Legal Information

1. TERMS AND DEFINITIONS

1.1. Banking Day – a day (other than a Saturday or Sunday) on which banks are open for general business in the Republic of Estonia.

1.2. Complaints Procedure – a detailed complaint-handling process available at the Creditor’s Website, which explains how the Customer can submit a complaint and the process of handling a complaint by the Creditor.

1.3. Credit Agreement – a credit agreement concluded between the Customer and the Creditor.

1.4. Credit Application – an application submitted by the Customer to the Creditor via the Portal which contains all relevant information and documents for the Creditor to make an offer to enter into a Credit Agreement.

1.5. Creditor - Bondora AS, with Estonian Business Register registry code 11483929, and postal address A.H. Tammsaare tee 56, 11316 Tallinn, Estonia.

1.6. Creditor's Website – Creditor’s website available at www.bondora.ee.

1.7. Customer – a person who is using, has used or has expressed intent to use the services provided by the Creditor.

1.8. Payment Schedule – a payment schedule of the Credit Agreement, including principal amount, interest and other additional costs.

1.9. Portal – a service accessible via the Creditor’s Website and managed by the Creditor, via which the Customer can request to use or use the services provided by the Creditor.

1.10. Portal Account – a virtual account created for the Customer on the Portal and managed by the Creditor, which is linked to the Customer’s Reference Number and through which the Customer makes payments to the Creditor. The Portal Account keeps records of transactions made on the Customer's Portal Account, including claims and liabilities.

1.11. Price List – a list of fees applicable to the Creditor’s services available at the Creditor’s Website.

1.12. Privacy Policy – terms and conditions regarding the processing of the Customer’s personal data.

1.13. Reference Number – a personalised number to identify the Customer when making payments via the Portal Account.

1.14. User Agreement – an agreement that regulates the relationship between the Customer and the Creditor in relation to the Portal and Portal Account.

1.16. Portal Account – a virtual account created for the User on the Portal and managed by the Lender, which is linked to the User's individual Reference Number and through which the User makes payments to the Lender. The Portal Account keeps records of transactions made on the User's Portal, including Claims and liabilities.

1.17. Fees – service fees applicable to Users, which are presented in the Price List published on the Portal and on the Lender's Webpage.

1.18. Reference Number – a personalized number to identify the User when making payments to the Portal Account.

1.19. General Conditions – General Conditions of the Loan Agreement, which are published on the Portal.

2. GENERAL PROVISIONS

2.1. These Terms of Use shall apply to all activities and actions taken by the Creditor and the Customer in connection with the Portal and Portal Account. These Terms of Use shall also apply to all Credit Agreements, or any other agreements concluded between the Creditor and the Customer.

2.2. These Terms of Use shall form an integral part of the User Agreement concluded between the Customer and the Creditor. The User Agreement is deemed to be concluded between the Customer and the Creditor upon the registration of the Customer as the user of the Portal as prescribed by Section 3 of these Terms of Use. The User Agreement regulates the rights and obligations of the Creditor and the Customer in relation to the Portal and Portal Account.

2.3. Under the User Agreement, the Creditor grants the Customer access to the Portal and the Customer’s Portal Account. Under the User Agreement and via the Portal Account, the Customer may at any point in time subscribe to additional services offered by the Creditor, including, but not limited to:

• 2.3.1. B Secure service;
• 2.3.2. B Secure+ service;
• 2.3.3. B On Track service.

Terms and conditions of these services shall be available on the Creditor’s Website and the fees applicable to the services shall be available on the Price List.

2.4. In addition to these Terms of Use, the relationship between the Creditor and the Customer is regulated by the applicable legislation and the Credit Agreement(s) or other agreements concluded between the Creditor and the Customer. In the event of any ambiguity or conflict between these Terms of Use and the Credit Agreement(s) or any other agreement, the provisions of the Credit Agreement(s) shall prevail.

2.5. These Terms of Use, Credit Agreement(s), Price List, and other relevant information and documents are available to the Customer at any time free of charge on the Creditor's Website and/or the Portal.

3. REGISTRATION OF THE CUSTOMER

3.1. In order to use the services provided by the Creditor, a person must register as a user of the Portal. Registration as a user of the Portal is free of charge.

3.2. Upon registration, a Portal Account will be created for the Customer and the Customer becomes entitled, inter alia, to submit Credit Application(s), enter into Credit Agreements and apply for the use of other services offered by the Creditor.

3.3. Upon registration, the Customer shall agree to the terms and conditions of the Terms of Use. By agreeing to the terms and conditions of the Terms of Use, the Customer also represents and warrants that:

• 3.3.1. they are a natural person with full legal capacity, and at least 18 years old;
• 3.3.2. they have examined, understood and undertake to comply with the Terms of Use when using the services provided by the Creditor;
• 3.3.3. they agree that the Creditor will process their personal data in accordance with the Privacy Policy.

3.4. The User Agreement between the Creditor and the User shall be deemed concluded under the Terms of Use immediately after the Customer has completed the registration procedure described in this Section. The User Agreement is concluded for an unspecified term.

4. IDENTIFICATION OF THE CUSTOMER AND SUBMISSION OF THE CUSTOMER’S INFORMATION

4.1. The Customer shall submit the information and documents requested by the Creditor for identification of the Customer. The identification of the Customer is a prerequisite for the Customer to submit a Credit Application and conclude a Credit Agreement.

4.2. The Customer shall be identified on the basis of personal identification documents that are in accordance with legislation and accepted by the Creditor. During the identification procedure, the Customer may be required to submit additional documents in order to be identified in accordance with the requirements for the prevention of money laundering and terrorist financing.

4.3. If the applicable law does not require additional identification in accordance with Section 4.2 of the Terms of Use, the Customer shall be identified prior to any act or declaration of intent having legal consequences by one or several of the following identification methods:

• 4.3.1. the Customer’s unique username and password for the Portal;
• 4.3.2. identification by means of a unique PIN code sent to the Customer's phone number; and/or
• 4.3.3. identification in another manner that is consistent with the applicable legislation and deemed sufficient by the Creditor.

4.4. The Creditor shall assume that the documents and information submitted by the Customer are authentic, valid, and correct. If the Creditor has doubts about the accuracy, authenticity and/or validness of the documents and/or information presented by the Customer, the Creditor may ask the Customer to clarify the data, provide additional information or documents, or repeat the identification process if necessary.

4.5. Information and documents obtained about the Customer are stored as personal data in accordance with the Creditor's Privacy Policy.

4.6. Any person who logs into the Portal or confirms operations via the Portal with the Customer's data is deemed to be that Customer unless the Creditor has been notified otherwise. The Customer shall notify the Creditor immediately if the Customer’s data or means of accessing the Portal have been lost or come into the possession of a third party.

5. GENERAL OBLIGATIONS OF THE CUSTOMER

5.1. The Customer undertakes:

• 5.1.1. not to use the Portal for illegal transactions or acts, including fraud, money laundering, terrorist financing, etc.;
• 5.1.2. to provide the Creditor only with true, complete, and non-misleading information and not to conceal any information that may be relevant to the Creditor;
• 5.1.3. to notify the Creditor immediately, but no later than within 5 (five) Banking Days, of any changes in the information and/or documents provided to the Creditor;
• 5.1.4. to notify the Creditor immediately, but no later than within 5 (five) Banking Days, of any circumstances that affect or may affect the Customer's ability to perform the obligations arising from the agreements concluded between the Creditor and the Customer, in particular, the Credit Agreement(s);
• 5.1.5. to keep the data and means (e.g., mobile phone) necessary for logging into the Portal or for identification, including identity documents, passwords, and usernames, so that they do not fall into the possession of any third parties;
• 5.1.6. to notify the Creditor immediately, but no later than within 5 (five) Banking Days, if the data or means specified in Section 5.1.5 of the Terms of Use fall into the possession of a third party;
• 5.1.7. to respect the Creditor's intellectual property rights. The Creditor's Website and the Portal and its contents are the personal property of the Creditor, which the Customer is entitled to use only for personal purposes in connection with the use of the Portal's services;
• 5.1.8. to provide additional documents and information at the request of the Creditor if it is necessary for the assessment of the Customer’s creditworthiness, performance of agreements concluded between the Customer and the Creditor and/or in order to comply with the legal provisions deriving from the applicable law, including but not limited to compliance with the "Know Your Customer" principle under the applicable money laundering and terrorist financing prevention law(s), or information on the origin of the Customer’s assets and/or the person making on behalf of the Customer;
• 5.1.9. to behave prudently and respectfully when using the Portal.

6. 6. EXCHANGE OF INFORMATION BETWEEN THE CREDITOR AND THE CUSTOMER

6.1. The Creditor shall forward information to the Customer via the Portal, its website, e-mail, telephone or by registered post. The Customer shall forward information to the Creditor via the Portal, e-mail or by any other agreed manner. The Creditor’s contact details are published on the Portal and the Creditor’s Website.

6.2. Information sent from one party shall be considered as received by the other when the period usually necessary for sending information through the corresponding means of communication has passed. In a case of doubt, information sent by the other party shall be considered as received:

• 6.2.1. in the case of personal delivery against signature, when delivered;
• 6.2.2. in the case of sending via the Portal, contact form on the Creditor’s Website, by email, or in another format that can be reproduced in writing, 2 (two) calendar days after the sending;
• 6.2.3. in the case of postage to a destination in the country of dispatch, 5 (five) calendar days after the posting of the registered post; and
• 6.2.4. in the case of postage to a destination outside the country of dispatch, 7 (seven) calendar days after the posting of the registered post.

6.3. The Customer shall immediately notify the Creditor of any and all data and circumstances that have changed compared to the data set forth in the Portal and documents submitted to the Creditor, including but not limited to changes in personal, bank or contact details. The Creditor shall assume the correctness and accuracy of the Customer’s data at the Creditor’s disposal.

6.4. If information, that the Customer can expect to receive or which the Customer and the Creditor have agreed to send, does not reach the Customer, the Customer shall notify the Creditor immediately, but no later than within 3 (three) calendar days after the expected date of receipt.

6.5. The Customer shall immediately verify the correctness and/or accuracy of the information received from the Creditor and submit their objections to the Creditor immediately after receipt of the information.

7. FEES, FUNDS AND THE PRICE LIST

7.1. The Customer shall pay the Creditor fees for the services established in the Price List and/or the Credit Agreement(s) and/or the User Agreement and/or in any other agreements concluded between the Customer and the Creditor.

7.2. In addition to the fees specified in the Price List and/or in the agreements concluded between the Creditor and the Customer, the Customer must cover all other costs of the Creditor that arise from the acts and operations performed in the interest of the Customer and the costs relating to the recovery of the claims which have fallen due (including legal costs, court expenses, and other reasonable costs associated with the debt collection) in accordance with the requirements of the applicable law.

7.3. The Customer shall have a sufficient amount of funds on their Portal Account on or before the due date of payment. If the due date of payment falls to a day that is not Banking Day, the Customer agrees that the due date is deemed to have arrived on the same non-Banking Day.

7.4. In order to transfer funds to the Portal Account, the Customer is provided with a Reference Number. The Customer shall transfer funds to their Portal Account by making a bank transfer to the bank account specified by the Creditor or by using a payment link available on the Portal. If the Customer transfers funds by making a bank transfer to the bank account specified by the Creditor, the Customer shall state their Reference Number in their payment order.

7.5. If there are insufficient funds on the Customer’s Portal Account to cover all Customer’s fees fallen due, the Creditor may use the funds to cover first the fees fallen due relating to the services provided in relation to the Portal Account, such as the fees fallen due under the User Agreement, and second, to cover fees fallen due under any Credit Agreement(s).

7.6. The Creditor shall not be liable for any consequences or damages resulting from the Customer not stating their Reference Number or using an erroneous Reference Number, e.g. consequences or damages arising due to any payment owed by the Customer to the Creditor not being paid on time.

7.7. The Customer is obliged to notify the Creditor immediately when the funds transferred to the bank account specified by the Creditor have not arrived on the balance of the Customer’s Portal Account, as well as if an unfamiliar payment has arrived on the balance of the Customer’s Portal Account. The Customer is prohibited from disposing or using the unfamiliar payment in any manner for their own or any third party’s benefit.

7.8. The Customer is responsible for paying any additional costs that may arise in relation to the performance of the Customer’s obligations under any agreement between the Customer and the Creditor, such as bank transaction fees associated with the transfer of funds to the Portal Account.

8. CREDIT APPLICATION AND CREDITWORTHINESS ASSESSMENT

8.1. The Customer can submit a Credit Application to the Creditor via the Portal once the Customer has identified themselves in accordance with Section 4 of the Terms of Use.

8.2. The Creditor shall assess the Customer's creditworthiness on the basis of the information and documents submitted by the Customer and the information obtained from public databases or other sources. All information on and about the Customer is obtained in accordance with the relevant data protection regulations under the applicable law.

8.3. The Credit Application is not binding to the Customer. The Customer can withdraw the Credit Application at any time prior to concluding the Credit Agreement without giving any reasons.

9. CREDIT DECISION AND CONCLUSION OF THE CREDIT AGREEMENT

9.1. Following the submission of the Credit Application, the Creditor has the right to make one of the following credit decisions:

• 9.1.1. accept the Credit Application;
• 9.1.2. reject the Credit Application; or
• 9.1.3. make a counteroffer and accept the amended credit offer.

9.2. The Creditor makes a credit decision and notifies the Customer thereof immediately, but no later than within 2 (two) Banking Days after the receipt of all the required information and documents. The Creditor is not obliged to justify the credit decision unless it rejects the Credit Application on the basis of information obtained from a public database. In this case, the Creditor shall inform the Customer of the results of such inquiries.

9.3. Prior to the conclusion of a Credit Agreement, the Creditor will provide the Customer with a draft of the Credit Agreement, pre-contractual information (including Standard European Consumer Credit Information Sheet) and the Payment Schedule. All this information and/or documents will be available to the Customer on their Portal Account at any time during the term of the Credit Agreement.

10. VIOLATIONS OF THE USER AGREEMENT AND RESTRICTIONS OF THE CUSTOMER’S RIGHT TO USE THE PORTAL

10.1. The Customer shall perform their obligations arising from the User Agreement duly, reasonably, in good faith.

10.2. The Customer shall be responsible for the non-performance or inappropriate performance of their obligations under the User Agreement. The Customer shall be liable for any damage caused to the Creditor or any third parties.

10.3. The Creditor has the right to cancel or restrict the Customer’s access to the Portal and/or to the Portal Account if the Customer violates its obligations under a Credit Agreement or the User Agreement, in particular if:

• 10.3.1. the Creditor has reasonable suspicion the Customer is using or will use the Portal for illegal transactions or acts, including fraud, money laundering, terrorist financing, or otherwise in conflict with the applicable money laundering and terrorist financing prevention law(s);
• 10.3.2. the Customer provides the Creditor with false, incomplete, and/or misleading information or conceals any information that may be relevant to the Creditor;
• 10.3.3. the Customer refuses to identify themselves or submit additional documents requested by the Creditor in order to identify the Customer;
• 10.3.4. the Creditor has reasonable suspicion the Customer has implemented or implements automated software for the use of the Portal and for the automated collection of data from the Portal without the Creditor’s prior consent (such means may include, inter alia, data harvesting bots, spider robots, scrapers, and other automated tools or programs) or if the Customer implements any other means or methods to delimit the Portal data or content or otherwise influence the Portal’s working processes;
• 10.3.5. the Customer does not respect the Creditor's intellectual property rights; or
• 10.3.6. the Customer acts in any other way that is illegal or disrespectful towards the Creditor.

10.4. Upon the violations prescribed in Section 10.3.1 to 10.3.6 of these Terms of Use, the Creditor may close the Customer’s Portal Account without further notice. The closing of the Customer’s Portal Account shall not exempt the Customer from its obligations, financial or otherwise, under any Credit Agreement(s), User Agreement or any other agreement concluded between the Customer and the Creditor.

10.5. The Customer may close their Portal Account on the Portal only if the Customer has fulfilled all their obligations, financial or otherwise, with respect to the Creditor.

10.6. The Creditor reserves the right to close the Customer’s Portal Account if the Customer has not used their Portal Account for 6 (six) months and either party has no active financial obligations associated with the Portal Account.

10.7. Upon closure of the Customer’s Portal Account, the Creditor has no obligation to store, maintain or disclose to the Customer information related to the transactions and actions performed by the Customer on the Portal Account, unless such obligation arises from the applicable law.

11. THE CREDITOR’S RESPONSIBILITIES

11.1. The Creditor may restrict the Customer's access to the Portal for the purposes of doing maintenance and repairs. The Creditor shall not be liable for any potential damage resulting from the restriction of access and consequent interruptions to the services.

11.2. The Creditor shall not be liable for indirect damages caused to the Customer.

11.3. The Creditor shall not be liable for the damages caused to the Customer or any third party by the Customer failing to perform the notification obligations stipulated in Sections 5.1.3, 5.1.4 and 5.1.6 of the Terms of Use.

12. AMENDMENTS

12.1. The Creditor reserves the right to unilaterally amend the Terms of Use and Price List. The Creditor notifies the Customer of any amendments to the Terms of Use and/or Price List via the Portal, e-mail and/or the Creditor’s Website at least 30 (thirty) calendar days in advance prior to the entry into force of such amendments, unless otherwise provided by the applicable law.

12.2. The Creditor reserves the right to unilaterally amend the Terms of Use and Price List without prior notice if the amendment results in a reduction in the fees of the Creditor’s services, terms and conditions that are more favorable to the Customer or at the addition of new services to the Terms of Use or Price List. The Creditor also reserves the right to unilaterally amend the Terms of Use or Price List without prior notice due to legislative changes or court order, and if it is necessary to immediately comply with those changes or the court order. In such events, the Creditor immediately notifies the Customer of the amendments on the Portal, via e-mail and/or the Creditor’s Website and/or any other reasonable manner, and the amendments shall take effect upon publication of the relevant notice.

12.3. The Creditor reserves the right to unilaterally amend the Terms of Use and Price List without prior notice if the amendment does not alter the rights and obligations of the parties, e.g. grammatical changes or corrections.

12.4. If the Customer does not agree to the amendments, the Customer has the right to terminate the respective agreement with the Creditor by giving notice to the Creditor via the Portal within 30 (thirty) calendar days and by performing all their obligations under the respective agreement. The respective agreement shall be deemed not to have terminated if the Customer fails to perform all their obligations within 30 (thirty) days after receiving the notification of the amendments. If the Customer does not exercise the right to terminate the respective agreement in accordance with this section, the Customer is deemed to have accepted the amendments made and shall have no claims against the Creditor arising from the amendments made to the Terms of Use and/or Price List.

13. GOVERNING LAW AND DISPUTE RESOLUTION

13.1. The legislation in force in the Republic of Estonia applies to these Terms of Use and other agreements entered into between the Creditor and the Customer, unless stated otherwise.

13.2. Any disputes between the Creditor and the Customer arising out of or in connection with the Terms of Use, Credit Agreements or other agreements concluded between the Creditor and the Customer shall be settled by negotiations, taking into account the Complaints Procedure in force at that time and published on the Creditor's Website. In addition, the Customer has the right to apply to a competent out-of-court body or to the authority supervising the Creditor under the laws of the Republic of Estonia. A dispute that the parties are unable to resolve through amicable negotiations within a reasonable period of time shall be settled in the competent court of the Republic of Estonia, including if the Customer takes up residence abroad following the entry into force of the User Agreement or if the place of residence of the Customer is unknown at the time of filing an action.

14. MISCELLANEOUS

14.1. In the event of insolvency of the Creditor, the conclusion of new Credit Agreement(s) is terminated immediately. Insolvency of the Creditor shall not affect the validity of the agreements already concluded between the Creditor and the Customer.

14.2. The Creditor is supervised by:

• 14.2.1. Estonian Financial Supervision and Resolution Authority (Finantsinspektsioon) (address: Sakala 4, 15030 Tallinn, email: [email protected], webpage: www.fi.ee);
• 14.2.2. Estonian Consumer Protection and Technical Regulatory Authority (address: Endla 10a, 10142 Tallinn, email: [email protected], webpage: www.ttja.ee);
• 14.2.3. Estonian Data Protection Inspectorate (address: Tatari 39, 10134 Tallinn, email: [email protected], webpage: www.aki.ee).

1. TERMS AND DEFINITIONS

1.1. Special Conditions – Special Terms and Conditions of the Loan Agreement.

1.2. Interest – fee paid by the Borrower to the Lender for the use of the Loan Amount.

1.3. User – a natural person who is a party to a valid User Agreement or other agreement concluded with the Lender.

1.4. User Agreement – an agreement concluded between the User and the Lender under the Terms of Use, on the basis of which the User can use the Portal and on the basis of which the Lender provides services to the User through the Portal. The User Agreement is deemed concluded between the User and the Lender at the moment of accepting the Terms of Use.

1.5. Terms of Use - these Bondora Terms of Use.

1.6. Loan or Loan Agreement – a Loan Agreement concluded between the Borrower and the Lender via the Portal.

1.7. Lender or Bondora – Bondora AS, Estonian registry code 11483929, postal address A.H. Tammsaare tee 56, 11316 Tallinn, Estonia.

1.8. Lender's Webpage – www.bondora.ee

1.9. Loan Amount – the amount that the Lender makes available to the Borrower under the Loan Agreement.

1.10. Loan Application – a Borrower's application with all the information and documents that the Borrower has submitted to the Lender on the Portal to receive an offer to enter into a Loan Agreement.

1.11. Borrower – a User who has submitted a Loan Application to the Lender and/or who has entered into a Loan Agreement with the Lender.

1.12. Maximum Loan Amount – the maximum value of the principal amount of the Loan Agreement, to the extent of which the Lender can enter into a Loan Agreement with the Borrower.

1.13. Claim – a financial claim against the Borrower arising from the Loan Agreement.

1.14. Banking Day – a working day, i.e., a day that is not a Saturday, Sunday, national holiday or public holiday in the Republic of Estonia.

1.15. Portal – an e-service environment located on the Internet at www.bondora.ee and managed by the Lender, via which Users can request or use the services provided by the Lender.

1.16. Portal Account – a virtual account created for the User on the Portal and managed by the Lender, which is linked to the User's individual Reference Number and through which the User makes payments to the Lender. The Portal Account keeps records of transactions made on the User's Portal, including Claims and liabilities.

1.17. Fees – service fees applicable to Users, which are presented in the Price List published on the Portal and on the Lender's Webpage.

1.18. Reference Number – a personalized number to identify the User when making payments to the Portal Account.

1.19. General Conditions – General Conditions of the Loan Agreement, which are published on the Portal.

2. GENERAL PART

2.1. The Terms of Use determine the relationship between the Lender and the User in relation to the services provided by the Lender to the User and the basic conditions of the provision of the services.

2.2. The Terms of Use are an integral part of all User and other agreements concluded between the User and the Lender via the Portal. The Terms of Use become binding on the User after concluding the User Agreement in accordance with Clause 3.4.

2.3. In addition to the Terms of Use, the relationship between the Lender and the User is regulated by the applicable legislation and the Loan Agreement(s) or other agreements concluded between the Lender and the User. In the event of a conflict between the Terms of Use and the Loan Agreement or any other agreement, the Loan Agreement or any other agreement concluded between the Lender and the User shall prevail.

2.4. The Terms of Use, the General Conditions of the Loan Agreement, the Price List and other relevant information and documents are available to the User at any time free of charge on the Lender's Webpage and/or the Portal.

3. USER REGISTRATION

3.1. In order to enter the Portal and use the services provided by the Lender through the Portal, a person must register as a User of the Portal. Upon registration as a User of the Portal, a person becomes entitled, inter alia, to submit Loan Applications and enter into Loan Agreements and to apply for the use of other services offered by the Lender and to enter into relevant agreements.

3.2. To use the Portal, a person must register his/her email address on the Lender's Webpage. To confirm the email address, the person must log into the Portal using the temporary password created by the Portal.

3.3. By agreeing to the Terms of Use when registering as a User of the Portal, the User represents and warrants that:

• 3.3.1. he/she has examined, understood and undertakes to comply with the Terms of Use when using the services provided through the Portal;
• 3.3.2. he/she agrees that the Lender will process his/her personal data in accordance with the Privacy Policy;
• 3.3.3. he/she is a natural person with passive and active legal capacity and at least 18 years of age;
• 3.3.4. his/her permanent or primary place of residence is the Republic of Estonia;
• 3.3.5. he/she is not a politically exposed person or a family member or close associate of a politically exposed person;
• 3.3.6. he/she is not subject to an international financial sanction;
• 3.3.7. his/her judgment has not been adversely affected by a material error, unlawful threat, violence or other circumstance.

3.4. The User Agreement between the Lender and the User shall be deemed concluded under the Terms of Use immediately after all the conditions set forth in Clauses 3.2 and 3.3 have been met. The User Agreement is concluded for an unspecified term.

3.5. As a confirmation of the conclusion of the User Agreement, the User will have access to the Portal. The concluded User Agreement is available to the User free of charge on the Portal at any time.

4. USER IDENTIFICATION

4.1. To log into the Portal, the User must enter his/her Portal username and password.

4.2. Prior to the conclusion of the first Loan Agreement, the User must identify himself/herself as follows:

• 4.2.1. by making a bank transfer from a bank account opened in his/her name with a credit institution which has its place of business in a contracting state of the European Economic Area, either directly from that bank account or using any other alternative accepted by the Lender (e.g., identification via ID card or Mobile ID); and
• 4.2.2. by submitting all documents required by the Lender to identify the User in accordance with the requirements for the prevention of money laundering and terrorist financing.

4.3. If the applicable law does not require identification in accordance with Clause 4.2, the User shall be identified prior to any act or transaction having legal consequences (e.g. before concluding a Loan Agreement or making a withdrawal application) by one of the following identification methods, at the User's choice:

• 4.3.1. the unique username and password of the Portal chosen by the User;
• 4.3.2. mobile identification by means of a unique PIN code sent to the User's mobile number; or
• 4.3.3. identification in another manner which is consistent with the applicable legislation and deemed sufficient by the Lender.

4.4. Upon identification of the User, the Lender is not limited to Clauses 4.1 to 4.3 and the Lender has the right to unilaterally change the identification procedure at any time, including the use of other identification methods permitted by law. If the Lender has doubts about the accuracy of the User's data, the Lender may ask the User to clarify the data, provide additional information or documents, or repeat the identification process if necessary. The Lender considers the refusal to identify or submit additional documents by the User to be a material breach of the User Agreement and this is the basis for cancellation of the User or other agreement in accordance with Clause 11.3.1.

4.5. Data obtained during the identification process, such as name, personal identification code, bank account number, residential address etc., are stored as personal data in accordance with the Lender's Privacy Policy.

4.6. Any person who logs into the Portal with the User's data (e.g., username and password) or uses the User's registered email address or telephone number to confirm operations via the Portal is deemed by the Lender to be the User, unless the Lender has been notified that such data or means (e.g., mobile phone) have come into the possession of a third party and this fact has been proven by the User.

5. GENERAL OBLIGATIONS OF USER

5.1. The User undertakes:

• 5.1.1. not to use the Portal for illegal transactions or acts, including fraud, money laundering, terrorist financing, etc.;
• 5.1.2. to provide the Lender only with true, complete and non-misleading information and not to conceal any information that may be relevant to the Lender;
• 5.1.3. notify the Lender immediately, but no later than within five (5) Banking Days, of any changes in the information and/or documents provided to the Lender;
• 5.1.4. notify the Lender immediately, but no later than within five (5) Banking Days, of any circumstances that affect or may affect the User's ability to perform the obligations arising from the agreements concluded between the Lender and the User, in particular the Loan Agreements;
• 5.1.5. keep the data and means (e.g., mobile phone) required necessary for logging into the Portal or for identification, including ID card, passwords and usernames, so that they do not fall into the possession of any third parties;
• 5.1.6. notify the Lender immediately, but no later than within five (5) days, if the data or means specified in Clause 5.1.5 fall into the possession of a third party;
• 5.1.7. respect the Lender's intellectual property rights. The Lender's Webpage and the Portal and its contents are the personal property of the Lender, which the User is entitled to use only for personal purposes in connection with the use of the Portal's services;
• 5.1.8. provide additional documents and information at the request of the Lender if it is necessary for performance of the agreements concluded with the client and/or for compliance with the Lender's legal obligations (e.g., compliance with the "Know Your Customer" principle under the Money Laundering and Terrorist Financing Prevention Act, or information on the origin of the property of the client and/or the person making repayments of the Loan, etc.);
• 5.1.9. behave prudently and respectfully when using the Portal.

5.2. If the User fails to fulfill the obligation specified in Clause 5.1.3, the Lender has the right to assume that the information and documents previously provided by the User are correct, unless the User notifies otherwise.

6. EXCHANGE OF INFORMATION

6.1. The contact details and methods for sending notices to the Lender are published on the Lender's Webpage. The Lender is not obliged to give a separate notice to the User of any changes in the contact details, unless otherwise agreed in the Terms of Use or other concluded agreements and/or required by law.

6.2. Notices between the User and the Lender shall be sent in the same language as the Terms of Use and shall be sent to the recipient via the Portal, unless otherwise agreed in the Terms of Use or other concluded agreements and/or required by law. The Lender is not limited to using the Portal to transmit notices.

6.3. If a notice between the User and the Lender has to be sent to the recipient by email or post, it will be sent to the contact details communicated by the recipient to the other Party via the Portal, by email or post.

6.4. The User undertakes to update his/her contact details immediately on the Portal or, if it is not possible to change the respective contact details on the Portal, to notify the Lender immediately of any changes in the contact details. The Lender has the right to proceed from the data of the population register, commercial register or other official register regarding the data of the User's residential address. This does not release the User from the notification obligations to the Lender in accordance with Clause 5.1.3 if his/her residential address has changed. If the User fails to notify the Lender of any change in his/her contact details, he/she shall bear the associated risks.

6.5. A notice sent to the correct contact details of the other Party is considered received:

• 6.5.1. in the case of personal delivery against signature, when delivered;
• 6.5.2. in the case of sending via the Portal, by email or in another format which can be reproduced in writing, three (3) days after the sending;
• 6.5.3. in the case of postage to a destination in the country of dispatch, five (5) days after the posting of the registered letter; and
• 6.5.4. in the case of postage to a destination outside the country of dispatch, seven (7) days after the posting of the registered letter.

6.6. If a notice sent by the Lender, which the User can expect to receive or which the User and the Lender have agreed to send, does not reach the User, the User shall notify the Lender thereof immediately, but no later than within three (3) Banking Days after the expected date of receipt.

6.7. The User undertakes to immediately check the accuracy of the information contained in the notice received from the Lender and to notify of any objections immediately upon receipt of the notice.

7. LOAN APPLICATION AND CREDITWORTHINESS ASSESSMENT

7.1. The Borrower may submit a Loan Application to the Lender only via the Portal, having previously identified himself/herself in accordance with Section 4 of the Terms of Use.

7.2. In order to apply for a Loan, the Borrower fills in a Loan Application on the Portal, where he/she discloses the information required by the Lender on his/her creditworthiness and other circumstances affecting the creditworthiness.

7.3. The Lender assesses the Borrower's creditworthiness on the basis of the submitted data and documents and the data obtained from public databases or other sources.

7.4. The Loan Application is not binding on the Borrower, i.e., he/she can withdraw the Loan Application at any time prior to concluding the Loan Agreement without giving reasons.

8. CREDIT DECISION

8.1. The Lender has the right to make one of the following credit decisions:

• 8.1.1. accept the Loan Application;
• 8.1.2. reject the Loan Application; or
• 8.1.3. make a counteroffer and accept the amended Loan Application.

8.2. The Lender makes a credit decision and notifies the Borrower thereof immediately, but no later than within two (2) Banking Days after the receipt of all the required information and documents. The Lender is not obliged to justify the credit decision, unless it rejects the Loan Application on the basis of information obtained from a public database. In this case, the Lender must inform the Borrower of the results of such inquiries.

9. CONCLUSION OF LOAN AGREEMENT

9.1. If the Borrower accepts the loan offer made by the Lender, a Loan Agreement is concluded between the Lender and the Borrower via the Portal.

9.2. Prior to concluding the Loan Agreement (i.e., before the Loan Agreement becomes binding on the Borrower and the Lender), the Lender makes the information and documents that are a prerequisite for concluding the Loan Agreement (e.g., pre-contractual information, Standard European Consumer Credit Information sheet, etc.) available to the Borrower via the Portal. The relevant data and documents are available to the Borrower free of charge on the Portal at any time during the term of the Loan Agreement.

9.3. The Loan Agreement shall be deemed to be legally binding and concluded between the Lender and the Borrower as of the moment it is electronically or digitally signed or approved by both Parties.

10. RESTRICTION OF RIGHT TO USE PORTAL AND CONDUCT IN EVENT OF PAYMENT DEFAULT

10.1. The Lender has the right to restrict or cancel the right to use the Portal by the User, reject Loan Applications and, to the extent permitted by law, refuse to perform the obligations arising from the User Agreement and/or Loan Agreement and/or other agreements concluded between the Lender and the User if the User violates the User Agreement and/or Loan Agreement and/or any other agreement concluded with the Lender.

10.2. If the Borrower has entered into several Loan Agreements and the Portal Account does not have sufficient funds to satisfy the Claims that have become due (i.e., the funds transferred to the Lender are not sufficient), the Lender shall distribute the funds proportionally.

11. WITHDRAWAL FROM AND TERMINATION OF USER AGREEMENT

11.1. The User has the right to withdraw from the User Agreement without giving a reason within fourteen (14) days from the conclusion of the User Agreement by submitting via the Portal a withdrawal application in a format which can be reproduced in writing. In order to exercise the right to withdraw from the User Agreement, the withdrawal application must be submitted to the Lender before the expiry of the term specified in the Terms of Use. In order to withdraw from the User Agreement, the User must immediately, but no later than within thirty (30) days from the submission of the withdrawal application, fulfill all his/her outstanding financial obligations to the Lender under any agreement. If the User fails to fulfill his/her obligations within the term specified in the Terms of Use, it shall be deemed that the User has not withdrawn from the User Agreement.

11.2. The User may regularly cancel the User Agreement by submitting an application to the Lender via the Portal in a format which can be reproduced in writing. In this case, all the financial obligations of the User to the Lender under any agreement must be fully fulfilled in advance.

11.3. The Lender may terminate the User Agreement without prior notice on exceptional grounds and cancel or restrict access to the Portal (always under Clause 10.1.1 or 14.2 of the General Conditions, including granting the additional term specified in the General Conditions), if:

• 11.3.1. the User violates the User Agreement, other conditions established by the Lender or the concluded agreement or does not consent to the processing of his/her personal data in accordance with the Privacy Policy;
• 11.3.2. the User has implemented or implements automated means (not approved by the Lender) for the use of the Portal and for the automated collection of data from the Portal (such means may include, inter alia, data harvesting bots, spider robots, scrapers and other automated tools or programs) or if the User implements framing methods to delimit the Portal data or content or otherwise influence the Portal.

11.4. Upon termination of the User Agreement, the Lender terminates the User's access to the Portal and the Lender has no obligation to store, maintain or release to the User information related to the transactions and acts performed by the User on the Portal, unless such obligation arises from law.

11.5. Termination of the User Agreement shall not affect the validity of other agreements entered into by the User via the Portal and the validity of any created obligations.

12. FEES, COSTS, COMPENSATION

12.1. The Lender has the right to receive and the User is obliged to pay a Fee for the rendered services on the basis of the Price List, Loan Agreement and/or other agreements concluded with the Lender. The Lender's Price List is available on the Lender's Webpage.

12.2. In addition to the Fees specified in the Price List and in the agreements concluded between the Lender and the User, the User must pay all the costs of the Lender arising from any acts performed in the interest of the User and the costs relating to the recovery of the Claims which have fallen due (including legal costs, debt collection costs, court expenses, etc.).

12.3. The User shall pay all Fees and costs to the Lender via the Portal Account on the basis of the notice sent to the User on the Portal by the due date indicated in the notice, using the personalized Reference Number assigned to the User when making the payment. The User is obliged to ensure the availability of funds in his/her Portal Account on the due date. The Lender shall not be liable for any damage resulting from the use of an erroneous Reference Number, as a result of which the payment made does not reach the Lender in a timely manner.

12.4. The User is obliged to immediately notify the Lender if the payment made has not reached the User's Portal Account, as well as if an unfamiliar payment has reached the User's Portal Account. The User is prohibited from disposing of funds received on his/her Portal Account, in respect of which a third party may have a right of recovery (e.g., incorrectly made payments).

12.5. The User shall pay all Fees and costs without deductions and/or set-offs.

13. LIABILITY

13.1. The User shall be liable for:

• 13.1.1. the legality of the transactions made by him/her on the Portal;
• 13.1.2. any possible obligations in accordance with law that may arise from the conclusion or performance of the Loan Agreement via the Portal;
• 13.1.3. thoroughly examining the Terms of Use and the provisions of other agreements to be concluded between the User and the Lender. After approving the Terms of Use and other agreements the User cannot rely on the fact that he/she was not aware of or that he/she did not agree with the contents of the document;
• 13.1.4. making transactions on the Portal as a party to the transaction. The User uses the agreement forms offered on the Portal at his/her own liability and risk.

13.2. In the event of a breach of obligations, including breach of the notification obligation under Clause 5.1.6 and submission of incorrect information or failure to submit relevant information, the User shall be fully liable to the Lender or third parties for any damage caused by the breach.

13.3. The Lender shall be liable for direct patrimonial damage caused by the breach of its obligations if the breach has occurred due to intent or gross negligence. The Lender shall not be liable for any loss of income.

13.4. The Lender may restrict the User's access to the Portal for doing maintenance and repairs. The Lender shall not be liable for any potential damage resulting from the restriction of access and consequent interruptions to the services.

13.5. The Lender and the User shall not be liable for the breach of obligations if it is caused by force majeure, i.e., circumstances beyond the control of the Party (e.g. interruptions, natural forces, activities of state authorities, etc.).

13.6. Nothing in the User Agreement limits the liability in case of willful breach of obligations.

14. AMENDMENTS

14.1. The Lender has the right to unilaterally amend the Terms of Use under the conditions provided by law or if necessary:

• 14.1.1. due to changes in the legislation, standards or practices;
• 14.1.2. to develop or improve Portal services;
• 14.1.3. to take into account a decision, precept or other published position of a court or other authority or person;
• 14.1.4. to specify the circumstances relating to the provision or use of the service, inter alia, to improve user-friendliness;
• 14.1.5. in other circumstances, provided that such changes are not unfair to the User.

14.2. The Lender has the right to unilaterally amend the Terms of Use without prior notice to the User if the legislation, standards or practices governing the relationship arising from the Terms of Use change and the amendment of the Terms of Use is necessary to ensure immediate compliance with the new legislation, standards and/or practices. Such amendments shall be published on the Portal and shall take effect upon publication of the relevant notice on the Portal.

14.3. The Lender has the right to amend its Price List at its own discretion. The Lender will not notify the User of amendment of the Price List if it becomes more favorable for the User.

14.4. In cases other than those specified in Clauses 14.2 and 14.3 of the Terms of Use, the User shall be notified of amendments to the Terms of Use and/or Price List via the Portal at least thirty (30) days in advance. If the User does not agree with the amendments made by the Lender, he/she has the right to immediately terminate the User Agreement and all other agreements concluded between the Lender and the User. If the User terminates the User Agreement and all other agreements concluded between the Lender and the User, he/she must submit a relevant application to the Lender via the Portal within thirty (30) days after receiving the relevant notice and, within the same period, fulfill all his/her financial obligations arising from the agreements concluded with the Lender. For the avoidance of doubt, if the User fails to fulfill all his/her financial obligations within that period, the User shall be deemed not to have terminated the User Agreement or other agreements concluded with the Lender. The amended Terms of Use and/or Price List enter into force thirty (30) days after the publication of the notice or when the User agrees to the amended Terms of Use and/or Price List by clicking on the relevant field (e.g., box, button, etc.) upon logging into the Portal, whichever occurs earlier.

14.5. The Lender shall not notify the User of amendment of the Terms of Use if the amendment of the Terms of Use does not change the rights and obligations of the Parties (especially, for example, grammatical changes or corrections).

15. GOVERNING LAW AND DISPUTE RESOLUTION

15.1. The legislation in force in the Republic of Estonia applies to the Terms of Use, Loan Agreements and other agreements entered into between the Lender and the User.

15.2. Any disputes between the Lender and the User arising out of or in connection with the Terms of Use, Loan Agreements or other agreements concluded between the Lender and the User shall be settled by negotiations, taking into account the Procedure for Handling Consumer Complaints in force at that time and published on the Lender's Webpage. In addition, the User has the right to apply to a competent out-of-court body or to the authority supervising the Lender. A dispute that the Parties are unable to resolve through amicable negotiations within a reasonable period of time shall be settled in the competent court of the Republic of Estonia, including if the User takes up residence abroad following the entry into force of the User Agreement or if the place of residence of the User is unknown at the time of filing an action.

16. MISCELLANEOUS

16.1. In the event of insolvency of the Lender, the conclusion of new Loan Agreements is terminated immediately. Insolvency of the Lender shall not affect the validity of the Loan Agreements already concluded.

16.2. The Lender is supervised by:

• 16.2.1. The Estonian Financial Supervision and Resolution Authority (Finantsinspektsioon) (address: Sakala 4, 15030 Tallinn, email: [email protected], webpage: www.fi.ee);
• 16.2.2. The Consumer Protection and Technical Regulatory Authority (address: Endla 10a, 10142 Tallinn, email: [email protected], webpage: www.ttja.ee);
• 16.2.3. Data Protection Inspectorate (address: Tatari 39, 10134 Tallinn, email: [email protected], webpage: www.aki.ee).

This version of the Terms of Use was last updated as at August 17, 2022.

Introduction

All conflicts of interest that may arise in connection with Bondora's loan platform shall be identified and resolved by Bondora. We shall take all necessary measures to prevent further evolution of the conflict and the potentially resulting damage to the interests of our clients. This document describes our conflict of interest policy (the "Conflict Policy") that applies to the operation of our Portal.

We are fully committed to complying with our regulatory and legal obligations and ethical standards. All of our employees are contractually committed to complying with our Conflict Policy. Violation of the Conflict Policy may result in a penalty, including termination of the employment contract.

Signs of potential or realized conflicts of interest

A conflict of interest may arise when a member of the management board of Bondora, its employee, an employee of its affiliate or other related party provides services to Bondora's clients or independently engages in other activities that may harm the interests of Bondora's clients, such as in a situation where one of the above persons:

• could benefit financially or avoid financial loss at the expense of a Bondora's client;
• has an economic interest in the result of the service provided, which interest is different from that of a Bondora's client;
• receives any benefit for favoring a Bondora's client over another Bondora's client;
• receives any benefit (money/goods/services) from any person other than the usual commission for the service provided to Bondora's client.

Potential or realized conflicts of interest we have identified

Borrowers are charged management fee for using our platform in accordance with their Loan Agreements and other agreements.

In addition, we may pay third parties to direct clients to us, and such transactions are properly disclosed.

Employees

A conflict of interest may arise if an employee of Bondora (or a member of the employee's family) is in any way related to another party to a transaction, especially if that party is a Bondora's client. Related parties include members of the management board of Bondora's clients, persons with significant holdings and consultants. Bondora's employees are required to disclose any relationship that may influence their decisions or involve an economic interest.

Resolution and disclosure of conflicts of interest

Bondora will take all possible and reasonable steps to resolve potential conflicts of interest.

If there is a significant risk of loss to a Bondora's client, we will disclose it.

We will implement all necessary procedures, including staff training, to ensure that situations that may give rise to conflicts of interest are identified and properly addressed.

All potential conflict situations are closely monitored.

Additional information

This document will be regularly reviewed and updated as necessary. If you have any questions about this Policy, please contact us using the contact information provided on Bondora's Webpage. The terms have the same meaning as in the Bondora User Agreement, unless otherwise defined herein.

This Privacy Policy provides an overview of what personal data of the bondora.ee Portal User (hereinafter also you) the Lender (hereinafter Bondora or us) processes when providing services via the Portal, how and for which purposes it does this, and what your rights are regarding your personal data.

We follow very strict rules established for the processing of your personal data, which derives from the European Union and Estonian legislation on the protection of personal data, including the European Union General Data Protection Regulation (hereinafter General Regulation). The terms contained in this Privacy Policy have the same meaning as described in the Bondora.ee Terms of Use and General Regulation.

Controller and Contact Details

The controller of your personal data is Bondora AS (Estonian register code 11483929; postal address A.H. Tammsaare tee 56, Tallinn 11316, Estonia). You can find the form required to contact us here .

Collection of Personal Data

We generally collect personal information necessary to enter into an Agreement with you and perform it. Given our field of activity, it also includes collecting various background information to fulfill our various obligations deriving from the law.

We collect personal data from the following sources:

• yourself (e.g., data submitted and shared by you); and
• third parties (e.g., public sources, state registers (such as the population and pension register), credit rating agencies, cooperation partners, and companies belonging to the same group as us).

We collect personal data from third parties that allow us to assess your creditworthiness and apply due diligence measures to prevent money laundering and terrorism financing, including to verify the information you provide to us.

We may also collect personal data automatically (e.g., the way you use the Platform, digital devices you use, and cookies) for statistical purposes.

Use of Your Personal Data

To provide services to you through the Platform, you may be required to provide our partners or us with the information necessary to provide the services. If you do not provide this information, we are not able to provide services to you. Such information is always marked accordingly.

We use your personal data for the following purposes and on legal grounds:

We do not process your special categories of personal data or data about criminal convictions and offenses.

We may also process your personal data for other purposes under your consent. The purpose of the processing and other details, in this case, is described in the consent.

If the legal basis for the processing of your personal data is our or a third party's legitimate interest, you have the right to obtain additional information and to object to such processing at any time. To do so, please contact us using the contact details mentioned above.

Automated Decisions and Profile Analysis

We use an automated process to decide whether to approve or reject your loan application. As part of our automated process, all categories of data we have collected about you for creditworthiness purposes are assessed separately (see above). The system calculates your credit rating based on the risks associated with the different data categories and the coefficients assigned to them. Based on this, you will be offered a loan on the terms you have requested or other terms (e.g., with a smaller loan amount or a different repayment term than wanted), or your application will be rejected. The purpose of creditworthiness assessment is to make fair and responsible loan decisions and fulfill our legal obligation to assess your creditworthiness before granting a loan.

In addition to automated credit assessments, we may automatically determine that there are grounds for believing that you may be committing fraud, money laundering, or terrorism financing.

Automated decisions and profiling allow us to improve the fairness of our decision-making process (reducing the potential human error, discrimination, and abuse of power), reduce the risk that you will not pay back the loan, and allow us to make decisions in less time and improve efficiency.

Automated decisions and profile analysis are necessary for concluding a loan agreement between us and are also permitted by law. Creditworthiness assessment is a largely standardized and mandatory procedure for creditors built on the applicable principles of responsible lending and based on mathematical formulas. The automated creditworthiness assessment ensures a fairer result as it eliminates the human subjective factor and treats all credit applicants equally. Using the same or a similar model manually would take a disproportionate amount of time to assess each borrower's creditworthiness and thus becomes significantly more costly for us. Our human resource needs would significantly increase if we were to ensure that the quality of service is maintained when assessing creditworthiness manually. To prevent money laundering and terrorism financing, we use automated processes for monitoring transaction data. It would not be possible to process the relevant data manually (i.e., without automated solutions) due to the large volume.

Our automated processes are regularly tested, evaluated, and inspected to ensure fairness, efficiency, and impartiality. For them to work, it is also necessary that the information you provide to us is accurate and up-to-date.

You have the right to have direct personal contact, the right to express your views, the right to be heard on a decision taken following such an assessment, and the right to challenge that decision. To do so, please contact us using the contact details mentioned above.

Transfer of Personal Data

When we process your personal data, we also transfer your personal data to our processors or third parties. Such transmission shall take place only under the following conditions:

Processors. We use carefully selected service providers (processors) to process your personal data. In doing so, we remain fully responsible for processing your personal data.

We use, among other things, the following processors: Marketing and survey service providers and tools, money laundering and terrorism financing risk mitigation searching service providers, creditworthiness assessment service providers, customer support service providers, accounting service providers, server management, and server hosting providers, IT service providers, and other companies belonging to the same group as us, who provides services to us.

If you would like more detailed information about our processors (e.g., their names and locations), please contact us using the contact details mentioned above.

Third Parties. We will only share your personal data with third parties if set out in this privacy policy if required by applicable law (e.g., if we are required to share personal data with authorities) or under your consent or order.

We may share your personal data with the following third parties:

• to perform agreements with payment service providers. In this case, the legal basis for the transfer of personal data is the performance of an agreement between us (Article 6 (1) (b) of the General Regulation);
• to assess your creditworthiness with credit agencies. In this case, the legal basis for the transfer of personal data is our legal obligation to assess your creditworthiness (Article 6 (1) (c) of the General Regulation);
• to test the quality of the creditworthiness assessment with credit assessment service providers. In this case, the legal basis for the transfer of personal data is our legitimate interest (Article 6(1)(f) of the General Regulation);
• for the purposes of our internal administration with companies belonging to the same group as us. In this case, the legal basis for the transfer of personal data is our legitimate interest in sharing the data with companies belonging to the same group as us for internal administration purposes (Article 6 (1) (f) of the General Regulation);
• for the purposes of direct marketing with companies belonging to the same group as us. In this case, the legal basis for the transfer of personal data is your consent (Article 6 (1) (a) of the General Regulation);
• to other credit and financial institutions and insurance providers to provide the service requested by the Client or to assess the reliability and risk associated with him (Article 6, subsection 1, point b of the General Regulation);
• potential or actual buyers and pledges of claims. In this case, the legal basis for the transfer of personal data is our legitimate interest in transferring the data and documents related to the claim to the buyer and/or pledgee upon assignment of the Claim (Article 6 (1) (f) of the General Regulation);
• potential or actual investors and/or creditors of the Lender. In this case, the legal basis for the transfer of personal data is our legitimate interest in transferring the data and documents related to the claim to the Creditor regarding the investor's or creditor's claim (Article 6 (1) (f) of the General Regulation);
• to fulfill our legal obligations deriving from the law with authorities and law enforcement agencies. In such a case, the legal basis for the transfer of personal data is fulfilling our legal obligation deriving from the law (Article 6 (1) (c) of the General Regulation);
• payment default registers, credit bureaus and other third parties where we are disclosing information about outstanding debts; In this case, the legal basis for the transfer of personal data is our and third parties' legitimate interest in implementing responsible lending principles; (GDPR Art. 6(1)(f)).
• to protect our rights and interests with collection agencies, attorneys, bailiffs, and other persons concerned. In this case, the legal basis for the transfer of personal data is our legitimate interest in protecting our rights and interests (Article 6 (1) (f) of the General Regulation). We will only process your personal data if we are sure that our legitimate interests do not outweigh your interests or fundamental rights and freedoms for which personal data must be protected. As we generally process your personal data only when it is essential to protect our rights and interests (i.e., if there has been a breach or a suspected breach by you), we consider it justified.
• to perform our statutory obligations with auditors. In such a case, the legal basis for the transfer of personal data is our legal obligations deriving from the law Article 6 (1) (c) of the General Regulation and the Auditors Activities Act);
• to fulfill our legal obligations deriving from the law or in the legitimate interests of us or our counterparty, if such transfer is necessary to transfer our activities or assets due to the transaction or to assess the perspectiveless of such a transaction. In this case, the legal basis for the transfer of personal data is the fulfillment of our legal obligations (Article 6 (1) (c) of the General Regulation and the Law of Obligations Act), or our or our counterparty's legitimate interest in concluding the transaction or assessing its perspectiveless (Article 6 (1) (f) of the General Regulation). We will only transfer your personal data if we are sure that our or our counterparty's legitimate interests do not outweigh your interests or fundamental rights and freedoms for which personal data must be protected.

If the legal basis for the processing of your personal data is our or a third party's legitimate interest, you will have the right to obtain additional information and to object to such processing at any time. To do so, please contact us using the contact details mentioned above.

Transfer of Personal Data Outside the European Union

In general, we do not transfer your personal data outside the European Union, but our processors and third parties, to whom we transfer the personal data, may process your personal data outside the European Union. Where necessary, the transfer will only take place if we have a legal basis for such action, including, in particular, if the recipient: (i) is located in a country that the European Commission considers having an adequate level of protection of personal data, or (ii) is acting under an agreement that meets the requirements of the European Union for the transfer of personal data to processors outside the European Union.

If you would like more detailed information about the transfer of your personal data outside the European Union (e.g., the names of the recipients and the legal basis for the transfer), please contact us using the contact details mentioned above.

Retention of Personal Data

We retain your personal data for as long as we are required by law to do so. (e.g., under the Creditors and Credit Intermediaries Act , we must retain all information and documents relating to the providing and servicing of credit for the duration of our legal relationship and three years after that; under the Money Laundering and Terrorist Financing Prevention Act, we must retain your personal data and various documents five years after the end of the business relationship with you; under the Accounting Act we must retain accounting source documents seven years from the end of the respective financial year) or until we have a legitimate interest in doing so (e.g., until the limitation period of the claims to protect our interests and rights).

Security of Personal Data

We ensure that users' personal data is only available to such employees who, due to their duties, need to have access to such data. All Bondora employees are required to maintain the confidentiality of the data and may not share the information with third parties, except for the purposes set forth above.

Personal data is stored and archived on a secure server that only a few people have access to. Security is guaranteed by strict privacy standards met by conscientious third-party partners.

We use several Internet security measures to ensure the secure processing, transmission, and archiving of personal data.

The servers are located in a data center in Frankfurt, Germany, and is operated by Telehouse, one of the world's 200 leading companies. A separate agreement has been concluded with Virtion GmbH for server management. These companies allow us to offer better availability and growth potential of our IT resources and greater flexibility.

All their activities comply with a number of standards, including ISO 27001:2005 (Information security management systems), BS25999-2:2007 (Business continuity management), PCI-DSS (Payment card industry), ISO 9001:2008 (quality standards), and ISO 14001:2004 (Environmental management system standard).

Companies have established round-the-clock physical and virtual surveillance of the system. All data center movements are monitored by short-range card readers and infrared sensors that detect unauthorized persons. In Bondora, security breaches are detected, monitored, and repelled by software and hardware security walls.

Your Rights

You have all the rights of the data subject with regard to your personal data to the extent required by the applicable data protection legislation, including:

• the right to receive relevant information on the processing of personal data;
• the right to receive confirmation whether personal data is being processed;
• the right to receive a copy of personal data;
• the right to request that we rectify inaccurate personal data or supplement incomplete personal data;
• the right to request deletionof personal data if: (i) the personal data is no longer necessary for the purpose for which it was collected or otherwise processed; (ii) you withdraw your consent for processing your personal data, and there is no other legal basis for processing the personal data; (iii) you object to the processing of personal data, and there are no overriding legitimate reasons for the processing; (iv) you object to the processing of your personal data for direct marketing purposes; (v) personal data has been processed unlawfully; or (vi) personal data must be deleted to fulfill our legal obligation deriving from the law. Notwithstanding the preceding, you do not have the right to request the deletion of personal data if the processing is necessary: (a) to fulfill an obligation under our law; or (b) to formulate, file, or defend legal Claims;
• the right to request a restrictionon the processing of personal data if: (i) you challenge the accuracy of the personal data for a period of time that allows us to verify the accuracy of the personal data; (ii) the processing of personal data is unlawful, whereas you do not request the deletion of personal data, but the restriction of use; (iii) we no longer need personal data for processing purposes, but they are necessary for you to make, file or defend legal claims; or (iv) you have objected to the processing of your personal data while we check that our legitimate reasons outweigh your reasons. If the processing of personal data is restricted, we may nevertheless process it: (a) with your consent; (b) to formulate, file , or defend legal claims; (c) to protect the rights of another natural or legal person; or (d) in the overriding public interest;
• the right to portability the data, i.e., the right to receive personal data that you have provided to us in a structured, publicly available format and machine-readable form, and the right to transfer this data to another controller if: (i) the processing is with your consent or for contract or performance purposes; and (ii) processed automatically. If technically feasible, you have the right to request that we transfer the data directly to another controller. In exercising your right, we cannot infringe on the rights and freedoms of others;
• the right to object at any time to the processing of personal data in the legitimate interest of us or a third party, depending on our specific situation. In such a case, we will not further process personal data unless we prove that the processing is for a valid legitimate reason that outweighs your interests, rights, and freedoms or to make, file, or defend legal claims. If your objection concerns the processing of your personal data for the purposes of direct marketing, we do not have the right to process your personal data further;
• the right to withdraw consent at any time. To do so, you may contact us using the contact details mentioned above or use other options described in obtaining consent.

To exercise your rights, please contact us using the contact details mentioned above. We will respond to your request within one month at the latest. In some instances (taking into account the complexity and number of the requests), we have the right to extend the due date for replying by two months. In this case, we will notify you.

If you believe that your rights have been violated, please contact our Data Protection Officer via [email protected] immediately to resolve the situation. However, you have the right to complain to the Member State's supervisory authority where you have your permanent residence or place of work, or to the Data Protection Inspectorate ( www.aki.ee; [email protected]; Tatari 39, 10134 Tallinn).

Cookies

We use cookies, which are small text files that a website server stores on your hard drive. This allows us to collect certain information from your web browser. You can find more information on our cookie policy here.

Links to Third-Party Websites

Links to third-party websites from the Platform or any other Bondora website, or vice versa, are only quick links to services or topics useful to our Platform users. Please note that third party websites may have different privacy policies and/or security standards, which we recommend you review.

Amendments to the Privacy Policy

Suppose our personal data processing practices are changed, or we need to amend this Privacy Policy due to applicable law, judicial or competent supervisory authorities' practices, or competent supervisory authorities' guidelines, we have the right to change this Privacy Policy at any time unilaterally. In this case, we will notify you via the Portal or email at a reasonable time before the changes take effect.

Applicable Law

As Bondora is a company registered in the Republic of Estonia, Estonian law applies to the processing of your personal data.

This Privacy Policy was last updated as at September 27, 2023.

What is a cookie?

A cookie is a small morsel of text that a website asks your browser to store. All cookies have expiration dates in them that determine how long they stay in your browser. Cookies can be removed in two ways: automatically, when they expire, or when you manually delete them. We've included more details below to help you understand what kinds of cookies we use.

Please remember that by deleting existing cookies or disabling future cookies you may not be able to access certain areas or features of our website.

What cookies does Bondora use?

We use cookies across our website to improve the performance and enhance the user experience. Please be advised that when you visit our website you agree that we use the following cookies:

• Essential cookies that are only set or retrieved by the website while you are visiting which allow us to identify you as a subscriber and ensure that you can access the subscription only pages. We can ensure that no one is making changes to your profile, applying for loans or making loans on your behalf.
• Functionality cookies are used to allow us to remember your preferences on the website, such as language or username to customize your user experience.
• Performance cookies allow us to collect information how you use the website. All of the information collected is anonymous and is only used to help us improve the way our website works and measure the effectiveness of our advertising campaigns.
• Third party cookies are behaviorally targeted advertising cookies (e.g. Google Analytics) that allow us to record pages that are visited and the links that are followed. The information collected in non-identified.
• Secure cookies are used to ensure that any data in the cookie will be encrypted as it passes between the website and the browser. It helps us to protect the security of your account.

How to change cookies settings?

In case you want to change your preferences about the cookies that we use, please change your browser settings. For more information you may wish to visit http://www.aboutcookies.org/

We want you to be happy with the services Bondora provides. However, if this is not the case and you are dissatisfied with the service requested by or provided to you, or its terms and conditions or quality, we want to know about it. Before filing a complaint, please review the Complaints procedure laid out below, so we can process your complaint as quickly and efficiently as possible. Kuidas esitada kaebust?

How do I file a complaint?

Bondora's customer service is 100% digital. This means we can handle and solve complaints quickly and securely. You can file a complaint with Bondora by using the form under the "FAQ " section on Bondora's website.

What information should I provide in my complaint?

You must provide all the relevant facts so we can solve your complaint as efficiently as possible. Please describe and explain the basis of your complaint in as much detail as possible. You should also state the claim or request you want Bondora to settle.

Please include any relevant documents in your complaint if they are not easily available to Bondora.

If your representative files a complaint in your name, please attach a document that certifies their right of representation. This document must be signed in a digital format.

How does Bondora process complaints?

Bondora treats all customers with respect and without prejudice. We will establish your complaint's specific circumstances and analyze the problem to the core to settle it in the best way possible. If necessary, we may ask you for additional information or documents related to the complaint.

If the arguments in your complaint are justified, we will quickly restore any wrongdoings or propose another solution acceptable to you. But if we do not partly or wholly agree with your complaint, we will justify our decision in our reply to you.

When can I expect a reply?

We will email you an automatic notification when we receive your complaint (Usually within one business day).

Generally, we settle complaints within five business days after receiving it, but it may take up to 15 days. If we can't settle your complaint within 15 days, we will inform you why it's taking longer and set a new date when you can expect a reply.

What should I do if I'm not happy with the proposed solution?

We will do our best to provide the best solution for your complaint. But if you are unhappy with our suggestion, you are welcome to contact us again and contest our decision.

If you are still unhappy with our solution, you can protect your rights by contacting the following authorities:

• Consumer Protection and Technical Regulatory Authority (www.ttja.ee, address: Endla 10a, 10142 Tallinn; email: [email protected]; phone number: 620 1707)
• Financial Supervision and Resolution Authority (www.fi.ee, address: Sakala 4, 15030 Tallinn; email: [email protected]; phone number: 668 0500)
• Court (www.kohus.ee, contact details according to jurisdiction
• Consumer Disputes Committee (www.komisjon.ee, address: Endla 10A, 10142 Tallinn; email: [email protected]; phone number: 620 1707). Complaints arising from distance contracts can also be filed with the Consumer Disputes Committee through an online dispute resolution environment at the address http://ec.europa.eu/odr
• Data Protection Inspectorate (complaints related to personal data, www.aki.ee; address: Tatari 39, 10134 Tallinn; email: [email protected]; phone number: 627 4135)

Pre-contractual information is available here.

B Secure terms are available here.

B Secure+ terms are available here.