Privacy Notice
Privacy Notice for Awesome Compliance Technology BV
Effective Date: 11 September 2024
At Awesome Compliance Technology BV (ACT), your privacy is a top priority, and we are fully committed to protecting your personal data. This privacy notice outlines how we collect, use, store, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
1. What Personal Data We Collect and For What Purpose
We process personal data for various purposes, in accordance with the principles of lawfulness, fairness, and transparency. The table below outlines the types of personal data we collect, the purposes of collection, the legal basis for processing, and how long we store your data:
| Purpose | Personal Data Collected | Legal Basis | Data Retention Period |
| Sales & Marketing (via LinkedIn, email, and enrichment tools) | Name, email, job title, LinkedIn profile, company details | Legitimate interest | Until you opt-out or unsubscribe |
| Account information (when you become a client) | Name, email, payment details, company information | Contractual necessity | 7 years after account termination (for compliance purposes) |
| Applicant information (when applying for a job) | CV, contact information, references | Consent/Legitimate interest | 1 year after the hiring process ends |
| Account creation & authentication | Name, email, login credentials | Contractual necessity | As long as you hold an account |
| Providing ACT services | Usage data, account information | Contractual necessity | As long as your account is active |
| Responding to inquiries & offering support | Name, email, inquiry details | Legitimate interest | Until the inquiry is resolved plus 1 year |
| Enabling user-to-user communications | Contact details, user identifiers | Contractual necessity | Until you deactivate the communication option |
| Requesting feedback | Name, email, feedback | Legitimate interest | 2 years after the feedback is provided |
| Sending marketing & promotional communications | Name, email, marketing preferences | Consent | Until you opt-out |
| Protecting ACT & fraud monitoring | IP address, device information | Legitimate interest | As long as necessary to ensure security |
| Identifying usage trends | Usage data, IP address, device information | Legitimate interest | Aggregate data retained indefinitely |
| Marketing & promotional campaign effectiveness | Email engagement metrics, campaign responses | Legitimate interest | Until the campaign ends plus 2 years |
| Vital interest protection | Contact details, location data | Vital interest protection | As long as required by the specific situation |
2. Who Has Access to Your Data?
Your personal data is accessed by authorized personnel at ACT and, where necessary, trusted third-party service providers who assist us in fulfilling the purposes mentioned above. These third parties may include marketing platforms, payment processors, IT service providers, and others, all of whom operate under strict confidentiality agreements.
We ensure that access to your data is granted only on a need-to-know basis and is fully controlled and monitored.
3. Is Data Transferred Outside the EEA?
We may transfer your personal data outside the European Economic Area (EEA) to trusted service providers in countries that the European Commission has recognized as offering an adequate level of data protection. Where this is not the case, we ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to protect your data.
4. What Technical and Organizational Security Measures Are in Place?
We take the security of your personal data very seriously and implement appropriate technical and organizational measures to safeguard your information. These measures include:
- Data encryption (both in transit and at rest)
- Secure access controls and authentication procedures
- Regular security audits and vulnerability assessments
- Monitoring and logging of system access
- Employee training and awareness programs on data protection
In the event of a personal data breach, we will notify you and the relevant authorities as required by law.
5. What Are Your Data Subject Rights?
As a data subject, you have the following rights under the GDPR:
- Right to Access: You can request access to the personal data we hold about you.
- Right to Rectification: You can request that we correct any inaccuracies in your personal data.
- Right to Erasure: You can request the deletion of your personal data under certain conditions (e.g., when it’s no longer necessary for the purpose for which it was collected).
- Right to Restriction: You can request the restriction of processing your data under certain circumstances.
- Right to Data Portability: You can request a copy of your personal data in a structured, commonly used, and machine-readable format.
- Right to Object: You have the right to object to the processing of your data for direct marketing or other purposes based on legitimate interest.
- Right to Withdraw Consent: Where we rely on your consent, you can withdraw that consent at any time.
If you believe that we have not handled your data appropriately or you are unsatisfied with our response to your concerns, you have the right to lodge a complaint with your local data protection authority. In the Netherlands, this is the Autoriteit Persoonsgegevens. You can contact them via their website at www.autoriteitpersoonsgegevens.nl.
For data subjects in other countries, you can contact your respective national data protection authority.
If you wish to exercise any of your rights or have questions about this process, please contact us at marianne@awesomecompliance.com.
6. Updates to This Privacy Notice
We may update this privacy notice from time to time to reflect changes in our data processing practices or legal obligations. Any updates will be posted on our website, and we encourage you to review this notice regularly. Significant changes will be communicated directly via email or through a prominent notice on our website.
7. How to Contact Us
If you have any questions, concerns, or requests regarding this privacy notice or the way we handle your personal data, please reach out to us at:
Awesome Compliance Technology BV
De Kluftstraat 18, 1035 WE, Amsterdam
Email: marianne@awesomecompliance.com
We are committed to ensuring that your privacy is respected and protected at all times.