Privacy Policy

  1. Who are we and what do we do?

    We are Sharesquare (hereinafter, Sharesquare, we, and us). We believe that everyone who contributes to the success of a company should be entitled to share in such success. That is why we created the Sharesquare platform (the Platform) accessible through www.sharesquare.co (the Website) which aims to facilitate financial participation by employees (the Participants) in companies (the Clients) (hereinafter, altogether, the Services). This privacy policy applies to all the Services that we offer.

  2. What is this?

    This is our Privacy Policy. In this document we explain what kind of personal data we process in the context of our Services. We also explain for which purposes we use the personal data, how we protect them and how we store them.

  3. Personal Data and the Privacy Regulation

    We are all about respecting your privacy and protecting your Personal Data – i.e. all information by which a person can be directly or indirectly identified – in line with the General Data Protection Regulation (GDPR) and other relevant legislation on the protection of Personal Data (collectively referred to as the Privacy Regulation).

  4. Our role as Processor and Controller

    We collect and process most Personal Data on behalf of our Clients within the context of our Services. Our Clients define the purposes and the means of such processing of Personal Data, which means they act as Controller within the meaning of the Privacy Regulation. We only process such Personal Data following the instructions of our Clients and not for our own purposes. Within this context we therefore act as Processor within the meaning of the Privacy Regulation.Apart from the processing of Personal Data for the sake of our Clients, we also collect and process some Personal Data for our own purposes. Within this context we act as Controller ourselves within the meaning of the Privacy Regulation.

  5. Which Personal Data do we process as Controller and for which purposes do we use them?

    As Controller we collect and process the following Personal Data of our Clients and the Participants in the use of our Services:

    Personal data we process of our (potential) Clients:

    (Personal) data: Purpose(s): Legal basis:

    Contact information:

    (Client) name, e-mail address and other contact information of the Client and the contact person (i.e. name, phone number and address).

    We use this information to contact our Clients regarding the Services we provide them. We may process these Personal Data, because we need these Personal Data to enter and/or perform the agreement with our Clients.

    Payment details of our clients:

    Invoice details, bank account number, IBAN and BIC code.

    We use these data to:

    –        handle, check and administer payments from our Clients;

    –        maintain our list of accounts receivable and outstanding invoices;

    –        include in our administration on behalf of the tax authorities.

    We may process these Personal Data, because we need these Personal Data to perform the agreement with our Clients.

    We are also obligated to share (some of) these data with the national tax authorities.

    Personal Data we process to send our newsletters:

    (Personal) data: Purpose(s): Legal basis:
    Your name and e-mail address and whether the newsletter is opened and which links are clicked on. We use these data to send you newsletters about our products and services.

    We may send newsletters to existing Clients about similar products and services after the Client started a subscription for our Services. We may do so because we have a legitimate interest to keep our Clients updated about such products and services.

    We may also send newsletters to Clients or others without a subscription after receiving the consent to do so, for example by registering for our newsletter on the Website.

    If the receiver wishes to not receive the newsletter any longer, they can use the unsubscribe link as added in every newsletter.

    Personal Data we process through the use of our Website:

    (Personal) data: Purpose(s): Legal basis:

    Technical information with the use of our Tools:

    IP-address, functional cookies and technical information (i.e. type of browser and operating system).

    Optional: analytical and tracking cookies.

    We use this information to:

    –        analyze (the use of) our Services;

    –        improve our Services;

    –        adjust our Services to the device used;

    –        flag, report and prevent misuse, fraud and threats of/regarding to our Services.

    We have a legitimate interest to use technical information, functional cookies and your IP-address, namely to analyse and improve our Tools.

    We ask for your consent to use tracking cookies and analytical cookies. You may always withdraw your consent.

  6. How long do we keep the personal data?

    We store personal Data for as long as we need it for the above purposes:

    • Personal Data of Clients | This data is stored as long as we have a contract for our Services with the Client and for a maximum period of 12 months thereafter, unless we are legally obliged to retain the data for a longer period;
    • Personal data in our administration for the tax authorities | We store these personal data until 7 years after the client leaves Sharesquare.
    • Other information | We store other Personal Data only for as long as it is necessary for the purposes. This is deleted as soon as it is no longer necessary for the purposes for which we processed it.

    After expiry of the aforementioned terms, we may process and retain certain Personal Data to comply with legal retention obligations and for fraud/misuse investigations. For such events, we will retain the data separately and encrypted and only use them for the aforementioned purposes.

  7. Do we share your Personal Data with others?

    We use Processors to assist in our Services. Within this context these Processors receive personal data from us which they process by our order. We use, for instance, processors for email management and communications, data storage, invoicing, accounting, sending newsletters and CRM. We have established contractual agreements with all our (Sub) Processors in Processor Agreements in which – in line with this Privacy Policy – is defined what these parties may do with your Personal Data, how they must secure it and when it must be deleted.Apart from the above, we will not share your personal data with third parties, unless we are legally obliged to do so.

  8. Export of Data outside the European Union

    We may transmit personal data to parties outside the European Union, if one of our Processors is established outside the European Union. The Personal Data will only be transferred to countries and/or parties that provide an adequate level of protection in accordance with the European standards.The transmission of data outside the EU will always happen in conformity with the Privacy Legislation (chapter 5 of the GDPR).

  9. General Aggregated (non-personal) Data

    We may convert your personal data in non-personal data. This means that the data will be fully and irreversibly anonymized and aggregated: in that case they do not include any personal data anymore, because no identification can take place on the basis of the data. We may use such aggregated data for analytical purposes and improving our services.

  10. How do we protect the Personal Data?

    We make every effort to protect your Personal Data from unauthorized or unlawful access, alteration, disclosure, use or destruction. We take, among others things, the following technical and organisational measures to protect your Personal Data:

    • internally, Personal Data is only available in a protected environment, which is only accessible by any employee with a password;
    • our employees only have access to the data on a need-to-know basis;
    • our employees have their mobile devices, such as laptops, mobile phones and tablets, secured with a password;
    • we maintain a ‘paperless office’ policy, which means that we use no more paper than is absolutely necessary and that we maintain a clean desk policy;
    • Personal Data required as a hard copy is stored in a lockable filing cabinet in a lockable room;
    • all our employees have signed a confidentiality statement;
    • every area in our office can be locked separately;
    • to ensure our employees are aware of data security, we organise a security awareness training every year;
    • internally, a responsible person is appointed to monitor the organisational and technical precautionary measures.

    The measures we take are continually improved in line with technological development.

  11. Cookies

    We may use cookies on our Website. In this respect we act as Controller. A cookie is a simple small text file that can be stored in your computer when visiting the Website. This text file identifies your browser and/or computer. When visiting our Website again, the cookie ensures that our Website recognizes your browser or computer.We use the following types of cookies:Functional cookies: Functional cookies are essential to the operation of our Website. They allow you to navigate through our Website and use the functions incorporated in it.Analytical or statistical cookies: Analytical cookies are used to review the quality and effectiveness of the Website. For instance, we can see how many users visit the Website and what pages are visited. We use this information to improve our Website and services.Tracking cookies: Tracking cookies follow the click behaviour and surfing behaviour of our visitors.

    If you do not wish to have cookies sent to your computer, you can change this through the cookie settings of your browser. Bear in mind that some functions or services of our Website may not function, or not so well, without cookies.

  12. Third Party Websites

    You can find (hyper) links on our Website which link to the websites of partners, providers, advertisers, sponsors, licensors or any other third parties. We have no control of the content or the links which appear on said websites and we are not responsible for the practices of websites linked to from our Website. Furthermore, these websites, including their content and links, may constantly change. These websites may have their own privacy policies, user conditions and customer policies. Browsing and interaction on any other website, including websites linked to from our Website, are subject to the terms and conditions of such website.

  13. Changes of the Privacy Policy

    We constantly seek ways to improve our Website and Services. This means, our Privacy Policy could be amended from time to time. If this Privacy Policy is amended significantly, then a notification is placed on our Website along with the updated Privacy Policy. We may also send you a status update together with the updated Privacy Policy.

  14. Your rights and our contact data

    As described in the Privacy Regulation, you have the right to:

    • ask us to correct and update your Personal Data;
    • ask us to remove your Personal Data from our data records, without stating any reason;
    • ask us for a copy of all Personal Data we processed of you. We may also forward this copy to another data manager at your request;
    • withdraw your consent for processing your Personal Data. This does not affect the validity of the processing before the moment you withdraw your consent;
    • file an objection with us to the processing of your Personal Data;
    • file a complaint with the Personal Data Authority, if you believe that we process your Personal Data unlawfully.

    If you have any questions, comments or concerns regarding the way in which we process your personal data, please contact us through the contact data below.

 

Sharesquare

Hamerstraat 19-1

1021 JT Amsterdam

T:       +31 20 3003 88 80

E:       sander@sharesquare.co

W:      www.sharesquare.co

Chamber of Commerce number:        53736753

VAT number:                                          000023594063