Privacy Policy

for the platform iim.business

Effective: April 12, 2026

1 Data Controller

Responsible within the meaning of data protection laws (in particular the General Data Protection Regulation – GDPR) is:

Punë SHPK Trebosh, Zheline

Registered office: Trebosh, Municipality of Zhelino

Republic of North Macedonia

E-Mail: info@pune.mk

2 Scope

This privacy policy applies to:

  • The use of the website iim.business
  • Registration of user accounts
  • Publication of pitches
  • Use of Coins
  • Communication between users
  • All related online services

It applies regardless of the country from which the user accesses the platform.

3 Types of Data Processed

We process personal data only to the extent necessary. This includes in particular:

Contact Data

  • Name, email address, phone number
  • Company name, address

Account Data

  • Username, password (encrypted)
  • Profile information, user role

Payment Data

  • Payment status, transaction ID
  • Coin purchases

Usage Data

  • IP address, device type, browser
  • Access time, page views

Important: We do not store complete credit card data. Payment data is processed by external payment providers.

4 Purposes of Data Processing

We process personal data exclusively for the following purposes:

  • Provision of the platform
  • Creation of user accounts
  • Publication of pitches
  • Contact mediation between users
  • Processing of Coin purchases
  • Fraud prevention
  • Platform security
  • Service improvement
  • Legal obligations

5 Legal Basis for Processing (GDPR)

Processing is based on Article 6(1) GDPR:

  • lit. a – Consent
  • lit. b – Contract performance
  • lit. c – Legal obligation
  • lit. f – Legitimate interest

Our legitimate interests include in particular: platform operation, IT security, abuse prevention, and economic operation.

6 Cookies and Tracking

Our platform uses cookies and similar technologies. Cookies serve in particular:

  • User login
  • Security
  • Storing settings
  • Usage analysis

The following may be used: technical cookies, security cookies, analytics cookies, and functional cookies.

Users can deactivate cookies at any time in their browser settings.

7 Use of Third-Party Services

We may use external service providers. This may include:

Hosting Providers

Cloud hosting providers, server operators, database providers

Payment Providers

Stripe, PayPal, credit card providers, payment gateways

These providers process data independently.

8 Data Sharing

We only share personal data when:

  • Legally required
  • Necessary for contract performance
  • The user has consented
  • Required for security

Data may be shared with: payment providers, hosting providers, authorities, and IT service providers.

We do not sell personal data.

9 International Data Transfer

As the platform is used internationally, data may be transferred to other countries, including the EU, Switzerland, USA, and other countries.

We ensure that adequate security measures are in place and legal requirements are met.

10 Data Retention

We store personal data only as long as necessary:

Account data → as long as the account is active

Contract data → according to legal retention periods

Log data → generally a maximum of 12 months

After expiry, data will be deleted or anonymised.

11 Data Security

We implement technical and organisational measures, including:

  • Encryption (SSL / HTTPS)
  • Access controls
  • Firewalls
  • Security monitoring
  • Password encryption
  • Backup systems

Despite all measures, absolute security cannot be guaranteed.

12 User Rights (GDPR)

Right of access

You can find out what data is stored and why.

Right to rectification

You can have incorrect data corrected.

Right to erasure

You can request the deletion of your data.

Right to restriction

You can have processing restricted.

Right to data portability

You can receive your data in a structured format.

Right to object

You can object to processing.

13 Withdrawal of Consent

Consent can be withdrawn at any time. This applies for the future.

14 Right to Lodge a Complaint

Users have the right to lodge a complaint with a data protection authority, e.g. the data protection authority in their own country, EU data protection authority, or national data protection authority.

15 Minors

The platform is intended exclusively for persons aged 18 years and older. We do not process data from minors.

16 Automated Decisions

We do not make automated decisions within the meaning of the GDPR. In particular: no credit decisions, no investment decisions, no profiling decisions.

17 Changes to the Privacy Policy

We may amend this privacy policy at any time. New versions apply from the date of publication on the platform.