Privacy Statement

Your privacy matters to us.

Last Updated: July, 2022

Applicability of Privacy Statement

This is the Privacy Statement of Virtual Vaults Nederland B.V. which applies to the websites within the virtualvaults.com domain (hereinafter jointly referred to as: “Websites”) and the services on the Virtual Vaults software-as-a-service platform (hereinafter "Services"). This statement provides you, as a user of the Websites and Services, insight into what data of yours Virtual Vaults processes during your visit to these web pages, the purposes for which Virtual Vaults processes the data and the way in which the data is processed.

This Privacy Statement does not apply to the processing of your personal data when using the Service by or on behalf of Virtual Vaults customers. For information regarding the processing of your personal data by customers using the Virtual Vaults services, please refer to the organisation on behalf of which you have gained access to the Service.

To the extent there are links on our Websites to third-party websites, after clicking the aforementioned links you will be redirected to the website of the respective third-party (hereinafter: “Third-Party Websites”). The use of such Third-Party Websites is subject to the Privacy Statement of the respective third party. You should read the Privacy Statement of these third parties in order to gain insight into how this party handles your personal data. Virtual Vaults is not responsible for the information that is provided, processed or collected by third parties during the visits of these Third-Party Websites.

What personal data does Virtual Vaults collect, receive and use, and from whom?

Personal data is any information that, directly or indirectly, can be traced to you as a person. Personal data that Virtual Vaults processes include; name, address, email address,telephone number or for example a person’s job title. Virtual Vaults does not know what personal data is uploaded by its customers to its Services. Virtual Vaults does not verify this and considers this the responsibility of its customers.

Virtual Vaults processes personal data of people with whom it has, has had or seeks to have a direct or indirect relationship. Examples include existing or potential customers and their representatives, individuals associated with a company or organisation with which Virtual Vaults has a relationship, individuals mentioned in documents Virtual Vaults customers upload to the Service, or visitors to the Websites.

Below is a description of each type of processing, the basis for processing and the applicable retention period.

Questions and requests

When Virtual Vaults receives email or other communication from you with any questions or requests addressed to Virtual Vaults, these messages will be used as long as needed to: a. process your questions/respond to your requests (user communications); and b. on the basis of our justified interest to be able to show that and how your request was responded to. Should you have a complaint about how your request was handled, Virtual Vault may ask the Personal Data Authority to show how these requests were handled. 

Retention period
The personal data in your message and the response to this (in the previous subparagraph) is stored for up to 5 years and after that, the personal data will be deleted. If the data has been anonymised, the data may be retained by Virtual Vaults for a longer period of time. Anonymised means that the data has been cleaned of elements that allow the data to be traced back to you.

Newsletters, white papers and other data sheets

If you wish to download whitepapers or other information from the Websites, Virtual Vaults may ask for your name and email address in order to send you the respective information. In order to also inquire about information about relevant products and services of Virtual Vaults by phone or email, some additional information, such as your phone number, gender, organisation and job title, may be asked. If you have given your consent to Virtual Vaults to receive a newsletter, your name and email address will be used to send it. Each newsletter that you receive gives you the opportunity to unsubscribe from the newsletter.

Retention period
If you have successfully unsubscribed from a newsletter, Virtual Vaults will remove your personal data (name and email address) - collected for sending the newsletter. If the data has been anonymised, the data may be retained by Virtual Vaults for a longer period of time.

Market research and marketing

Virtual Vaults performs (desktop) research and, in this context, may gather (additional) information about you that can be found about your business identity and is industry related. For example, information that can be found about you via public online sources. These include social media channels such as LinkedIn, Twitter and mena.nl (deal information), but also public lists of, for example, fast-growing companies or guest lists of events attended by Virtual Vaults. Virtual Vaults may also use the information it receives from you when you become a user of one of the Services. Virtual Vaults collects all this data on the basis of its legitimate interest to develop direct marketing activities. The data will be updated periodically, and the obsolete data will be removed. Virtual Vaults stores this data no longer than two years after the last contact.

Personal data in content of Virtual Vaults customers

The content that Virtual Vaults customers upload to the Services sometimes includes personal data. Virtual Vaults does not see or verify this. If you have questions about this, please contact the customer.

Retention period
Within sixty days after the termination of a Service, the content will be deleted from the active systems. Within ninety days after the termination of a Service, the Content will be deleted from the backup systems.

Cookies

In order to enable you as a user of the Websites to use the full functionality of the Websites and to analyse the use of and navigation within the Websites and to display relevant advertisements, Virtual Vaults installs small amounts of information (cookies or similar technologies) on the peripheral devices used by its users (such as a laptop, tablet, phone) or Virtual Vaults reads the information as located in the browser settings on the peripheral devices of its users.

Read our Cookie Statement for more information about the cookies we use.

Sharing with third parties

irtual Vaults shares personal data with third parties in the following cases:
• When processors of Virtual Vaults perform (part of) the services assigned to them. These third parties may only process the data at Virtual Vaults request, and process such data according to instructions of Virtual Vaults. The processors of Virtual Vaults can be found here.
• When Virtual Vaults in good faith believes that the granting of access, processing, use, or provision to competent courts, regulators, or other regulatory agencies of the data requested by them is necessary to comply with applicable laws and regulations, is necessary for the context of judicial proceedings or to comply with an enforceable request from the respective regulatory authority;
• When Virtual Vaults believes in good faith that accessing, processing, using or providing to external IT experts and/or security agencies the data requested by them is necessary for the legitimate interest of detecting, preventing or otherwise dealing with fraud, technical or security problems;
• When Virtual Vaults has received your prior express consent.

Transmission of personal data to a recipient from a third country or to an international organisation
Your personal data may be transferred by Virtual Vaults to countries outside of the EU/EEA. Appropriate safeguards are considered with processors to which this applies. Virtual Vaults has often concluded Standard Contractual Clauses with them. The impact of processing outside the EEA is also considered.

You can receive more information regarding the aforementioned security measure taken by contacting Virtual Vaults. See below in this Privacy Statement for the relevant contact details.

Security

Virtual Vaults will handle your personal data with the utmost care. Virtual Vaults takes appropriate security measures as protection against unauthorised access to or unauthorised modification, disclosure or destruction of data. This includes internal monitoring of the policies and security measures with respect to the collection, storing and processing of data, as well as physical security measures to protect against unauthorised access to systems on which Virtual Vaults stores personal data. Virtual Vaults processes personal data for the purposes for which it is collected and in accordance with this Privacy Statement.

Virtual Vaults is ISO 27001:2013 certified (information security management system). You can find out more about the security here.

Your rights

You have the right to submit a request to Virtual Vaults to review, correct and/or remove your personal data that they process of you. In addition, in certain cases, you have the right to request Virtual Vaults to limit the processing of your personal data and to object against to the processing of your personal data.

At your request, Virtual Vaults will undertake a good faith effort to inform you about and grant access to your personal data that is processed by Virtual Vaults; to correct your personal data that is processed by Virtual Vaults, if it is incorrect; to remove/delete/limit your personal data that is processed by Virtual Vaults, in whole or in part, in accordance with the General Data Protection Regulation (GDPR). 

Virtual Vaults does not have to grant every request. In some cases, Virtual Vaults may refuse your request under the GDPR.

Handling of the request.
If Virtual Vaults receives a request from you, Virtual Vaults may ask you to identify yourself before Virtual Vaults will answer and process the request. Virtual Vaults does this to prevent someone pretending to be you from accessing your personal data or having it changed. Virtual Vaults will process your request within the time limits as set out in the GDPR.

You can submit a request for access, data portability, correction and/or removal, or limitation and objection, in writing by email or by post. The contact information of Virtual Vaults can be found under the header “Questions and complaints procedure”.

Virtual Vaults will not charge you for answering your requests under the GDPR. Nor for the further processing thereof.

Questions and complaints procedure

Should you have any questions or have a complaint regarding the processing of your personal data by Virtual Vaults, you can report these at no charge and easily to Virtual Vaults, in the following manner:
• By email: security@virtualvaults.com
• By post: Virtual Vaults Nederland B.V., K.P. van der Mandelelaan 60, 3062 MB, Rotterdam, The Netherlands

The Virtual Vaults Security Officer can be reached at the email security@virtualvaults.com

[Dutch] Data Protection Authority

If you do not agree with Virtual Vaults response, then you may submit a complaint to the competent Personal Data Authority of the Member State in which you live. In the Netherlands, this is the Data Protection Authority. You can submit a complaint on the website of the Data Protection Authority. You can reach the Data Protection Authority via phone number: (+31) - (0) 70 - 888 85 00.

New developments and changes to the Privacy Statement

This Privacy Statement may be updated from time to time, for example to bring it in line with the laws and regulations that are applicable at that time. If this Privacy Statement is amended, then this will be communicated to you. This Privacy Statement is dated July 2022.