Privacy statement

You have the right of objection against the processing of your personal data (1) necessary for the legitimate interests of Ad Hoc Data or third parties, provided there are reasons specifically related to your situation and (2) for the purpose of direct marketing.

This is the privacy statement of Ad Hoc Data BV.,  located at Koninginnegracht 46-I in The Hague and registered with the KvK under number 28077834. 

Introduction

Ad Hoc Data plays an important role for many organizations in supporting B2B marketing and sales campaigns, as well as analyzing target audiences, keeping carefully built leadlists up-to-date and avoiding the harmful consequences of contracting with insolvent or even rogue companies. We do this through a very complete and up-to-date dataset of companies and organizations, excellent personal service and very user-friendly tools. And all at the very best price.

Ad Hoc Data determines, with regard to the use of its database, the purpose and means of processing personal data. Ad Hoc Data determines which personal data are collected, for what purpose this is done and by what means this is done. As a result, Ad Hoc Data is a data controller. Based on existing legislation, we have an independent obligation to ensure that personal data are processed transparently, securely, carefully and in accordance with the applicable laws and regulations. You can read more about how Ad Hoc Data complies with this in this privacy statement.

The lawfulness of processing and the security and confidentiality of personal data is essential to us.

We therefore treat your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (the Algemene Verordering Persoonsgegevens (“AVG”)) and the Law of July 30, 2018 on the Protection of Natural Persons with Regard to the Processing of Personal Data.

Through this privacy statement we aim to provide clarity on, among other things, the purposes of processing, the basis for processing, the rights of data subjects, the structure of our organization and the way in which we fulfill our obligations.

Objectives of Ad Hoc Data

Ad Hoc Data has been one of the biggest players in the field of commercialization of a database with company data for years. On both the Dutch and Belgian markets, we offer our customers direct access to a complete database for by far the most competitive price in the market. This way we ensure that reliable, up-to-date and qualitative company data is available to everyone. From sole traders to multinationals, Ad Hoc Data offers every organization an accessible online tool for compiling effective data sets at a fair price. This provides transparency, increases inter-competition and prevents dominance by wealthy organizations. As a provider of a platform on which organizations can very specifically select their target audience, we encourage increasing relevant and desired communication and thus reducing nuisance.

Note: Legally, a residential location and the location of a business are two different addresses. However, if an organization is located at a residential address, in practice that often means the same front door. And the outside world does not see the difference. That can be perceived as unpleasant. In fact, an organization's business address is always public. Among other things, it is displayed on the Chamber of Commerce. Every company that is required to register with the Chamber of Commerce must also register its branches. The registration of branches also includes providing an address, where at least one activity of the company is carried out or from where the activity is carried out. Thus, this can also be a residential address.

Processing goals

In the conduct of our business activities and the pursuit of our objectives, we record data of companies and organizations that actively participate or have recently participated in commerce and are registered with the Chamber of Commerce in our database.

Database

The information contained in our database is always company data. However, it is possible that (certain) company data are also personal data. This concerns only personal data related to the legal representative(s) of the organization in question or the personal data of natural persons-companies. These data are included in our database, but are limited to the data that are actually necessary for the provision of our services. The personal data will therefore be linked to the function and/or capacity of the person within the organization in question. This includes the first and last name, business address, business telephone number(s) and business e-mail address of the legal representative of the organization in question.

Customers and potential customers

The data that we collect when you are a (potential) customer of Ad Hoc Data is important for building and maintaining a good relationship and performing a good service. For example for the purpose of your online account or for the financial settlement of the service.

Contact form/chat

We do not collect personal data by automatic means that allow you to be directly identified, unless you have given us your consent or you provide us with this personal data, including by filling out the form on our website, via the chat or when you contact us per e-mail.

Cookies

In addition, through cookies, we automatically collect certain personal data necessary for the proper operation and security of our website. This is described in our cookie statement.

Please note that certain features of our website may not be available if you do not wish to provide your personal data or refuse the use of certain cookies.

 

You are solely responsible for the accuracy of the data you communicate and/or enter to us.

Under no circumstances does Ad Hoc Data process special personal data – such as race, ethnicity, political views, memberships, data on health and/or religious or philosophical beliefs. Also, no form of automated decision-making based on individual profiles (profiling) takes place. 

The processing basis

In accordance with the AVG, any processing of personal data must be justified, and so must the processing by Ad Hoc Data. The rules state that processing is justified when the purpose of the processing can be based on ééone of the six legal bases given in the regulation. The six bases are not all equally relevant and very dependent on the situation. Among other things, it depends on whether it is a public or private organization and for what purpose the personal data are processed. The legal bases are not cumulative. Also, there is no hierarchical order of the legal bases. Only ééone of the bases needs to apply to justify processing.

Database

With respect to the situation at Ad Hoc Data, the processing of the data included in the database is justified on the basis that the processing is necessary to serve the legitimate interests of the organization. Here it has already been weighed up that the interests or fundamental rights and freedoms of the data subject requiring protection of personal data do not outweigh those interests.

A lack of essential (correct) business information puts a brake on the development of the economy and stunts its (re)revival. It also damages the economy by exposing healthy businesses to the harmful consequences of contracting with insolvent or even rogue companies.

It also allow companies to target and explore new market segments, especially through access to pertinent data regarding the target groups or market segment of the companies. Deze ondernemingen kunnen op deze manier bijkomende, gezonde en dus rendabele handel genereren.

In this sense, data processing provides a “level playing field” by allowing not only large(er) companies to access the business information, but also allowing small companies to (1) avoid the harmful consequences of contracting with insolvent or even rogue companies, (2) keep their carefully constructed business databases up to date, and (3) have the opportunity to be able to prospect in a targeted manner (without, for example, having to randomly contact companies).

Hereby Ad Hoc Data obliges its clients to carefully observe the relevant regulations regarding the processing of personal data (if any).

The processing of (personal) data for the purpose of fraud prevention (risk & compliance) is a legitimate interest of the controller in question.

The AVG mentions legitimate interest as a possible legal basis for fraud prevention.

Recital 47 AVG The legitimate interests of a controller, including those of a controller to whom the personal data may be disclosed, or of a third party, may provide a legal basis for processing, provided that the interests or fundamental rights and freedoms of the data subject are not overridden, taking into account the reasonable expectations of the data subject based on their relationship with the controller.

The processing of these personal data is authorized as it is necessary for the protection of the legitimate interest of Ad Hoc Data/its clients:

·         When balancing the legitimate interest of Ad Hoc Data/its clients and the interest of the data subject, the relevance of the information to Ad Hoc Data and/or its clients, on the one hand, and the nature of the information in question, on the other, are taken into account.

 

It is a personal data relating to the directors of the companies, but this data is not related to his privélife, but to the exercise of a mandate in a company.

 

·         It concerns data that is public. This does not exclude that it is personal data that enjoys the protection of the AVG, but this public nature must be taken into account when weighing the interest of Ad Hoc Data and/or its clients with the right of the data subject to protection on the use and dissemination thereof. This right to protection of a data, which is merely related to the exercise of a director's mandate, does not outweigh Ad Hoc Data's right to include this data in trade information relating to the company in question.

 

·         The disadvantage that the director could possibly suffer as a result of the fact that information about a (former) director's mandate of the director in question is included in the company information is not disproportionate to the advantage that the defendant obtains by being able to supplement this company information with relevant data. It should be considered that the rights and freedoms of the director in question do not outweigh the legitimate interest of Ad Hoc Data to provide its clients with correct, objective and complete information. It should be noted that the exercise of a directorship is not a purely private matter but also has a public character. Moreover, by exercising a directorship in a company, a director participates directly in economic life, which in any event goes beyond his mere private interests.

 

The processing of personal data for the purpose of direct marketing may be considered to be carried out for the purposes of a legitimate interest.

 

The AVG lists legitimate interest as a possible legal basis for direct marketing.

Recital 47 AVG The legitimate interests of a controller, including those of a controller to whom the personal data may be disclosed, or of a third party, may provide a legal basis for processing, provided that the interests or fundamental rights and freedoms of the data subject are not overridden, taking into account the reasonable expectations of the data subject based on their relationship with the controller.

The AVG is a regulation within the European Union. The objectives of the European Union state that it is committed to the sustainable development of Europe, based on balanced economic growth and price stability, a highly competitive social market economy. By providing its services, Ad Hoc Data actively contributes to this objective of the European Union..

The personal data processed by Ad Hoc Data concern only the legal representatives of the companies. In addition to the name of this representative, the contact data recorded therewith, such as address, e-mail address and telephone number, are included in the database only as contact data of the respective organization. This data was deliberately shared publicly (e.g., through the company's website) by the respective organizations/involved parties. Given this, the likelihood of the processing having a negative impact on the data subject's rights is low.

The data subject provides the aforementioned information for the purpose of active participation in commerce. Given the timing and context of the collection of the personal data, it is reasonable to expect by the data subject that his data will be further processed in line with the objective of active participation in commerce.

Customers and potential customers

The personal data we process in case you are (have been) a customer of Ad Hoc Data are processed on the grounds of the execution of an agreement. If you are a potentialële customer of Ad Hoc Data, we process your data on the basis of the legitimate interest of the organization.

Contact form/chat

If you contact us via our contact form or via the chat on the website, you give us permission to process your data. The basis for this processing is therefore consent.

Cookies

Personal data collected through functional cookies, which are thus required for the proper functioning of our website, are processed based on our legitimate interest.

Non-functional cookies are set only after we have obtained your consent.

More explanation about how cookies are used on our website and the specific cookies that are (potentially) set by our website can be read in our cookie statement.

If we intend to carry out any processing of your personal data for a purpose not provided for in the Privacy Statement, we will contact you at the e-mail address you provide to inform you of this new processing and its purpose, giving you the opportunity to refuse such processing.

Confidentiality

All personal data will be kept strictly confidential and will in no case be communicated to third parties, unless we have obtained the explicit, prior consent or in case of communication of these personal data to our external technical service providers and/or sub-processors for the proper functioning of our website.

The withdrawal of your consent

You may revoke the consent you have granted to us to process your personal data at any time by sending a written or electronic request with proof of your identity to privacy@adhocdata.nl.

As mentioned in our cookie statement you can revoke the consent you have given us to set non-functional cookies at any time by clicking the button at the top of the cookie statement.

The withdrawal of your consent is not possible for the processing operations necessary for the performance of a contract or the processing operations necessary for the protection of our legitimate interests or those of a third party. Therefore, the withdrawal does not affect these processing operations.

The withdrawal of your consent does not affect the lawfulness of the processing operations that have already been carried out on the basis of your consent before its withdrawal.

Retention periods

Database

Ad Hoc Data maintains with respect to the database a retention period that is never longer than necessary, in order to protect possible personal data. This retention period is in any case no longer than the duration of the existence of the company to which the information relates.

Data of data subjects in our database are kept by our clients after the end of the agreement concluded between us for a maximum of 90 days by the clients and its processors.

Customers and potential customers

The personal data related to our (potential) customers are retained for the period of time that is necessary for us to accomplish the purpose of the processing.

This means that we will retain your personal data for up to ten years after you are no longer our customer/our contractual relationship has ended. This period applies subject to special legal provisions that provide for a shorter or longer duration.

Contact form/chat and cookies

Personal data processed in response to the contact form or via chat on the website will be kept for a maximum of 90 days.

The retention periods with respect to cookies are listed separately in our cookie statement.

 

The rights of data subjects

Information: about the processing of personal data. This document informs you about this.

Insight: in which personal data are processed. To this end, data subjects may submit a request to us at privacy@adhocdata.nl.

Correction and addition: of personal data. To this end, data subjects may submit a request to us at privacy@adhocdata.nl.

Oblivion: of personal data from our database. To this end, data subjects may submit a request to us at privacy@adhocdata.nl.

Limitation: of the processing of personal data. To this end, data subjects may submit a request to us at privacy@adhocdata.nl.

Objection: against the processing of personal data. To this end, data subjects may submit a request to us at privacy@adhocdata.nl.

Data portability: of personal data. To this end, data subjects may submit a request to us at privacy@adhocdata.nl.

Non-profiling: the right to object to automatic decision-making. Profiling is not used in any way within Ad Hoc Data.

 

Exercise of rights by the data subject

You may exercise these rights by sending a dated, written or electronic request with proof of your identity to privacy@adhocdata.nl te richten of desgevallend een aanvullende verklaring te verstrekken.

After verifying identity, we will either grant your request or notify you in writing of the reason why we believe you are not entitled to exercise the right you have invoked.

The preconditions

Under the AVG, Ad Hoc Data has a duty to process data in accordance with the principles governing the processing of personal data. The regulation does not specify how this accountability obligation must be concretely fulfilled, but states that the nature, scope, context and purpose of the processing and the associated risks for the data subject must be taken into account. In order to give concrete substance to this requirement and the duty to demonstrate, we have taken the following formal measures:

  • We have appointed a data protection officer (FG). This is Famke Smidt and she can be reached at privacy@adhocdata.nl.
  • We keep records of all processing activities.
  • We conducted a data protection impact assessment in order to identify the extent to which high-risk processing activities take place.
  • We have written appropriate data protection policies in relation to processing activities.
  • We have appropriate security measures in place for the protection of personal data.
  • We have documented how we ensure the prevention of transfer of data outside the European Union.
  • We have considered the principle of privacy by design and default settings when setting up processing operations.
  • We have established in advance how to proceed in the event of a data breach regarding reporting to the Personal Data Authority and/or data subjects.
  • We have established the manner in which data breaches (if any) are recorded within our organization.
  • We have made conclusive arrangements with all data processors through a processor agreement.
  • We have created a privacy statement to inform data subjects of our practices and their rights.

Revisions

Occasionally, Ad Hoc Data's privacy statement may be expanded or modified. Where appropriate, we will endeavor to properly notify all data subjects whose rights are significantly changed/affected by the change in question. In any case, it is wise to consult this document regularly.

Feedback

Do you suspect that Ad Hoc Data is not acting in accordance with privacy laws? Or do you have comments or questions, please contact us. You can also contact us using the following details:

Ad Hoc Data BV

Koninginnegracht 46-I

2514 AD 's-Gravenhage

info@adhocdata.nl

If you believe that our processing of your personal data would violate the provisions of this Privacy Statement or the AVG, you have the right to file a complaint with the Personal Data Authority at this link.

The Autroriteit Persoonsgegevens only judges the processing of personal data. The processing of company data are, logically, outside of this.

 

's-Gravenhage, september 2021

Loading...