Privacy Policy
Last Update:
June 2, 2025
Introduction
The General Data Protection Regulation (GDPR), also known as AVG(Algemene Verordening Gegevensbescherming) in Dutch, is a EuropeanUnion regulation that setsout rules for the protection of personal data of EU citizens. The regulationapplies to all companies that process personal data of EU citizens, regardlessof the company's location.
Findest B.V. is a Dutch registered company,with our registered office at De Boelelaan1085, 1081 HV Amsterdam, The Netherlands, registration number 68240023.
What do we do?
Findest uses openly accessible non-privacy-related data fromscience, patents, and websites. We accesscustomers' data via tools like Linkedin and Rocketreach, and storethe Name, Job title, and work email address in our secure CRM system. For allcustomers, their work email address is their way into the portal. Findest doesnot gather any personal data on personal address, images, gender, etc. We haverequested permission from the persons whose data we store, and we offer thepossibility to view this data and to delete it on request.We do not give access to third parties, but we do store the data onexternal highly secured servers that meet the right ISO security standards. All employees with access to personal data are annually trained in its use and informedabout laws and regulations.
In this report, we will assessFindest's compliance with the AVG regulation. The reportwill consist of four chapters: Introduction, Assessment Method, Results, and Conclusion.
Assessment Method
To assess Findest's compliance with the AVG regulation, we conductedan internal audit of the company's data processing activities. We reviewedFindest's policies and procedures relating to data protection and privacy, includingits data protection policy, privacy policy, and data retentionpolicy. We also interviewed employeeswith access
to personal data and reviewedthe company's data processing agreements with third- partyservice providers.
We used a risk-based approach to identifypotential areas of non-compliance with theAVG regulation. We assessed Findest's compliance with the following areas ofthe regulation:
1. Lawfulness, fairness, andtransparency: We assessed whether Findest's data processing activities arebased on a legal basis, whether the processing is fair, and whether theindividuals whose data is processed are informed about the processing.
2. Purpose limitation: We assessedwhether Findest's data processing activities are limited to specific purposes,and whether the data is not processed in a manner that is incompatible withthose purposes.
3. Data minimization: We assessedwhether Findest's data processing activities are limited to the minimum amountof data necessary for the processing purposes.
4. Accuracy: We assessed whetherFindest's data processing activities ensure that the data is accurate and up-to-date.
5. Storage limitation: We assessedwhether Findest's data processing activities ensure that the data is not keptfor longer than necessary.
6. Integrity and confidentiality: Weassessed whether Findest's data processing activities ensure the security andconfidentiality of the data.
7. Data subject rights: We assessedwhether Findest's data processing activities enable individuals to exercisetheir rights under the AVG regulation, such as the rightto access, rectify, erase, and restrict processing of their personal data.
Results
Based on our assessment, we conclude that Findest is GDPR compliant. The company collects only non-privacy-related data from openlyaccessible sources, and only stores the name, job title, and workemail address of customers in its secure CRM system. Findest has requestedpermission from the persons whose data they store, and they offer the possibility to view this data and to deleteit on request. Furthermore, Findest does not give accessto third parties,but they store the data on externalhighly secured
servers that meet the right ISO security standards. All employeeswith access to personal data are annually trainedin its use and informedabout laws and regulations.We also found that Findesthas implemented appropriate technical and organizational measures to ensure thesecurity of personal data. The company uses secure servers and encryption to protect personaldata. Additionally, Findesthas established policies and procedures for responding todata breaches, including notifying affected individuals and relevantauthorities as required by law.
Conclusion
In conclusion, our assessment finds that Findest is GDPR compliant.The company collects and processes personal data in a transparent and lawfulmanner, and has implemented appropriate technical and organizational measuresto ensure the securityof personal data. Moreover, Findestrequests permission from the personswhose data they store,and they offer the possibility to view this data and to deleteit on request. We recommend that Findest continue to monitor andreview its data processing activities to ensure ongoing compliance with theGDPR.
Your data protection rights
Even when you have given us your consent for the use of your data,you have a number of legal rights you can invoke. Firstly, you can at all timeaccess, correct update or request deletion of your personal data by contactingus. In addition, you can object to the processing of your personal data, byasking us to restrict the processing of your personal data or requestportability of your personal data. Similarly,if we have collected and processed your personal data with your consent, thenyou can withdraw your consent at any time. Withdrawing your consent will notaffect the lawfulness of any processing we conducted priorto your withdrawal, nor will it affectprocessing of your personal data conducted in reliance in lawful processinggrounds other than consent.You have the right to make a complaint to about our handling of your personal data. You can contact uson 0031 20 893 2700. In conclusion you can refuse to supply personal data toFindest at any time, including unsubscribing from marketing emails;however, it may prevent you from accessing Findests products and services.