Privacy Policy

Effective date: May 25, 2018

  1. I. OVERVIEW

    The following Privacy Policy shall govern the lawful, fair and transparent processing of Personal Data of natural persons conducted by Bimosoft Corp. as the operator of Winglio.com Website and provider of the Winglio.com rent-a-company Service.

    Certain terms used in this privacy policy, if not defined here, are defined by art. 2.1. of the Winglio Terms of Service (Hereafter: ToS).

    Relevant persons pursuant to the Regulation EU 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, or „GDPR“):

    1. The Data Controller is

      Bimosoft Corp.
      Level 2, Lot 19, Lazenda Commercial Centre, Phase 3,
      87007
      F.T Labuan,
      Malaysia
      (hereafter: the „Controller“ and to be considered equivalent to “Winglio” or “we” or “our” or “us” as defined by the ToS);

    2. Pursuant to Art. 27 of the GDPR, the designated Representative of the Controller in the EU is

      Bimosoft Limited
      18-19 College Green
      Dublin
      Republic of Ireland

    In line with the GDPR changes, we are updating our Privacy Policy so you can better understand why and how we collect, process and erase your data. We are committed to protecting and respecting your privacy. This Policy (together with the ToS and any other documents referred to within) sets out the legal basis on which any Personal Data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it.

    This Privacy Policy shall describe

    • the type of Personal Data we collect
    • the legal basis and legal requirements for Personal Data collection,
    • the scope, purpose and method of Personal Data collection,
    • the security measures to be undertaken to protect any and all collected Personal Data,
    • Personal Data management rights,
    • the time limit (duration) of storage of collected Personal Data.

  2. II. WHAT PERSONAL DATA DO WE COLLECT?

    We collect Personal Data of natural persons signed up as users of our Service (hereafter: “Users” to be understood as equivalent to “Verified Users” or “Winglio Partners” as defined by the ToS). The Users themselves provide these Personal Data.

    We also collect Personal Data of other natural persons (Clients as defined by the ToS as well as other “Third Parties”) provided to us by the User in the process of providing our Services.

    NOTE:

    We will inform you if providing some Personal Data is optional, including if we ask for your consent to process it. In all other cases, if you fail to provide the requested Personal Data, we may be unable to provide you with our Service.

    We collect Personal Data when the User:

    1. signs up for our Services;
    2. browses our sites or uses our apps;
    3. uses our Services;
    4. applies to receive Elite („shareholder“) status.

    1. The Personal Data we collect when you sign up for our Services:

    1. First name
    2. Last name
    3. E-mail address
    4. Date of birth
    5. Gender
    6. Address
    7. Phone number
    8. City
    9. Postal Code
    10. Country
    11. Upload of a copy of a Users’ passport or national ID (both sides)
    12. Upload of a copy of a Users’ ID card or recent utility bill (electricity bill / phone bill / bank statement)

    NOTE:

    Personal data as described under (xi) and (xii) may be considered biometric data pursuant to provisions of the GDPR and as such are considered special categories of personal data and are provided with special protections.

    What do we use this Personal Data for?

    This is the information we process to enable you to become a “Verified User”. Only a Verified User may enter into an Agreement with Winglio, and may use our Services. Without these Personal Data we are unable to provide you with our Services.

    NOTE:

    Withdrawal of consent for processing of certain Personal Data (for instance Personal Data under xi) and xii) may result in our inability to provide you with our Services.

    2. Personal Data we collect when you browse our Website or use our apps

    1. your IP address through the placement of cookies; and
    2. location data, which might be gained through your IP address or GPS data

    This is information we collect by placing cookies on your devices, following your consent pursuant to our Cookie Policy.

    What do we use this Personal Data for?

    This is the information we collect while you browse our Website and use our apps, mainly to improve our Service. Read our Cookie Policy to find out more.

    3. The Personal Data we may collect while providing our Service:

    1. Users’ bank account information (name of bank, bank account number SWIFT number)
    2. amount and currency to be invoiced to a Client for services rendered
    3. type of service rendered to a Client

    Furthermore, at this stage the User may provide us with the following Client Personal Data (relevant only if Client is a natural person):

    1. Client first and last name
    2. Client address
    3. Client e-mail address

    NOTE:

    Pertinent Personal Data protection information for Clients/Third Parties can be found here.

    What do we use this Personal Data for?

    This is information we collect in order to execute our Agreement with the User, which, in essence, means to act as a commission agent of the User and to issue an invoice to a Client or other Third Party.

    4. Personal Data we collect when you apply to receive Elite (shareholder) status.

    1. Personal Data pertaining to Users’ shareholder status in other companies;
    2. Users’ academic background;
    3. Personal Data pertaining to Users’ business history;
    4. Personal Data pertaining to Users’ legal procedure history;
    5. Personal Data pertaining to Users’ criminal conviction history;
    6. Personal Data pertaining to Users’ regulatory authority procedure history;

    Furthermore, at this stage the User may provide us with the following Third Party (Referee 1 & 2, Witness) Personal Data

    1. Third Party first and last name
    2. Third Party telephone number
    3. Third Party address
    4. Third Party profession
    5. Third Party company e-mail address
    6. Third Party personal e-mail address
    7. Third Party city, postal code and country of residence

    NOTE:

    Pertinent Personal Data protection information for Clients/Third Parties can be found here.

    What do we use this Personal Data for?

    This is information we need to collect in order to approve your Elite status application, and to be able to execute a transfer of shares pursuant to relevant laws and regulations governing the transfer of company shares in Malaysia.

  3. III. HOW WE USE YOUR PERSONAL DATA

    We may use the Personal Data you provide about yourself to fulfil your requests for our products, programs, and services, to respond to your inquiries about the Service, and to offer you other products, programs, or services we believe may be of interest to you. We may also use your Personal Data to administer sweepstakes and contests.

    We may use or disclose your information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.

    If we consider it necessary, we may disclose your Personal Data to third parties in good faith that such disclosure is reasonably necessary to (i) take action regarding suspected illegal activities; (ii) investigate, enforce or apply our Winglio ToS or this Privacy Policy; (iii) comply with legal process, such as a search warrant, subpoena, statute, or court order; or (iv) protect our rights, reputation, or property or that of our Users, affiliates, the public or other third parties. Please note that we are not required to question or contest the validity of any search warrant, subpoena, or other similar governmental request we may receive.

    We use information about which links have been followed and whether action has been taken on another party’s website in order to improve our offerings and customize the Service.

    Technical and navigational information, such as computer browser type, IP address, pages visited, and average time spent on our the Winglio Website, may be used, for example, to alert you to software compatibility issues, or it may be analysed to improve our website design and functionality.

  4. IV. LEGAL BASIS FOR PROCCESING OF PERSONAL DATA

    The legal basis for processing of Personal Data:

    1. Processing is necessary for the performance of a contract to which the User is party or in order to take steps at the request of the User prior to entering into a contract;

      The processed Personal Data is necessary to enable us to enter into an Agreement with the User, to execute the Agreement and provide our Services pursuant to the Agreement within the scope of the ToS and to enable us to act as a commission agent of the User.

      The processed Personal Data is also necessary to enable us to enter into a share transfer agreement with the Elite user, and to execute the share transfer pursuant to applicable laws and regulations.

    2. processing is necessary for compliance with a legal obligation to which the Controller is subject;

      Due to the nature of the Services provided by Winglio (payment, financial services, share transfer), we are legally obligated to process, store, and, if needed, reproduce Personal Data pertaining to financial transactions made by the User if so requested by law enforcement agencies; financial regulators and other relevant regulatory authorities; government bodies; tax authorities; courts tribunals and complaints/dispute resolution bodies and other bodies as required by law or regulation if such a request has sound legal basis.

      Furthermore, we must process and store certain Personal Data because we are legally obligated to allow the User to exercise his or her rights under the GDPR.

    3. processing is necessary for the purposes of the legitimate interests pursued by the Controller;

      We collect your Personal Data for the following legitimate interests:

      • Provision of our financial products and Services;
      • Promotion of ideas and events relating to Services we provide;
      • Accuracy of User records;
      • Transparency of company ownership structure;
      • Maintenance of records of communications and management of your relationship with us;
      • To respond to your enquires;
      • To comply with any present or future law, rule, regulation, guidance, decision or directive (including those concerning anti-terrorism, fraud, anti-money laundering and anticorruption);
      • To carry out, in appropriate cases, KYC checks and other procedures that we undertake prior to you becoming a User;
      • Prevention and detection of fraud and other illegal activity or misconduct
      • For informing you about compliance with legal and regulatory obligations and provide related guidance.
    4. the User has given consent to the processing of his or her Personal Data for one or more specific purposes;

      Usually, this is the case when you request us to disclose your Personal Data to other people or organisations, or otherwise agree to disclosures.

      This is also the case when we process Biometric Data (e.g. Users’ passport or national ID) or other Personal Data declared as special category by GDPR, or when we send you marketing communications where we’ve asked for your consent to do so.

      This is also the case when we ask to collect your Personal Data while you browse our Website, all in accordance with our Cookie Policy.

  5. V. DURATION OF RETENTION OF PERSONAL DATA:

    Due to the sensitive nature of our Service (payment and financial services, transfer of company shares) we retain your Personal Data to protect our legitimate business interests and to meet legal obligations for a minimal period required by law, which in any case may be no shorter than 10 years after your User account closure, or after your User account has been deemed inactive.

    After this period has passed your Personal Data (will be automatically deleted, or/and deleted per your request).

  6. VI. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

    We may share your Personal Data with the following types of recipients:

    1. With companies in our business group, sub-contractors, third-party service providers and partners who provide data processing services to us, such as but not limited to payment processing, other payment and money withdrawal issues, legal and financial advisory services, IT-support, etc. All such parties are obligated to use your Personal Data in accordance with this our internal privacy Document, this Privacy Policy and our ToS.

    2. With any competent law enforcement body, regulatory authority, government agency, court of law or other third party where we believe disclosure is necessary

      1. as a matter of applicable law or regulation,
      2. to exercise, establish or defend our legal rights, or
      3. to protect your vital interests or those of any other person.
    3. With a potential or actual buyer (and its agents and advisers) in connection with any proposed or actual purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information solely for the purposes disclosed in this Privacy Policy.
    4. With any other person, such as Clients and Third Parties, with your consent for such disclosure.

    NOTE:

    Except as otherwise stated in this Privacy Policy, we generally do not sell, trade, rent or share Personal Data that we collect with third parties unless we have your consent to do so.

  7. VII. CLIENT AND THIRD PARTY INFORMATION

    During the provision of our Service, the User provides us with Personal Data regarding his/our Client (if the Client is a natural person).

    Should the User apply for Elite status, the User shall provide us with Personal Data regarding Thirds Persons (Referee 1 & 2, Witness)

    Both the User providing us with Client data, and the User applying for Elite status providing us with Third Persons data are contractually obligated to inform the Client/Third Person that their data shall be shared and processed by Winglio, and will provide them with the link to this Privacy Policy wherein they can find all the information about their Personal Data that is being Processed by Winglio, as well as their data privacy rights.

    Pursuant to applicable regulations, we provide Clients and Third Persons with the following information:

    1. identity and contact details of the data controller, representative and data protection officer

      Data controller – Here (I.)
      Representative – Here (XIII.)
      Data Protection Officer – Here (XIII.)

    2. purpose and legal basis for processing Personal Data:

      Purpose for processing – Here (II. 3. and 4.)
      Legal basis for processing – Here (III.)

    3. recipients or categories of recipients of Personal Data

      Recipients or categories of recipients – Here (V.)

    4. Period for which the Personal Data will be stored or criteria used to determine that period

      Period for which the Personal Data will be store – Here (IV.)

    5. when processing is based on the legitimate interests pursued by the controller or this party

      Legitimate interests of the controller – Here (III. c)

    6. Right to request controller access to, rectification and erasure of Personal Data and/or restriction of processing, right of data portability, right to lodge a complaint with a supervisory authority

      Data subject rights – Here (IX.)

    7. source of Personal Data – the source of Personal Data of third persons is always the User, either as the provider of Client data when using our Services, or the provider of Third Person data as a prospective Elite User.

  8. VIII. HOW WE PROTECT YOUR PERSONAL DATA?

    We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your Personal Data against loss, misuse, unauthorized access, disclosure, and alteration.  The security measures include firewalls, data encryption, physical access controls to our data centers, and information access authorization controls.  While we are dedicated to securing our systems and Services, you are responsible for securing and maintaining the privacy of your password(s) and Account/profile registration information and verifying that the Personal Data we maintain about you is accurate and current. 

    We do not store, transmit, or process any customer credit card information provided to us at any time during, or after the sale. Any payment information provided is transmitted to a 3rd party via a secured socket layer.

  9. IX. WHAT ARE YOUR DATA PROTECTION RIGHTS?

    You have the following data protection rights:

    1. To access, correct, update or request deletion of your personal information. You may do so by contacting us using the information in the "How To Contact Us" section below.
    2. To object to the processing of your personal information (which is processed on the grounds of legitimate interests), ask us to restrict processing of your personal information or request portability of your personal information. Again, you may do so by contacting us using the information in the "How To Contact Us" section below.
    3. To opt out of marketing communications we send you, at any time. You can exercise this right by clicking on the “unsubscribe/opt out” link in the marketing communications we send you or by contacting us using the information in the "How To Contact Us" section below.
    4. If we are processing your personal information with your consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted pursuant to lawful processing grounds other than consent. You may do so by contacting us using the details at "How To Contact Us" heading below.
    5. You have the right to file a complaint with a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
  10. X. AUTOMATED DATA PROCESSING

    We use automated data processing (automated decision making) to automatically provide our Users with certain opportunities, bonuses and amenities based on their use of the Service. Should certain conditions be met (as provided by the ToS), Winglio shall automatically send an e-mail to certain Users giving them an opportunity to access certain Winglio bonuses and amenities.

    Users are not under any obligation to accept these offers.

  11. XI. TRANSFERS OF YOUR PERSONAL DATA TO OTHER COUNTRIES

    A network of computers, cloud-based servers, and other infrastructure and information technology, including, but not limited to, third-party service providers supports our operations.  We and our third-party service providers store and process your Personal Data in the European Union.  We will protect your information as described in this Privacy Policy if your Personal Data is transferred to other countries.  By using our Website and Services, you consent to your Personal Data being transferred to other countries, including countries that have different data protection rules than your country. 

  12. XII. CHANGES TO THIS POLICY

    We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, in accordance with the significance of the changes we make. The revised Privacy Policy will be effective as of the published effective date. 

  13. XIII. CONTACT US

    You may contact us if you have general questions about our Privacy Policy and practices or questions about your Account information or Personal Data. 

    Winglio EU Representative:
    Bimosoft Limited
    18-19 College Green
    Dublin 2
    Republic of Ireland
    E-mail: datarepresentative@winglio.com

    Winglio Data Protection Officer:
    Bimosoft Corp.
    Level 2, Lot 19, Lazenda Commercial Centre, Phase 3,
    87007
    F.T Labuan,
    Malaysia
    E-mail: dataprotection@winglio.com