration.  The security measures include firewalls, data encryption, physical access controls to our data centers and information access authorization controls.  While we are dedicated to securing our systems and Services, you are responsible for securing and maintaining the privacy of your password(s) and Account/profile registration information and verifying that the Personal Data we maintain about you is accurate and current. 

We do not store, transmit, or process any customer credit card information provided to us at any time during, or after the sale. Any payment information provided is transmitted to a 3rd party via a secured socket layer.


You have the following data protection rights:

  1. To access, correct, update or request deletion of your personal information. You may do so by contacting us using the information in the "Contact Us" section below.
  2. To object to the processing of your personal information (which is processed on the grounds of legitimate interests), ask us to restrict processing of your personal information or request portability of your personal information. Again, you may do so by contacting us using the information in the "Contact Us" section below.
  3. To opt out of marketing communications we send you, at any time. You can exercise this right by clicking on the “unsubscribe/opt out” link in the marketing communications we send you or by contacting us using the information in the "Contact Us" section below.
  4. If we are processing your personal information with your consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted pursuant to lawful processing grounds other than consent. You may do so by contacting us using the details at "Contact Us" heading below.
  5. You have the right to file a complaint with a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.


We use automated data processing (automated decision making) to automatically provide our Users with certain opportunities, bonuses, and amenities based on their use of the Service. Should certain conditions are met (as provided by the ToS), Winglio shall automatically send an e-mail to certain Users giving them an opportunity to access certain Winglio bonuses and amenities.

Users are not under any obligation to accept these offers.


A network of computers, cloud-based servers, and other infrastructure and information technology, including, but not limited to, third-party service providers support our operations. We and our third-party service providers store and process your Personal Data in the European Union. We will protect your information as described in this Privacy Policy if your Personal Data is transferred to other countries.  By using our Website and Services, you consent to your Personal Data being transferred to other countries, including countries that have different data protection rules than your country. 


We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, in accordance with the significance of the changes we make. The revised Privacy Policy will be effective as of the published effective date. 


You may contact us if you have general questions about our Privacy Policy and practices or questions about your Account information or Personal Data. 

Bimosoft E OÜ
Laki tn 30, 12915 Tallin