Skip to content
Login

Privacy statement

Cobase is the trading name of Financial Transaction Services B.V. (hereafter “Cobase”, “we”, “us”, “our”), registered with the Dutch Chamber of Commerce number 68914016.

This Privacy Statement concerns the services provided by Cobase and informs you about the reason and scope of the collection and processing of your personal data when you use the Cobase website www.cobase.com (Website) and/or the services available on Cobase portal (Portal) or the wider platform, as well as when you use our app.

How Do We Use Your Personal Information, and What is The Lawful Basis for this Use?

The table below sets out the purposes for which we process your personal data and the lawful basis we rely on for each.

Purpose

Lawful Basis

  • Engaging in transactions with clients, suppliers and business partners

    Providing services through the Portal, including sending payment files and reporting

    Access to and use of Portal and app functionality for users

    Logging and auditing payments, transactions, reporting, and user activity

    Client support

    Sending service-related communications 

  • Performance of a contract 

Monitoring, maintaining and improving website performance, communications, services, and products

Personalising your experience and tailoring content, communications, and offers (where consent is not required)

Ensuring security of our offices, services, website, and Portal

Internal management, accounting, corporate reporting, Teams meeting recording, and business improvement

Legal compliance, enforcement, litigation support, and regulatory purposes

Creating aggregate and statistical data (non-identifying). We reserve the right to transfer or sell such group data for lawful purposes.

Transferring data for storage or archiving 

Legitimate interests  

Sales and marketing activities (where applicable legislation requires consent)

Placing cookies or similar technologies on your device

Other purposes explained to you at the time of collection

Identifying and evaluating candidates for employment and recruitment recordkeeping 

 Consent  
Personal Data we Process

We process the following categories of Your personal data:

  • For the client onboarding purposes if you act as the authorised signatory of our client we process:
    • - Name and family name
    • - Function
    • - Birthdate
    • - Passport details (number, date of issue, type of document)
    • - Scope of authorities
    • - Email address
    •  
  • Personal data included in a payment order (e.g., salary payments) processed or reported by Cobase: 
  • - Name of the payer
  • - Bank account number of the payer
  • - Payment amount
  • - Beneficiary name
  • - Beneficiary’s address
  • - Bank account number beneficiary
  • - Payment reference
  • Personal data of the employees of our clients acting as users on the Portal:
  • - Password
  • - Name
  • - Birth date (for verification in support calls)
  • - Work phone nr
  • - Relevant user actions, time of the visit to the Portal
  • - IP address
  •  
  •  
  • - Information collected via the Website, Portal or app, including the pages visited and documents viewed, sales and customer support, client call recording and chat transcripts, IP address and information that may be derived from it, and information about the browser, device or application You used to access the Website, demographic data when it is attached to data used to identify you. Some of this information is collected using cookies and related technologies. To learn more, please see below. 

 

  • Personal data of the job applicants submitted by them as part of the online application via LinkedIn or via professional recruitment firm(s), including:
  •  
  • - Full Name as per the passport/ identity card
  • - Passport/ ID number
  • - DOB
  • - Home Address
  • - Country Home Address
  • - Contact information (Phone/ Email ID)
  • - Nationality
  • - Languages Known
  • - Gender
  • - Educational Background
  • - Work Experiences
  • - Visa Type and visa status
  • - Reason for Leaving
  • - Salary and benefits information
  • - Referral sources
  • - Background check
  • - Other information as may be required for recruitment purposes.
  •  

  • Personal Data collected via Microsoft Team calls, including:

    - User data: display name, email address, profile picture (optional), preferred language.

  •  

  •  

    - Meeting metadata: e.g., date, start and end time, meeting ID, phone number, location.

  • - Text, audio, and video data: During the online meetings, audio and video data are processed.

    - Transcription of the recording: After the meeting the transcription of the meeting is created with the help of Microsoft 365 Copilot (AI-powered productivity tool making a part of the Microsoft 365 ecosystem).

  • Please note: as part of the user authentication via the Cobase app we use devices with a camera to scan a visual code on the screen. The video taken by these cameras could accidentally capture an image of a person. These data are not stored or accessible by Cobase or other parties involved in the data processing. 

Who Has Access to Your data?

The intended parties who have access to Your personal data are:

  • - Cobase;

  • - Your employer being our client who has provided you with access to the functionality of the Portal (in case you act as User on the Portal).

    - Third party service providers (see below).

    - Third parties relevant to the services that we render, including regulators and authorities, governmental institutions, financial institutions.

  • - Our group of companies, including our affiliates, shareholders, in order to administer our services and products, provide You with customer support, process the payment and reporting files, understand Your preferences, send You information about products and services that may be of interest to You and Your organization and conduct the other activities described in this Privacy Statement.

Sharing Your Data with the Third-Parties Service Providers

We use third party service providers, who will process your personal data on Our behalf. We use third parties for customer relationship management, account-check services, website and systems hosting, maintenance, software upgrades and marketing.

We will comply with the requests to disclose Your personal data where required by local law or government authorities to comply with a legal obligation, and where permissible, we will provide advance notice of such disclosure to the individuals concerned. We will bound by obligations of confidentiality, in connection with the processing of your Personal Data for the purposes described in this Privacy Statement.

In case of legal, regulatory or fraud concerns Your personal data might be shared with external risk/legal fraud experts.

Data Transfers to Third Countries

Cobase stores and processes Your data in the European Union (EU), to be more specific in Ireland and in the Netherlands. But we cannot offer all our services by ourselves. A small number of our partners, service providers or other parties may be processing the data in countries outside the EU or the EEA. In such cases, to ensure that your personal data receives a comparable level of protection, we employ appropriate safeguards, such as Standard Contractual Clauses as approved by the European Commission.

Where transactions are executed by the banks outside the EEA, Cobase will only send transactions to such banks as directed by its clients. Our client, as the party sending the data, is responsible for making sure that any transfer of Your personal data follows the privacy laws. This also means the client must decide and ensure that there is a proper legal reason for the transfer.

What Rights Do You Have?

We honor data subjects’ rights under applicable law to be informed, access, correct, update, erase, restrict processing, right to data portability and to disable and block their personal data when lawfully requested to do so.

In some circumstances, You have the right to ask us for a copy of Your personal data; to correct, delete or restrict (stop any active) processing of Your personal data; and to obtain personal data You provided to us in a structured, machine-readable format, and to ask us to share (port) this personal data with another controller. In addition, You can object to the processing of Your personal data or where we rely on your consent, withdraw Your consent.

These rights may be limited, for example if fulfilling Your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in the EU GDPR and local data protection laws. We will inform you of the relevant exemptions we rely upon when responding to any request You make.

Rights of the users on the Portal

The majority of the personal data we store on the Users of our Portal and app can be reviewed via the portal under "My profile". Correction of the data is also possible via this screen. Please note that actions taken by you on the Portal cannot be changed.

Should you require insight in the Personal Data we process on You through other means please contact the appropriate contact person who manages the authorisations at Your employer and who has requested Your access to our Portal.

You should receive the insight into Your personal data processed by us within 1 month. In case the request is denied or delayed You will receive a specific reason behind it and further instructions on the steps you can take in case of objection to that.

Retention Period

Cobase does not store personal data for longer than necessary for the purpose for which it was provided or is required by law. We assess how long the data is needed for the purpose for which it has been collected or used.

Retention Period for the Recruitment Data

Cobase stores Your Personal Data collected for the recruitment purpose for no longer than is required for the processing of the Personal Data, to match You with prospective employment opportunities or as otherwise required by law, regulation or other legitimate business interests. If unsuccessful, generally we keep most of Your information for the duration of the recruitment process and for a maximum of 1 year after ending the job application procedure. If You are not offered a position with Cobase, we may contact You about future opportunities consistent with Your expressed interests and qualifications. If You are successful in Your application, information collected as part of the recruitment process will be transferred to Your personnel file and retained during Your employment with us.

Contacts

To exercise any of these rights above or if you have any questions or wish to contact us about something else related to privacy aspects, you can do so via the contact details below.

Cobase

  • Margriet Toren, 5th floor
    Haaksbergweg 75, 1101 BR Amsterdam ZO

    privacy@cobase.com

    Complaints

    Cobase sees the proper handling of your (personal) data of the utmost importance.

    Should you not be satisfied by how we handle your personal data please contact our privacy officer via privacy@cobase.com. If we cannot find a solution with you, it is possible to lodge complaints with the applicable data protection authority. Complaints around the handling of your data by Cobase can be lodged with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) in The Hague.

    Updates to this Privacy Statement

    We reserve the right to change this privacy statement should it become necessary or advisable to do so to comply with regulatory requirements or best practices. If we materially change our practices in processing the personal data, we will notify you as appropriate.

    In case you act as a user on our Portal and you do not agree to changes you can require your corporate administrator to remove your access from the Portal (please note that actions you took on the Portal previously cannot be changed).

    Version

    This privacy statement is version 1.11 finalized and published in April 2026.