Skip to content

Privacy statement

COBASE PRIVACY STATEMENT

Cobase is the trading name of Financial Transaction Services B.V. (hereafter “Cobase”, “we”, “us”, “our”), registered with the Dutch Chamber of Commerce number 68914016.

This Privacy Statement concerns the services provided by Cobase and informs you about the reason and scope of the collection and processing of your personal data when you use the Cobase website www.cobase.com (Website) and/or the services available on Cobase portal (Portal) or the wider platform, as well as when you use our app.

How Do We Use Your Personal Information, and What is The Lawful Basis for this Use?

Purpose

Lawful Basis

Engaging in transactions with the clients, suppliers and business partners;

Provision of the services to our clients through the Portal (including, account reporting and payment initiation);

Providing access and use of functionality for the users on our Portal and app;

Logging and auditing the history of payments, transaction and reporting and user activity;

Provision of client support;

Sending service-related communications.

Performance of a contract

Monitoring, maintaining and improving the performance of our website, communications, services and products, and analyzing trends and usage;

Improving and personalizing your experience with us and our website and tailoring the content, communications, advertisements and offers to you (where consent is not required);

Ensuring the security of our office, services, Website and the Portal;

For our own internal functions, management, accounting and corporate reporting, relationship management, internal research and other activities aimed at improvement of the business efficacies;

Enforcement of compliance with our terms of use and other policies in connection with legal claims, compliance, regulatory and investigatory purposes as necessary (including disclosure of such information in connection with litigation or other legal procedures);

Creation of aggregate and statistical data (which cannot be used to identify you). We reserve the right to transfer and/or sell aggregate or group data about the Portal’s users for lawful purposes; and

 

Transferring of the data for storage/archive.

As required to conduct our business and pursue our legitimate interests

For sales and marketing activities (where applicable legislation requires consent);

Where you provide consent to place cookies or similar technologies on your device;

 

On other occasions where we explain the purpose at the time.

Consent

 

Personal Data we Process

We process the following categories of Your personal data:

  • For the client onboarding purposes if you act as the authorised signatory of our client we process:
    • Name and family name
    • Function
    • Birthdate
    • Passport details (number, date of issue, type of document)
    • Scope of authorities
    • Email address
  • Personal data included in a payment order (e.g., salary payments) processed or reported by Cobase:

  • Name of the payer

  • Bank account number of the payer

  • Payment amount

  • Beneficiary name

  • Bank account number beneficiary

  • Payment reference

  •  Personal data of the employees of our clients acting as users on the Portal

  • Password

  • Name

  • Birth date (for verification in support calls)

  • Work phone nr

  • Relevant user actions, time of the visit to the Portal

  • IP address

  • Information collected via the Website, Portal or app, including the pages visited and documents viewed, sales and customer support call recording and chat transcripts, IP address and information that may be derived from it, and information about the browser, device or application You used to access the Website, demographic data when it is attached to data used to identify you. Some of this information is collected using cookies and related technologies. To learn more, please see below.

 

Please note: as part of the user authentication via the Cobase app we use devices with a camera to scan a visual code on the screen. The video taken by these cameras could accidentally capture an image of a person. These data are not stored or accessible by Cobase or other parties involved in the data processing.

Who Has Access to Your data?

The intended parties who have access to Your personal data are:

  • Cobase;
  • Your employer being our client who has provided you with access to the functionality of the Portal (in case you act as User on the Portal).
  • Third party service providers (see below).

Sharing Your Data with the Third-Parties Service Providers

We use third party service providers, who will process your personal data on Our behalf. We use third parties for customer relationship management, website and systems hosting, maintenance, software upgrades and marketing.

We will comply with requests to disclose Your personal data where required by local law or government authorities to comply with a legal obligation, and where permissible, we will provide advance notice of such disclosure to the individuals concerned.

In case of legal, regulatory or fraud concerns Your personal data might be shared with external risk/legal fraud experts.

Data Transfers to Third Countries

Cobase stores and processes Your data in the European Union (EU), to be more specific in Ireland and in the Netherlands. But we cannot offer all our services by ourselves. A small number of our partners, service providers or other parties may be processing the data in countries outside the EU or the EEA. In such cases, to ensure that your personal data receives a comparable level of protection, we employ appropriate safeguards, such as Standard Contractual Clauses as approved by the European Commission.

Where transactions are executed by the banks outside the EU, Cobase will only send transactions to such banks as directed by its clients.

What Rights Do You Have?

We honor data subjects’ rights under applicable law to be informed, access, correct, update, erase, restrict processing, right to data portability and to disable and block their personal data when lawfully requested to do so.

In some circumstances, You have the right to ask us for a copy of Your personal data; to correct, delete or restrict (stop any active) processing of Your personal data; and to obtain personal data You provided to us in a structured, machine-readable format, and to ask us to share (port) this personal data with another controller. In addition, You can object to the processing of Your personal data or where we rely on your consent, withdraw Your consent.

These rights may be limited, for example if fulfilling Your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in the EU GDPR and local data protection laws. We will inform you of the relevant exemptions we rely upon when responding to any request You make.

Rights of the users on the Portal

The majority of the personal data we store on the Users of our Portal and app can be reviewed via the portal under "My profile". Correction of the data is also possible via this screen. Please note that actions taken by you on the Portal cannot be changed.

Should you require insight in the Personal Data we process on You through other means please contact the appropriate contact person who manages the authorisations at Your employer and who has requested Your access to our Portal.

You should receive the insight into Your personal data processed by us within 1 month. In case the request is denied or delayed You will receive a specific reason behind it and further instructions on the steps you can take in case of objection to that.

Retention Period

Cobase does not store personal data for longer than necessary for the purpose for which it was provided or is required by law. We assess how long the data is needed for the purpose for which it has been collected or used.

Contacts

To exercise any of these rights above or if you have any questions or wish to contact us about something else related to privacy aspects, you can do so via the contact details below.

COBASE
Margriet Toren, 5th floor
Haaksbergweg 75, 1101 BR Amsterdam ZO

privacy@cobase.com

Complaints

Cobase sees the proper handling of your (personal) data of the utmost importance.

Should you not be satisfied by how we handle your personal data please contact our privacy officer via privacy@cobase.com. If we cannot find a solution with you, it is possible to lodge complaints with the applicable data protection authority. Complaints around the handling of your data by Cobase can be lodged with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) in The Hague.

Updates to this Privacy Statement

We reserve the right to change this privacy statement should it become necessary or advisable to do so to comply with regulatory requirements or best practices. If we materially change our practices in processing the personal data, we will notify you as appropriate.

In case you act as a user on our Portal and you do not agree to changes you can require your corporate administrator to remove your access from the Portal (please note that actions you took on the Portal previously cannot be changed).

Version

This privacy statement is version 1.7 finalized and published in July 2024.

*******