CompanySpotter
Privacy Statement Customers

This is the privacy statement of CompanySpotter BV, located at Koninginnegracht 46-I in The Hague and registered in the Dutch Trade Register under number 78391857. For any questions regarding the content of this statement or exercising your rights in respect of privacy, we have appointed a Data Protection Officer, who can be contacted via [email protected].

1. Introduction

   Your privacy is important to us and we are committed to protecting any personal information you may provide to us. This privacy policy explains what information we may collect about you if you decide to become a customer and use our Service (hereinafter referred to as "Customer" or "Customers").

   CompanySpotter will only use your contact information in accordance with this privacy statement, which can be found in full below. We will not sell your information to third parties.

2. Purpose and legal basis of processing personal data

   The personal data of the Customers are processed for the following purposes:

   • The administrative management of Customer relationships
   • To create the personal user identification and password required for the use of the Service and the management of the Customer and User
   • To create, develop, operate, deliver and improve products, services, content and advertising
   • To communicate with customers, including sending notices, notices of purchases, and changes to our terms and policies
   • Conduct customer satisfaction surveys and monitor results
   • Conducting customer statistics and analysis and direct marketing based on customer relationships

   The legal basis for processing personal data is the fulfillment of a contract and CompanySpotter's legitimate interest for processing.

   If and insofar as appropriate, the processing of personal data for marketing purposes takes place on the basis of a previous business and/or contractual relationship with the Customer. This is considered CompanySpotter's legitimate interest for processing.

3. Sources of Personal Information

   Personal data is mainly collected from the contracts signed by the Customers and from the person involved or from a colleague/manager of this person when registering additional users for our Service. During the registration process, the nature of the content of the data collected depends on the information provided by the Customer. Personal data is also collected directly from the Customers in connection with information received during telephone calls, chats, emails, meetings, or other collaborations in connection with the management of the business relationship, which may be added to the register by CompanySpotter employees.

4. Content of personal data

   If the Customer decides to provide CompanySpotter with his/her personal information, CompanySpotter will collect the information provided by the Customer by filling out forms or by contacting us. When you provide CompanySpotter with personal information, you agree that we collect and use that information in accordance with this Policy.

   The Registry may include the following personal information:

   • Basic information about the user, such as name, title, position, email address, telephone number
   • User data, such as personal user identification and password, saved searches
   • ICT and security data such as IP address, cookies
   • Historical data such as registration date, last login, other usage data, analytics
   • Customer feedback and marketing data, such as chat and other communication with prospects and customers, customer feedback
   • Customer-specific data such as information received from meetings or telephone calls, deemed necessary for the administration of customer relations

5. Use of cookies and related technology

   The use of cookies allows CompanySpotter to collect information about the Customer's use of the internet and its services in general. This information allows us to improve our website and services to meet our Customer's needs, such as providing services that are more tailored to the Customer's preferences, for example by storing favourites and identifying the Customer each time they return to our site. Cookies can be disabled in the Customer's browser via the Cookie Statement. Please note that deactivating cookies may prevent some content/services from being used on our website.

   For all information regarding the operation, placement and consent regarding cookies, please refer to our Cookie statement.

6. Recipients of personal data

   The primary recipients of personal data are CompanySpotter employees. CompanySpotter may transfer personal data to its group companies, subsidiaries and other third parties on the basis of contractual obligations or requirements of the authorities.

   Personal data may be shared with companies providing services such as information processing, maintenance, fulfilling customer orders, providing services, managing and improving customer data, providing customer service, assessing interest in products and services, and conducting customer research or satisfaction surveys. For the aforementioned purposes, the Customers' personal data may, on the basis of the performance of a contract, be passed on to the following parties:

   • Suppliers and administrators of server services
   • Collaborative partners and service providers
   • Communication platforms
   • Contact register. Customer data is partly transferred to CompanySpotter's internal contact register.
   • In the event that the law, legal proceedings and/or requests from public and governmental authorities so require, CompanySpotter may disclose your personal data.

7. Transfer and handling of data

   The data that CompanySpotter collects from the Customer may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers (e.g. if our service provider or supplier is based outside the EEA). The information may also be disclosed to a third party during merger or acquisition negotiations, if the receiving party has committed to comply with confidentiality requirements in relation to the disclosed information. Only necessary personal information will be shared with these third parties.

   CompanySpotter will only disclose personal data on a contractual basis to third parties operating outside the EU/EAA who have taken steps to ensure that adequate data protection arrangements are in place in accordance with the Data Protection Regulation. These may include, but are not limited to, data protection agreements or standard contractual clauses provided by the European Commission.

   Personal data may be disclosed to authorities in cases required by mandatory local legislation or court order. Data may also be disclosed if the disclosure is permitted by applicable law, regulation or agreement or if the Customer consents thereto.

8. Retention of Personal Data

   Personal data will only be stored as long as and to the extent that is necessary in relation to the original and compatible purposes of the processing. In any event, personal data will be stored in accordance with any applicable legal retention period. Personal data will be stored for the following period or the criteria used to determine this period: personal data received on the basis of the customer relationship will be kept for a period of three (3) years (as of the time of termination of the contract).

   CompanySpotter regularly evaluates the need to store personal data. In addition, CompanySpotter will carry out all (reasonable) measures to ensure that any incorrect, inaccurate or outdated personal data is deleted or corrected without delay.

9. Data protection principles

   The information security of personal data and its processing, as well as its confidentiality, integrity and usability, are ensured by appropriate technical and administrative measures in accordance with CompanySpotter's information security principles.

   The servers used by CompanySpotter are protected by appropriate firewalls and technical security. All databases and information systems are only accessible with individual and personal login details (username and password) provided by CompanySpotter. Access rights to the aforementioned databases and information systems are limited, so that the information can only be viewed and processed by persons who are (legally) authorised to do so.

   The vast majority of CompanySpotter's personal data is in electronic form. In the event that there are physical documents containing personal data, they will be destroyed as soon as possible.

   CompanySpotter's employees are committed to respecting professional secrecy and confidentiality with regard to the information they receive when processing personal data. Privacy and security guidelines have been communicated to employees and CompanySpotter and the privacy safeguards are strictly enforced within CompanySpotter. Where applicable, similar agreements are made with any CompanySpotter suppliers.

10. Rights of the data subject

    You, as a data subject whose personal data is subject to the EU's 'General Data Protection Regulation' (GDPR), have certain rights and this section of the database's privacy statement is intended to provide you with information about your rights. The GDPR grants you the rights described below in relation to your personal data, to the extent that it is contained in the database. In exercising your rights, we emphasise that the nature of our Service is to collect, index and filter public data, and that all personal data in our database is obtained from other public sources. If the data is modified or deleted from its original source, it will be shortly modified or deleted from our Service as well.

    For each of the rights mentioned below, please direct all data protection requests and questions to our Data Protection Officer, who can be reached at the following e-mail address: [email protected].

    • Information on processing

      You have the right to information; which data is collected, the purposes of the processing for which the personal data is intended, as well as the legal basis for the processing and the recipients or categories of recipients of the personal data, if any. If your data is included in the CompanySpotter database, the processing is governed by this privacy statement.

    • Access

      You have the right to obtain confirmation from CompanySpotter as to whether or not the personal data in question is being processed and, if so, to gain access to the personal data. After we have had the opportunity to reasonably verify your identity, CompanySpotter will confirm whether your data is included in our services, what data we have collected and provide you with information regarding the original source of your personal data. You can make a request in this regard by sending an email to [email protected].

    • Correction and rectification

      You have the right to request CompanySpotter, without undue delay, to correct any inaccurate personal data. Taking into account the purposes of the processing, you as a data subject have the right to have incomplete personal data completed, including by providing a supplementary statement. We will automatically update the personal data we collect about you if you change the information in the source of the data.

    • Restriction and deletion

      You have the right to ask for the deletion of personal data stored in the database. We will automatically delete the personal data we collect about you when you delete the information in the data source. You may also make a request to us at [email protected]. We will delete the personal data after we have had a reasonable opportunity to verify your identity.

    • Transfer

      You have the right to request that the personal data in the database be transferred to another entity in a structured, commonly used and machine-readable format. You can make a request for such transfer by sending an e-mail to [email protected]. We will, after we have reasonably been able to verify your identity, transfer the personal data to the entity you request.

    • Non-profiling

      CompanySpotter does not engage in any form of profiling.

    • Right to file a complaint

      If you believe that the processing of your personal data by us would infringe the terms of this privacy statement or the GDPR, you have the right to file a complaint with your National Supervisory Authority. An overview of the various National Supervisory Authorities can be found here: https://edpb.europa.eu/about-edpb/about-edpb/members_en. For the Netherlands, data subjects can contact:

      Authority for the Protection of Personal Data
      Bezuidenhoutseweg 30
      P.O. Box 93374
      2509 AJ The Hague
      Tel. +31 70 888 8500
      https://autoriteitpersoonsgegevens.nl/

      The relevant authorities only assess the processing of personal data. The processing of company data falls outside the scope of the authority.

11. Changes to this statement

    CompanySpotter reserves the right to change or update this ‘Privacy Statement Customers’ at any time. If the occasion arises, we will strive to correctly inform all data subjects whose rights are significantly changed/affected by the change in question. In any case, it is advisable to consult this document regularly. A 'second to last' version is always available here.