Legal

Privacy Policy

Privacy Policy

Last updated: 1.3.2026.

1. Data Controller

This Privacy Policy explains how AYMO Ventures d.o.o. with registered seat in Zagreb, Ulica Alexandera von Humboldta 4B, Croatia, PIN (OIB): 31486520098 ("AYMO Ventures", "we", "us", or "our") as the Data Controller, collects, uses, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR").

This Privacy Policy applies to individuals whose personal data we process when they contact us whether through our website, email, or social media, to submit inquiries, request cooperation, or apply for employment, as well as to representatives of legal persons who contact us in the course of their business activities.

If you have any questions regarding the collection or processing of your personal data, please contact us at gdpr@aymoventures.com.

2. Categories of Personal Data We Collect

When you submit our contact form, or otherwise contact us, we may collect the following personal data:

  • Full name

  • Role/position

  • Country, main country of operations

  • Phone number

  • Email address

  • LinkedIn URL, website or product demo link (in case it contains personal data)

  • Message content (inquiry) text provided in text fields of the forms (in case it contains personal data)

  • Data related to fundraising and fundraising history containing personal data

  • Uploaded files (optional, e.g. pitch decks or presentations)

  • CVs, cover letters, information about education, and any other personal data contained in the CVs or job application you submit to us

  • Other personal data voluntarily provided by you through completion of the form.

If you provide personal data of third parties, you represent and warrant that you are authorized to make such disclosure.

If you upload a file, your IP address is temporarily recorded and stored for 5 hours for security and rate-limiting purposes only.

3. Purpose and Legal Basis for Processing

Your personal data is processed for the following purposes:

a) Responding to your inquiries and/or assessing potential business opportunities, including reviewing any materials provided (e.g. pitch decks or presentations), and establishing or maintaining potential cooperation.

Depending on the content of your inquiry, the legal basis for processing your personal data may be either:

  • our legitimate interest;

  • taking of steps at your request prior to entering into a contract;

  • if we conclude a contract, the legal basis for processing will be that the processing is necessary for the performance of that contract.

When determining the appropriate legal basis, we take into account whether the inquiry/proposal was made by a natural person or on behalf of a legal entity.

Our legitimate interest in processing personal data for this purpose is to enable effective communication and collaboration with individuals and organisations that contact us, to manage and develop potential business relationships, to evaluate and pursue business or investment opportunities, and to foster mutually beneficial cooperation that supports business growth and development.

b) Ensuring system integrity and security, including prevention of spam or abuse

To fulfil this purpose, we collect your IP address. This processing is based on our legitimate interest in maintaining the security and reliable operation of our systems and preventing misuse of our services.

c) To consider and evaluate job applications submitted by individuals interested in potential employment with us.

In the event that you submit an open job application via our web form, e-mail or social media platform, the legal basis for processing your personal data is your consent, as you have voluntarily provided your application as a potential employee.

If you have applied for an open job posting published by us, we will process your personal data on the legal basis of taking steps at your request prior to entering into a possible employment contract.

We do not use your data for marketing purposes without your explicit consent.

4. Who Do We Share Your Data With

We may disclose your personal data only when necessary and on a strict need-to-know basis.

Recipients may include:

  • Service providers who may act as data processors (such as providers of IT services, website hosting, cloud storage etc.),

  • Professional advisors and consultants (e.g. legal, financial);

  • Regulatory authorities or supervisory bodies, when required by law.

A detailed list of data recipients may be requested from us at any time by submitting a request to the following email address: gdpr@aymoventures.com.

5. How Long Do We Keep Your Data

  • We retain contact form submissions, uploaded files, and related correspondence only for as long as needed to handle your enquiry. Simple enquiries are deleted once the communication has been completed. Enquiries that require internal evaluation, review, or extended discussions, such as partnership proposals, investment opportunities, or other complex matters may be retained for up to 6 months. After this period, all related data and uploaded files will be deleted if no business relationship has been established, unless ongoing communication or legal obligations require a longer retention period, or unless you provide your explicit consent for us to retain them longer.

  • IP addresses collected during file uploads are deleted automatically after 5 hours.

  • If you send us an open job application (including your CV, cover letter etc.), we will retain your personal data for up to two months to assess whether a suitable position may be available.

  • If you apply for an open job posting published by us, your personal data will be retained until the recruitment process is completed.

In both cases (regarding employment), your data will be deleted afterwards unless you provide us with explicit consent to retain it for a longer period so that we may inform you about any future opportunities.

6. Transfer of Personal Data Outside the EU

We strive to ensure that most data processing activities take place within the EU, by carefully selecting our partners and service providers. However, some of our service providers are located outside the EU. In such cases, we only transfer personal data where adequate protection is ensured, either through an EU adequacy decision or by implementing appropriate safeguards in line with the GDPR.

7. Your Rights Under GDPR

You have the following rights under the GDPR:

  • Right of access — to know what data we hold about you (Article 15 of GDPR).

  • Right to rectification — to correct inaccurate or incomplete data (Article 16 of GDPR).

  • Right to erasure ("right to be forgotten") — to request deletion of your data (Article 17 of GDPR).

  • Right to restrict processing — to limit how your data is used (Article 18 of GDPR).

  • Right to data portability — to receive your data in a structured format (Article 20 of GDPR).

  • Right to object — in certain circumstances, depending on the purposes and the legal basis for processing, you have the right to object to the processing of your personal data for example, e.g. when the processing is based on our legitimate interests (Article 21 of GDPR).

  • Right to withdraw consent — the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal (Article 7(3) of GDPR).

  • Right not be subject to a decision based solely on automated processing - although we do not use automated decision-making in the processing of personal data, data subjects generally have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them (Article 22 of GDPR).

To exercise these rights, contact us at gdpr@aymoventures.com. We may need to verify your identity before processing your request.

If you believe your data has been handled unlawfully, you have the right to lodge a complaint with:

Personal Data Protection Agency (AZOP), Ulica Metela Ožegovića 16, 10000 Zagreb, Croatia
Website: https://azop.hr

8. Do You Have to Share Your Data With Us?

You are not legally or contractually obliged to provide your personal data. However, if we start working together, some information will be needed to prepare or perform the agreement; without it, we may not be able to provide our services or continue the cooperation.

9. Automated Decision-Making

We do not make any decisions based solely on automated processing, including profiling.

10. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices or legal requirements. Any updates will be posted on this page with a revised "Last updated" date.

We take the security and confidentiality of personal data very seriously and are fully aware of the importance of protecting the information entrusted to us. We apply appropriate technical and organisational measures to safeguard personal data against unauthorised access, loss, misuse, or disclosure, in line with applicable data protection regulations.

AYMO Ventures d.o.o.
Ulica Alexandera von Humboldta 4B, 10000 Zagreb, Croatia
Email: info@aymoventures.com