Privacy Policy

  1. The controller of personal data is AS Redgate Capital, registry code 11532616, legal address Pärnu mnt. 10, Tallinn 10148, e-mail:, (the Controller).
  2. The objective of this Policy is to describe how AS Redgate Capital processes the personal data of clients and investors, incl. those of the data subjects specified in the Personal Data Protection Act. For the purposes of this Policy, a data subject means a natural person who uses or has expressed their wish to start using the services of AS Redgate Capital or obtain information from AS Redgate Capital. When establishing a business relationship with the Controller, the data subject grants their consent for the processing of their data. The consent for processing personal data has been granted for the personal data of data subjects received by the Controller from the data subjects as well as for the personal data of data subjects received by the Controller from third parties. The Privacy Policy also applies to the business relationships of the Controller and data subjects that have been established prior to entry into force of this Policy.
  3. The Controller needs certain personal data for the provision of services or communication of information. Such data are collected from the following sources:
    1. data given by the data subject themselves;
    2. data received in the course of transactions arranged or advised by the Controller if the data subject has been a party to the transaction;
    3. data about data subjects obtained from public registers or other similar reliable sources.
  4. The Controller may process (among other things, collect, store and transfer) the following personal data of data subjects:
    1. name;
    2. personal identification code;
    3. contact details;
    4. number and period of validity of identity document;
    5. education and occupation;
    6. general data about the person’s assets, liabilities and investment knowledge, experience and expertise if the person has given such data to the Controller.
  5. The Controller processes the personal data of data subjects to provide services or communicate information to data subjects. Clients are required to immediately inform the Controller of any changes in their data and circumstances in comparison to the data specified in the documents submitted.
  6. The Controller will not transfer any personal data relating to data subjects to any third parties, unless such a right or an obligation arises from law or the specific client relationship.
  7. Data subjects have all the rights arising from the Personal Data Protection Act in connection with their personal data. Among other things, data subjects are entitled to receive from the Controller personal data relating to them and request that incorrect personal data be rectified and that their personal data no longer be processed. Data subjects also have the right to address the Controller and the right of recourse to the Data Protection Inspectorate or court if they find that the processing of personal data violates their rights and interests on the basis of the applicable law. The website of the Data Protection Inspectorate can be found at
  8. Data subjects must submit all requests concerning their personal data to the Controller in writing, signing these at the branch of the Controller and submitting an identity document to enable the identity of the data subject to be established or sending a digitally signed request to the e-mail address of the Controller. The Controller will review the request within five working days, unless there is a good reason for the application of a longer term.
  9. The Controller has the right to unilaterally amend this Privacy Policy, notifying the clients of the amendments on the Controller’s website or in another manner (e.g. by e-mail) at least 30 days prior to entry into force of the amendments.