This Privacy Policy sets out the data processing practices of BoldData B.V. Please note that all data thus captured will be used and held in accordance with the requirements of the Data Protection Act 2018.
BoldData B.V. is a market leading full-service provider of International B2B & B2C Database Solutions.
We specialise in providing profitable acquisition, retention and business intelligence solutions utilising our expertise across our Data aggregation, Data cleaning & Enhancement, Analysis and Data Processing divisions.
BoldData is the controller and our Data Protection Officer is Pieter Jansen. If you have any requests concerning your personal data or any queries with regard to how we handle your data you can contact the DPO by phone on (+0031)020-7052360, email p.jansen@bolddata.nl or write to us at BoldData B.V., Nachtwachtlaan 20-24, 1058EA, Amsterdam
Purpose of processing and the source of data
All data collected will be used solely by BoldData to offer information services within the meaning of European Directive 2002/58/EC dated 12 July 2002 (Directive concerning privacy and electronic communications). BoldData process personal data for several purposes, such as Directory, Marketing, Verification and control, Data quality, Data management, Performance of contract. Please note that all purposes may not be used in all countries.
The data we deliver for these purposes is divided into two categories:
- Private individuals: Only the directory data are processed by BoldData B.V. (surname, first name, address, telephone number, Date of Birth and e-mail address) with BoldData regularly receiving these data from the various publishers and telephone service providers. Our sources are obliged to communicate the data of their subscribers to the official directories as stipulated by European Directives 2002/58/EC dated 12 July 2002 and 2002/22/EC dated 7 March 2002.
- Businesses: This category consists of the legal and natural persons carrying out their activities as independent parties. Classification of businesses by sector is also offered. The data are provided either by public registers, telephone service providers and various other sources.
We use basic contact data but in some cases we also do profiling. Profiling means that we add statistical variables about your likeliness, for example, to live in a household with children, lifestyle etc. These variables are not connected to you directly but rather a likelihood for a group of people that for example live in the same neighbourhood.
BoldData B.V. may make transfers of data to non-EU countries in accordance with the legislation in force, in particular Regulation (EU) 2016/679 concerning the protection of natural persons with regard to the processing of personal data and the free circulation of these data (hereinafter “GDPR”).
The processing of personal data for these purposes is necessary according to Article 5 of European Directive 2002/22/EC dated 7 March 2002 (“Universal Service” Directive) and according to national implementing Acts and also the legitimate interests pursued by BoldData B.V.
Website
If you use our website. Our website does not automatically capture or store personal information, other than logging the user’s IP address and session info such as the duration of the visit and the type of browser used. Through Google Analytics, this is recognised by the Web server and is only used for system administration and to provide user statistics.
We would like to use your personal data to send you details of products or services that we offer that we have identified as likely to be of interest to you. We will only send you information in line with the preferences you indicated when you provided the personal data.
If at any point you would like to opt-out of receiving communications from us or would like to change the channels (such as email or post) that we use to contact you, please contact our Marketing Manager, Daan Wolff at d.wolff@bolddata.nl.
Enquiries and Website order Forms
You may be asked for personal information (restricted to carrying out our business function) and company information if you would require further information on our services, upload data files or if you wish us to contact you. In each case we will only use the personal information you provide to deliver the information you have told us you require, and you will be informed of what we will collect and agree this in advance. We do store, contact name, company name, full address, telephone, fax and email. Should you wish to withdraw your consent to marketing communications from BoldData, please contact us. There is a facility on our website for you to state your communication preferences and to update them as and when they change.
Our legal ground for keeping the data
Recital 47 of GDPR states “The processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest.” Direct marketing is essential to most companies to spread the message about their products. BoldData’s services within direct marketing and data management are to secure that our customers have data that is up to date and enough information to target the right customers, with the right message.
The BoldData customer needs to find and correctly target individuals with product offers. There is also a need to know more about the individuals than just the contact details to personalize offers, target them at the right time (when they are most likely interested in the offer) and in through the right channels. For that reason, more information than the customer has is normally needed.
Impact on the data subject – how may processing affect people’s privacy
Keeping records of data subjects for the mean of direct marketing does not per se mean any affect to a person’s privacy if the data is safe guarded. However, keeping data about a large amount of individual can always be a security issue if the information is leaked.
Data impact
The data used for direct marketing is normally of basic nature and is not involving any high impact risk. However, when adding more information than traditional contact details, such as life style variables built on statistics a clearer image of the person is built up. The more information collected or created the clearer the picture, hence higher risk. BoldData does not store sensitive data as specified by GDPR about the individual.
Reasonable expectation of the individual
An individual will in most countries expect to receive direct marketing. They do expect that companies they have made previous purchases from to contact them again with new offers unless they have opted out. To some extent individuals are also expecting direct marketing from companies they do not have a relation with. However, it is not to be expected that the average person understands that information providers have large registers with personal information that is being sold for direct marketing purposes.
Marketing information to a B2B role (company representative)
BoldData deems that it is not an intrusion into the individuals’ privacy to send marketing addressed to theirworking role, (relevant marketing).
Impact on the individual.
When processing basic contact data for direct marketing, BoldData’s view is that there is little risk that the processing may lead to high risk for intrusion to the privacy of the individual. However, there is always a risk that certain individuals do not want their information spread more than necessary and strongly object to this type of processing.
If the basic contact data is leaked or in other ways comes into the incorrect hands there is low risk of harm as the data normally being publicly available. Other data (such as children, gender, civil status, date of birth) used for marketing can increase the risk, however it is still unlikely to do harm to the individual.
Provisional balance
Direct marketing is mentioned in Recital 47 of GDPR as a legitimate interest. BoldData’s processing of personal data is in many cases a necessity for our customers to find the right individuals, sending the right message,through the right channels. BoldData is also very careful, following industry standards and codes of conduct for the processing.
The foreseen objections from and risks for an individual will be mitigated through BoldData’s measures to handle the individuals’ rights. No severe impact on an individual’s privacy is expected with this type of activities. The consequence of wrongful information would be that the individual does not receive an offer via direct marketing, or that the person receives a message about an offer that is not relevant to her/him. This cannot be seen as very intrusive.
The main risk with processing data for direct marketing is the number of data subjects being processed within BoldData and any potential leak of the information. This processing is protected by BoldData technical and organizational measures. We also classify all our data according to the C.I.A method. CIA stands for Confidentiality, Integrity and Availability and is used as a way of determining what security measures needs to be in place when using a particular type of data. BoldData considers that there is a legitimate interest for processing personal data for direct marketing purposes.
Your right to your data
As is your right under GDPR, you are entitled to know exactly what data BoldData store about you. This Act is called the Access to Information.
Right to correct
You have the right to have incorrect, incomplete, outdated, or unnecessary personal data we have storedabout you corrected or completed by contacting us. In some cases when we use official data we might ask youto contact the authority directly to get your data corrected to secure it is done in the proper official manner necessary for those registers.
Right to deletion
You may also ask us to delete your personal data from our systems. We will comply with such request unless we have a legitimate ground to not delete the data.
Right to object
You may object to certain use of personal data if such data are processed for other purposes than what is necessary for the performance of our services or for compliance with a legal obligation. You may also object any further processing of personal data after prior given consent. If you object to the further processing of personal data, this may lead to fewer possibilities to use our services.
You have the right to prohibit us from using your personal data for direct marketing purposes, market research and profiling.
Right to restriction of processing
You may request us to restrict processing of certain personal data, this may however lead to fewer possibilities to use our website and services.
Right to data portability
You have the right to receive the personal data you have given us in a structured, commonly used format. Please note that this only applies to data that was given to us directly from you.
How to use the rights
These rights may be used by sending a letter or e-mail to us on the addresses set out below, including the following information: name, address, phone number and a copy of a valid ID. We may request the provision of additional information necessary to confirm your identity. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded. In case you consider our processing activities of personal data to be inconsistent with the applicable data protection laws, a complaint may be lodged with the local supervisory authority for data protection.
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to us at the following address: BoldData B.V., Nachtwachtlaan 20-24, 1058EA, Amsterdam.
Right to lodge a complaint with the Data Protection Agency
You have a right to lodge a complaint with the Data Protection Agency if you are not satisfied with the way we treat your data. Here you find the contact details to the Dutch Authority Personal data (AP). As the name suggests, the Dutch Data Protection Authority only deals with the processing of any personal data. Logically, this does not include the processing of company data. You can reach the Dutch Data Protection Authority using the contact options here: https://www.autoriteitpersoonsgegevens.nl/
Liability
BoldData and BoldData’s sources are expressly exempt from any liability for damage or losses caused by the inaccuracy of the public information and data, except where the user himself can demonstrate the existence of a serious infringement or of fraud with a direct causal link to the loss or damage suffered.
In the event of an error or gap, BoldData B.V. undertakes to take the measures necessary to inform the source of this so as to remedy this as far as possible with the next update, with the exclusion of any other form of compensation or liability whatsoever.
If the liability of BoldData or BoldData’s sources are established, they may only be held liable for the reimbursement of the acquisition price paid by the user/client to obtain the disputed information via BoldData B.V.
Furthermore, the clients of BoldData are obliged to comply with the international, European and/or national legislation in force and in particular the GDPR and the Dutch Telecommunication act dated 1 october 2009 concerning the protection of privacy with regard to the processing of personal data. BoldData cannot be held liable for any illegal use of the data.
In the event of a dispute, only the courts of the province Noord-Holland, Amsterdam have jurisdiction
Changes to our privacy policy
This privacy policy is regularly reviewed and will be updated when necessary. If we make any significant changes to the policy we will communicate these to you.
Data Protection Officer: Pieter Jansen p.jansen@bolddata.nl
https://ddma.nl/leden/bolddata/