We care about your privacy.
We care about your privacy.
Exset Labs B.V. (“Exset” or “us,” “our,” and similar expressions) offers technological services. When a user of our services (“you” and similar expressions) registers and applies for and uses our services, we collect, use and share your personal data in the manner described in this policy. By personal data, we mean any information about an individual from which that person can be identified, either directly or indirectly.
This policy applies to your use of:
Exset’s websites; any of Exset’s services accessible through the website.
Exset Labs B.V.
1101 CS Amsterdam
Business ID number: 58598359
If you have any questions about this policy, including any requests concerning your rights as a data subject, please contact firstname.lastname@example.org.
We may update this policy from time to time in response to changing legal, technical, or business developments. When we update this policy, we will strive to inform you in a manner consistent with the significance of the changes we make.
We may collect, use, store, and transfer the following kinds of personal data about you:
Contact Data Your contact details, such as your name, email address, and phone number.
Device Data Information about the device
Technical Data Technical information, including your internet protocol (IP) address, browser type and version, time zone settings, browser plug-in types and versions, operating system and platform, device information and the type of mobile device you use, a unique device identifier, mobile network information, your mobile operating system and the type of mobile browser you use
Information about your use of our website and services, including full uniform resource locators (URLs) and information on the manner and time of use of the website, such as date and time, frequency and patterns of use, and other interaction information
Your correspondence with our customer support and information on other communications between us, including any notifications we may send to you by email from time to time, and
Information on your preferences regarding marketing carried out by us and/or our partners.
We may also collect, use, and disclose Aggregated Data for any purpose. This kind of data, such as demographic or statistical data, may be derived from your personal data, but it no longer reveals your identity and is therefore not considered personal data. While we may use your data to serve relevant adverts and other commercial communications to you and others, we will not disclose such data to our advertising partners in a form allowing for your identification.
We may collect personal data from you in the following ways:
Below we have set out the purposes for which we intend to process your personal data and the legal bases we are relying on to do that. Most commonly, we will rely on the following lawful grounds to collect, use, and disclose your personal data:
We may rely on more than one legal basis depending on the specific purpose for which we are using your data. If you need details about the grounds we are relying on on with respect to specific data or circumstances, please contact us as set out above.
Type of data
Providing our services, customer support
(b) Consent (where legally required)
Analyzing and improving the use and functionality of our website and services (including e.g., system maintenance, troubleshooting, logging, debugging, data analysis and testing) and ensuring information security
(b) Legitimate interests (monitoring, safeguarding and improving our website and services)
Optional customization and improvement of user experience (e.g., using Device Data to streamline the registration process)
Managing our customer relationship, communicating with you and keeping records of our communications
(a) Legitimate interests (managing customer relationship)
Offering and marketing relevant goods and/or services to you, delivering relevant content and advertisements, and measuring the effectiveness of the advertising
(a) Legitimate interests (marketing our services, showing you relevant content)
(b) Consent (where legally required)
Analyzing the user base and use
patterns of our services
(a) Legitimate interests (improving and developing our services)
In addition, we may process any of your personal data identified in this policy where necessary for the establishment, exercise, or defense of legal claims. Such processing is based on our legitimate interests, in particular the protection of our legal rights, your legal rights, and those of others (e.g., other users of our services). We may also process any of your personal data where necessary for the purposes of managing risks or obtaining professional advice. The legal basis for this is our legitimate interests, in particular protecting our business against risks.
Where necessary for the purposes detailed above, your personal data may be disclosed to the following categories of recipients:
Exset stores your personal data in secure locations and servers within the European Economic Area. Your personal data may be transferred to countries outside the European Union or the European Economic Area only where the European Commission has held that the country ensures an adequate level of protection for personal data, or where we have taken appropriate safeguards to require that your personal data remains protected in accordance with this policy, such as by implementing the European Commission’s Standard Contractual Clauses for transfers of personal data. You may contact us for more information on the safeguards in place. In individual cases, such transfers may also take place based on your separate consent or in order to provide you with a service you have specifically requested, such as when you engage in transactions with counterparties in international locations, or where otherwise allowed by applicable data protection laws.
In order to optimize the services we offer, we reserve the right to make automated decisions about our customers, including using machine learning algorithms and profiling. Should we introduce automated decision-making measures that have significant effects on you, we will make sure that you will have the right to obtain human intervention, to express your point of view, and to contest such decisions. We will inform you about such circumstances separately.
We keep your personal data only as long as we have a legitimate business need to retain it for the purposes described above, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period, we consider the scope, nature, and sensitivity of the personal data we process, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and the relevant legal requirements. We will also regularly assess the data we keep, and where we deem retention unnecessary, we will either erase or anonymize the data or, if this is not possible – for example, for information stored in backup archives – we will store the data securely and block any further processing until deletion is possible.
We will usually retain personal data related to a customer relationship only for the duration of the relationship and for a reasonable period thereafter in order for us to be able to respond to inquiries or pending issues related to the relationship. However, some data may be retained for longer where we believe retention is necessary for compliance with laws, or to exercise, establish or defend our legal rights or those of our customers, affiliates, or partners.
To protect your personal data, we use appropriate technical and organizational measures designed to provide a level of security appropriate to the risk of processing and to protect your personal data against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access. Our personnel has been trained to observe information security in their work, and we limit access to your personal data on a strict need-to-know basis. Our employees, agents, contractors, and service providers will only process your personal data on our instructions subject to a duty of confidentiality.
You have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed by us, and where that is the case, access to that personal data, as well as to have any inaccurate or incomplete personal data rectified or completed. In certain circumstances, you may also have the right to request the erasure, or the restriction of processing, of your personal data or parts of it, to object to the processing (including our direct marketing), and/or to receive the data in a structured, commonly used and machine-readable format.
Please contact us for any inquiries related to exercising the above rights.
If you consider our processing activities of your personal data to be inconsistent with applicable data protection laws, you may lodge a complaint with the responsible supervisory authority. Contact information for the supervisory authority in the Netherlands can be found here: https://autoriteitpersoonsgegevens.nl/.