Last updated 27.03.2020

At Entify (hereinafter referred to as “we”) we value your privacy and take personal data protection really seriously. Without exceptions, we follow the principles of data processing set out in this privacy policy and we guarantee you no surprises. We consider integrity and confidentiality of personal data of utmost importance and guarantee lawfulness of personal data processing. The privacy policy explains how we collect and use personal data including in our website –

At any time, if you have a question regarding the data processing – please feel free to contact us!

You can find our contact details below.


    1. 1.1. personal data – means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
    2. 1.2. processing of personal data – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organizing, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
    3. 1.3. controller – means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
    4. 1.4. processor – means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
    5. 1.5. third party – means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data;
    6. 1.6. personal data breach – means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed;
    7. 1.7. data subject – person whose personal data is processed (e.g. website user or a contact person of a legal entity client).

    1. 2.1. Entify and the processors working for us, process personal data adhering to the following principles:
      1. 2.1.1. lawfulness, fairness and transparency – the processing is lawful, fair and transparent to the data subject;
      2. 2.1.2. purpose limitation – collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
      3. 2.1.3. data minimization – adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
      4. 2.1.4. accuracy – the personal data is accurate and up to date; we employ all reasonable measures to ensure that inaccurate personal data is deleted or corrected;
      5. 2.1.5. storage limitation – kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
      6. 2.1.6. integrity and confidentiality – processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.

    1. 3.1. Entify is a one-click full legal entity verification solution that ensures businesses have enough info on their potential partners or customers. Therefore, our clients are organizations that have asked Entify to run a KYB check on behalf of them on their potential partner or customer. To carry out those checks, Entify uses external registers, service providers and compiles information that is already public (e.g. legal entities have to declare ultimate beneficiary owner data; adverse media checks).
    2. 3.2. Entify shares the results of the abovementioned KYB check with client through a compiled report. Our client then decides how and if they want to proceed with the business relation with the potential partner or customer.
    3. 3.3. Entify runs KYB checks on legal entities and Entify processes business data (business-to-business relation) upon the request of our client. Entify does not exclude the possibility that to some extent, personal data shall be processed.
    4. 3.4. Entify provides private person verification solution in cooperation with our partner. We verify an identity and carry out checks. For example, when verifying the identity of a private person, we’ll ask for an image of their identity document as well as a picture or video of their face. As a result, we verify whether the identity document is likely to be genuine and whether the person in the photo or video is likely the same person pictured in the identity document. Our clients will receive a compiled report about the results of the private person verification.

    1. 4.1. Entify applies necessary, and appropriate organizational, physical and technological security measures (which also include regular back-ups and action logs) to protect personal data.
    2. 4.2. Entify has provided relevant training to all employees regarding processing of (personal) data.
    3. 4.3. Entify may use processors to process personal data, we ensure that all our processors act in accordance with our instructions, applicable law and apply all appropriate organizational and technological security measures.

    1. 5.1. Entify processes personal data to ensure performance of a contract, based on a consent or to comply with legal obligations. If we shall initiate additional processing of personal data, we shall ensure that this will be done on a lawful basis.
    2. 5.2. We process personal data to ensure performance of a contract when we have concluded a contract with our client. In such cases, the client of Entify is obligated to ensure that a lawful basis of processing is obtained.
    3. 5.3. Legal obligations of processing includes all personal data processing under relevant laws and regulations, for example: Employment Contracts Law, the Money Laundering and Terrorism Financing Prevention Act or the Accounting Act.
    4. 5.4. When processing personal data with consent as lawful basis, we only process specifically what data subject has consented to and on those purposes. The consent shall be freely given, specific and informed. Data subject can take back consent at any given time and as easily as it was given.

    1. 6.1. Taken into account the information provided in clause 3 of this Privacy Policy, Entify acts, in most cases, as a processor of personal data on behalf of our client. To ensure data subjects privacy rights Entify abides by confidentiality principles and strictly limits disclosure of personal data.
    2. 6.2. Only the persons authorized by Entify have the right to access, modify and process personal data.
    3. 6.3. Entify processes personal data received directly from the client or indirectly (through various external registers and service providers).

    1. 7.1. personal data that we process can be the following: first and last name, personal identification number (i.e. ID code), copy of identification document (e.g. ID-card, passport), graphic image and/or video of a person, data necessary to comply with the requirements arising from anti money laundering laws.
    2. 7.2. contact details that we process can be the following: email address, contact telephone number, postal address, place of residence.
    3. 7.3. Internet data that we process can be the following: data on website visitors’ sessions (anonymously), cookies, log data and IP addresses.

    1. 8.1. The purpose of processing the personal data is to:
      1. 8.1.1. provide one click legal entity verification solution, which could consist of the following actions:
        1. we verify, through our cooperation partner, whether the person is who they claim to be;
        2. we verify if a company exists and if it is active;
        3. we identify all the key individuals and associated legal entities;
        4. we identify the ownership structure of the legal entity;
        5. we run every associated entity through anti-money laundering watchlists.
      2. 8.1.2. to provide private person verification solution;
      3. 8.1.3. process purchase and sales invoices;
      4. 8.1.3. to improve the user experience on our website, application and to anonymously track the usage of webpage and/or application by users;
      5. 8.1.4. comply with legal obligations and activities resulting thereof.

    1. 9.1. Entify retains personal data only as long as this is necessary to fulfil the purpose for which the personal data is processed, unless there is an applicable legal obligation stating otherwise. As we are processing (personal) data based on the request of our client, once instructed by our client, either through our agreement with the client or through an ad hoc request, we delete the information we have collected.
    2. 9.2. Entify shall securely destroy and/or delete all personal data that has fulfilled its purpose or upon expiry of the retention term.

    1. 10.1. Strictly limited by necessity and pursuant to the purposes, Entify may forward personal data to third parties and use data processors for the following purposes:
      1. 10.1.1 for providing all-in-one full legal entity verification solution and in some cases, we need to use external partners (e.g. external registers) to reach the aforementioned goal;
      2. 10.1.1. for issuing sales invoices;
      3. 10.1.2 to provide private person verification solution;
      4. 10.1.3. for client relationship management;
      5. 10.1.4. to partners to improve the quality of our services.
    2. 10.2. Regardless of access restrictions, Entify shall release a personal data to a person who has the legal right to request personal data (e.g. police, court, supervisory authority, auditors etc).
    3. 10.3. Entify utilizes private person identity verification services provided by Onfido. Read more about Onfido’s collection and use of personal data in their privacy policy:

    1. 11.1. The data subject has the right to receive information regarding processing of their personal data. Data subject can obtain a copy of their personal data held by Entify by submitting a request via email to
    2. 11.2. Entify has a legal obligation to make sure that the person requesting information about themselves is indeed the person who has the right to receive the data. For this reason, requesters may have to prove their identity or their right to request the data.
    3. 11.3. The data subject has the right to deletion of personal data if the processing of personal data took place on the basis of consent.
    4. 11.4. The data subject has the right to restrict the processing of personal data.
    5. 11.5. Where feasible and possible, a data subject has the right to data portability.
    6. 11.6. The data subject has the right to lodge a complaint to the Data Protection Inspectorate regarding processing of personal data.
  12. 12. COOKIES

    1. 12.1. The website administered by Entify,, uses cookies to make the user experience on the website more convenient and the use thereof smoother.
    2. 12.2. A cookie is a small text file that a web browser automatically saves in the device used by the user.
    3. 12.3. We use cookies to gather anonymous and generalized statistics on the number of website visitors and information on how the website is used, in order to improve our websites user-friendliness.
    4. 12.4. It is possible to refuse or block cookies on the device, this may mean that the website may not function properly and all services may not be available. To refuse or block cookies you need to change your browser settings.

    1. 13.1. Privacy is important to Entify and we update this privacy policy regularly. The version published on Entify website is always the latest version.

    1. 14.1. If you have any issues, concerns or suggestions pertaining to the processing of personal data, contact us via the following contact details:

      KCPass OÜ

      Tina 9, Tallinn, Harju County