Privacy statement
This Privacy Statement concerns the services provided by Cobase and informs you about the reason and scope of the collection and processing of your personal data when you use the Cobase website www.cobase.com (website) and/or the services available on Cobase portal (portal), as well as when you use our app.
Purpose |
Lawful Basis |
Engaging in transactions with the clients, suppliers and business partners;
|
Performance of a contract |
Conduct of the Customer Due Diligence (including identification and verification of the identity);
|
Compliance with laws and regulations, including the Dutch Financial Supervision Act (WFT), the Dutch Money Laundering and Terrorist Financing (Prevention) Act (Wwft), applicable local sanction and anti-money laundering laws and the Revised Payment Services Directive (PSD2), including the related Regulatory Technical Standards (RTS) |
Monitoring, maintaining and improving the performance of our websites, communications, services and products, and analyzing trends and usage;
Improving and personalizing your experience with us and our website and tailoring the content, communications, advertisements and offers to you (where consent is not required);
Ensuring the security of our office, services, Website and the Portal;
For our own internal functions, management, accounting and corporate reporting, relationship management, internal research and other activities aimed at improvement of the business efficacies;
Enforcement of compliance with our terms of use and other policies in connection with legal claims, compliance, regulatory and investigatory purposes as necessary (including disclosure of such information in connection with litigation or other legal procedures);
Creation of aggregate and statistical data (which cannot be used to identify you). We reserve the right to transfer and/or sell aggregate or group data about the Portal’s users for lawful purposes; and
Transferring of the data for storage/archive.
|
As required to conduct our business and pursue our legitimate interests |
For sales and marketing activities (where applicable legislation requires consent);
Where you provide consent to place cookies or similar technologies on your device;
Processing of biometrics for authentication at the Customer Due Diligence (to the extent this processing is not fully covered by exemption under article 29 of the Dutch GDPR Implementation Act);
On other occasions where we explain the purpose at the time.
|
Consent |
- Name and family name
- Birthdate
- Function
- Address details (sometimes)
- Passport details (number, data of issue, type of document)
- Scope of authorities
- Results from the Namecheck
- Information on the source of wealth and funds (sometimes)
- Email address
- Biometrical data (in some cases for the digital identity verification).
• Personal data included in a payment order (e.g., salary payments)
- Name of the Payer
- Bank account number of the Payer
- Payment Amount
- Beneficiary Name
- Bank account number beneficiary
- Payment Message
- Payment Reference
- Password
- Name
- Birth date (for verification in support calls)
- Work phone nr
- Relevant user actions, time of the visit to the Cobase portal
- IP address
- Information collected via the Website, Portal or app, including the pages visited and documents viewed, sales and customer support call recording and chat transcripts, IP address and information that may be derived from it, and information about the browser, device or application You used to access the Website, demographic data when it is attached to data used to identify you. Some of this information is collected using cookies and related technologies. To learn more, please see below.
We use third party service providers, who will process your personal data on Our behalf. We use third parties for customer relationship management, website and systems hosting, maintenance, software upgrades and marketing.
We will comply with requests to disclose your personal data where required by local law or government authorities to comply with a legal obligation, and where permissible, we will provide advance notice of such disclosure to the individuals concerned.
In case of legal, regulatory or fraud concerns your personal data might be shared with external risk/legal fraud experts.
Data Transfers to Third Countries
Where transactions are executed by the banks outside the EU, Cobase will only send transactions to such banks as directed by its clients.
What Rights Do You Have?
We honor data subjects’ rights under applicable law to access, correct, update, erase, disable and block their personal data when lawfully requested to do so.
In some circumstances, you have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to obtain personal data you provide to us in a structured, machine-readable format, and to ask us to share (port) this personal data to another controller. In addition, you can object to the processing of your personal data or where we rely on your consent, withdraw your consent.
These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in the EU GDPR and local data protection laws. We will inform you of relevant exemptions we rely upon when responding to any request you make.
Rights of the users on the Portal
The majority of the personal data we store on the users of our Portal and app can be reviewed via the portal under "My profile". Correction of the data is also possible in this screen. Please note that actions taken by you on the Portal previously can not be changed.
Should you require insight through other means please contact the appropriate contact person who manages the authorisations at your employer and who has requested your access to our Portal.
You should receive the insight into your personal data processed by us within 1 month. In case the request is denied or delayed you will receive a specific reason behind it and further instructions on the steps you can take in case of objection to that.
Cobase does not store personal data for longer than necessary for the purpose for which it was provided or is required by law. We assess how long the data is needed for the purpose for which it has been collected or used.
Contacts
To exercise any of these rights above or if you have any questions or wish to contact us about something else related to privacy aspects, you can do so via the contact details below.
COBASE
Margriet Toren, 5th floor
Haaksbergweg 75, 1101 BR Amsterdam ZO
privacy@cobase.com
Complaints
Updates to this Privacy Statement
We reserve the right to change this privacy statement should it become necessary or advisable to do so to comply with regulatory requirements or best practices. If we materially change our practices in processing the personal data, we will notify you as appropriate.
In case you act as a user on our Portal and you do not agree to changes you can require your corporate administrator to remove your access from the Portal (please note that actions you took on the Portal previously can not be changed).
Version
This privacy statement is version 1.6 finalized and published in April 2023.