This Privacy Policy describes how Capture Capital OÜ (registry code 16075394, address Parda tn 8, 10151 Tallinn, Estonia) processes your Personal Data when you visit capture.ee or app.capture.ee and when you use any of the services provided by Capture Capital OÜ (“Capture”, “we”, “us”).
1. Contact Information
If you have any questions about this Privacy Policy or about the processing of your Personal Data, contact us at:
info@capture.ee
2. Definitions
Client – A legal person using Capture’s services.
User – Any individual visiting the Website or using the App.
Personal Data – Any information relating to an identified or identifiable natural person.
Controller – Capture Capital OÜ.
Processing – Any operation performed on Personal Data.
Website / App – capture.ee and app.capture.ee.
Services – All services provided by Capture, including:
• registered business address and virtual office service
• licensed contact person service
• company formation support
• notary-based company formation (Power of Attorney)
• e-Residency application guidance
• assistance with registry filings and amendments
• banking/fintech guidance
• document assistance (resolutions, minutes, PoA templates)
• mail handling (scanning and forwarding)
• support through email or other communication channels
3. Personal Data We Process
3.1. Data you provide when ordering services
To provide Services, Capture must collect and process Personal Data required by law and necessary for contractual performance. This includes:
• name
• Estonian personal identification code (including for e-residents)
• email address
• telephone number
• residential address
• citizenship
• payment information (processed only by our payment service providers)
3.2. Data required for AML/KYC purposes
For regulated services (address, contact person, formation), we are legally required to collect:
• beneficial owner information
• ownership/share structure
• identity document details
• AML/KYC questionnaires
• risk-assessment related information
• proof of address (if required)
3.3. Data required for company formation or filings
If you request formation or amendment services, we may process:
• company name and details
• articles of association
• registry filings and application data
• board member / shareholder information
• PoA information (for notary services)
• resolutions, minutes, or other company documents you provide
3.4. Data for e-Residency application guidance
If you purchase this service, we process:
• motivation text and supporting documents
• required identification information
3.5. Automatic data collected on the Website
When you browse the Website or use the App, we may collect:
• IP address (anonymised)
• browser type
• device information
• traffic data and usage patterns (through cookies and analytics tools)
3.6. Newsletter
If you subscribe, we process only your email address.
3.7. Payment data
Payment card information is processed exclusively by our payment partners and never stored by Capture.
4. Purposes and Legal Bases for Processing
4.1. Providing the Services
We process your Personal Data to:
• activate and maintain your chosen service package (Basic, Standard, Premium)
• verify your identity as required by law
• act as a licensed contact person
• provide registered address and mail services
• assist with company formation
• prepare documents (resolutions, minutes, PoA templates)
• assist with registry filings and amendments
• support notary-based formation when requested
• provide banking and fintech guidance
Legal basis:
• performance of a contract (GDPR Art. 6(1)(b))
• compliance with legal obligations (AML/KYC laws) (GDPR Art. 6(1)(c))
4.2. Improving the Website and Services
We analyze aggregated usage data (anonymized IP, traffic patterns) to improve our Website and Services.
Legal basis:
• legitimate interests (GDPR Art. 6(1)(f))
4.3. Customer support
We use your data to answer requests, assist with filings, resolve issues, and provide administrative communication.
4.4. Marketing (newsletter)
Only with your explicit consent.
4.5. AML/KYC obligations
Capture is required by law to perform identity verification, risk assessments, and ongoing monitoring.
5. Recipients of Personal Data
We may share Personal Data with trusted third parties as necessary to provide Services:
5.1. Categories of recipients
• Accounting and legal subcontractors
• Identity verification (KYC) service providers
• Estonian Business Register / Commercial Registry
• Notaries (when notary-based formation is requested)
• IT and hosting providers
• CRM and communication tools
• Payment service providers
• Analytics and marketing tools (cookies-based, anonymized)
5.2. Banking and fintech guidance
Capture does not send your Personal Data to banks or fintech companies unless you explicitly request this in writing.
Our default service is advisory-only.
5.3. Third countries
If data is transferred outside the EU, it is done only via GDPR-compliant mechanisms or EU data centres.
5.4. Law enforcement and regulators
We may disclose data when required by law.
6. Cookies and Tracking Technologies
We use:
• Necessary cookies
• Preference cookies
• Analytics/statistical cookies
• Marketing cookies
Cookies do not identify you personally; IP addresses are anonymized.
Partners include:
• Google Analytics
• Facebook/Meta Ads
• Hotjar
You may delete cookies from your browser at any time.
7. Data Retention
7.1. AML/KYC data
Stored for 5 years after the end of the business relationship (legal obligation).
7.2. Other service-related data
Kept for a reasonable period for backups, fraud prevention, and legal protection. Non-required data is deleted 6 months after receipt.
7.3. Newsletter data
Stored until you unsubscribe.
8. Your Rights
You have the right to:
• access your Personal Data
• rectify inaccurate data
• request erasure (in cases allowed by law)
• object to processing based on legitimate interests
• restrict processing
• data portability (where technically feasible)
• withdraw consent (for newsletter or cookies)
• lodge a complaint with the Estonian Data Protection Inspectorate
Requests are processed within 30 days (extendable to 60 days if necessary).
9. Security Measures
Capture implements industry-standard technical and organizational measures, including:
• SSL encryption
• secure servers, firewalls, and password protection
• pseudonymisation where appropriate
• limited-access control
• secure storage and trusted service providers
• incident notification within 72 hours where required
10. Amendments
This Privacy Policy may be updated periodically. The latest version is always available on our Website. Clients will be notified of significant changes.