This Privacy Statement provides information on how TreasurUp in the Netherlands approaches the processing of your personal data.
Because we refer to processing personal data in this privacy statement, we believe that it is important to specify to you what is understood when we use terms such as ‘personal data’ and ‘processing’.
This entails data which is related directly or indirectly to you as a natural person.
Anything which can be done with your personal data. This includes the collecting, the sorting, the using, passing on and deleting of personal data.
We process personal data if we have, want to have, or have had a business relationship with you, or if we have had contact with you and/or your representatives. The people whose personal data we process include:
We process personal data if we have, want to have, or have had a business relationship with you, or if we have had contact with you and/or your representatives. The people whose personal data we process include:
In principle we receive your personal data because you provide it to us yourself. Examples include data you enter on our website yourself in order for us to contact you, and data arising from the services we provide.
We use the “legitimate interest” basis to process your personal data. We make a trade-off between the interests of TreasurUp or third parties and the violation of your privacy. Our interests are, for example, the following:
When you are a client of ours, we want to be of service to you. We execute the instructions we receive from you and execute the agreements we have concluded. This is what we have agreed with you. We process personal data for this purpose.
In order for us to be of service to you and to innovate for your benefit, we develop and improve products and services on an ongoing basis. We do this for ourselves, our bank clients or other parties.
We process your personal data for account management, promotional and marketing purposes. In doing so, we use data we have obtained from you, such as your activity on our website, as well information not obtained directly from you, including public registers (such as the Chamber of Commerce), publicly available sources (such as the internet) and other parties (such as data brokers).
If you have contact with TreasurUp for work-related reasons, we may process your personal data, for example for determining whether you are permitted to represent your business, or whether we can give you access to our offices and/or services.
We also use data to analyse and improve our business processes so that we can help you more effectively or make our processes more efficient and create management reports.
We may also process your personal data if this is necessary for archiving purposes, scientific or historic research purposes or statistical purposes.
We do not keep your data for any longer than necessary to fulfil the purposes for which we collected the data or the purposes for which data are being reused. We follow a data retention policy. This policy specifies how long we keep data. In the Netherlands, this is usually for two years following the termination of the relevant agreement or the ending of your business relationship with TreasurUp. Data are sometimes kept for longer and in some cases, we use shorter retention periods. Once we no longer require the data for the purposes described in section 6 above, we may still keep the data for archiving purposes, in the event of legal proceedings, or for historic or scientific research purposes or statistical purposes.
Yes, TreasurUp may share your personal data with third parties, but only where necessary and with appropriate safeguards: Service providers (processors): LivMark, Google Analytics, HotJar, Dealfront, Promotter, Bura Marketing, Swydo, LinkedIn. These parties act on our behalf and under our instructions. Financial institutions and business partners, when required to provide our services or carry out transactions. Regulators and supervisory authorities – such as the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or financial regulators, when legally required. Legal and professional advisors – such as auditors or lawyers, where necessary for compliance and risk management. Other third parties – only if you have provided explicit consent, or if this is necessary to perform an agreement with you. We do not sell your personal data to third parties.
Within TreasurUp, only those people that require access to your personal data based on their function can actually access your personal data. All of these people are subject to a duty of confidentiality.
Your personal data can also be passed on to other parties outside of TreasurUp if we have a legal obligation to do so, if we have to fulfil an agreement with you, or because we decide to use a different service provider. If we transfer your personal data to parties outside the European Union (EU)/European Economic Area (EEA) ourselves, we will take extra measures to protect that personal data. Not all countries outside of the EU have the same rules and regulations to protect your personal data to the extent that countries within the EU have. In case the third party that we use is located outside the EU/EEA, and in case the country where this party is located does not have a sufficient level of protection when processing personal data according to the European Commission, then we only transfer personal data when there are sufficient guarantees, such as European Commission approved contractual obligations.
This Privacy Statement describes what TreasurUp does with your data. In certain cases, we provide additional or different information if there are reasons for providing you with information in addition to the Privacy Statement. We may do that by means of a letter, by leaving a message in your secure inbox or in another way to be determined by us.
You may ask us whether we process data relating to you, and if so, which data this concerns. In that case, we can provide you with access to the data processed by us that relates to you. If you believe your personal data has been processed incorrectly or incompletely, you may request that we change or supplement the data (rectification).
You may request that we erase data concerning yourself that we have recorded, for example if you object to the processing of your personal data. We don’t always have to do that. And sometimes we are not allowed to do this either. For example, if we still have to store your data due to legal obligations.
You may request that we temporarily restrict the personal data relating to you that we process. This means that we will temporarily process less personal data relating to you.
You have the right to request that we supply you with data that you previously provided to TreasurUp in the context of a contract with us or with your consent, in a structured, machine-readable format, or that we transfer such data to another party. If you ask us to transfer data directly to another party, we can do this only if this is technically feasible.
If we process your data because we have a legitimate interest in doing so, you may object to this. In that case, we will reassess whether it is indeed the case that your data can no longer be used for that purpose. We will stop processing your data if your interest outweighs our interest. We will inform you of our decision, stating the reason.
You have the right to request that we stop using your data for direct marketing purposes.
If you have a request, please send your message via our contact form. After your request, and does this entail your personal data that we process, we will reply within one month after we have received your request. We can ask you to specify your request for review. In highly specific circumstances, we can extend the term we have to review and reply to your request to a maximum of three months. In that case, we will keep you informed on the progress of your request. It is possible that we cannot cater to your request. For example, due to harm done to the rights of others, or because we are not allowed to do so by law (including police, ministries and any other government authority). It could also be because we made a tradeoff where the interest of TreasurUp or others to process the data outweighs your interest. If so, we will inform you of this. If we rectify or delete data based on your request, we will inform you of this as well. Where possible, we will also inform the ultimate recipients of your data about this.
We would like our data subjects to be satisfied with our service provision, however, we understand that this might not always be the case. We are sorry for when such a situation occurs. Do not hesitate to reach out via our website contact form and inform us of your complaint and together we will do our utmost best to find a solution to your complaint.
If you are unsatisfied about the way in which your request or complaint has been handled by TreasurUp, or if you have any remaining questions regarding the processing of your personal data by TreasurUp after reading the Privacy Statement, please feel free to contact us. Of course, you are always free to direct your questions to, or submit a formal complaint at, Autoriteit Persoonsgegevens (a Dutch government body).
Yes, our Privacy Statement can change from time to time. This can occur when new forms of data processing are included in our services, and when this processing is of importance to you. The most actual version of our Privacy Statement can always be found on: www.treasurup.com.
