European privacy policy
1. Introduction
This Privacy Policy applies to personal data (“information”) held by Global Reach Group (“we” or “us”) as data controllers. It explains in detail the types of information we collect about you and how we use this information. Please read it carefully.
Any changes we may make to our Privacy Policy in the future will be posted on our website and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes.
2. The information we may collect
2.1. Information you provide us
• Personal details, e.g. your name, date of birth, gender;
• Contact details, e.g. your address, email, phone number, mobile number;
• Information about your identity, e.g. your nationality, passport information, photo ID, National identification number (Burger Service Number);
• Your bank details (account name, IBAN); and
• In connection with job applications only: employment history, qualifications, pre-employment screening data, and further information contained in CV and cover letter.
2.2. Information we collect about you
• Transactional information, e.g. details about your accounts, including payments made to and from these accounts;
• Communication records, e.g. details recorded during our written and verbal communications with you;
• Your preferences, such as consents for marketing and other communications;
• Publicly available information, e.g. information made available by you on websites such as LinkedIn;
• Usage data, including information about how you use our products and services;
• Investigations data. This may include: anti-money laundering checks, credit checks, external intelligence reports, and other due diligence checks;
• Information required to satisfy our regulatory obligations, e.g. information about transactions, detection of any suspicious and unusual activity, and information about parties connected to you or these activities;
• Risk rating information, e.g. credit risk rating and transactional behaviour; and
• Information gathered when you visit our website. This might include: the Internet Protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browsing plug-in types and versions, operating system and platform, Uniform Resource Locators (URL), and how you navigate our websites. We use this information for technical monitoring and optimising our websites. For more information, visit our Cookie Policy.
Where we collect your personal information we will also reference this Privacy Policy to ensure you are informed of our processing activities and your rights under relevant data protection legislation.
3. How we collect your information
We collect your personal information when you subscribe to our services or apply for a job, for example by filling in forms on our websites, by corresponding with us by telephone or email, or when you provide us copies of the documents required for us to confirm your identity. We may also collect your information when you interact with our websites.
3.1. Information from other sources
We may receive your information from other Global Reach Group companies if you use, enquire about, or demonstrate an interest in other services we offer. We will only do this when we have obtained your consent, have a legitimate interest, or have a legal obligation to do so.
We may also receive your information from other third parties, such as:
• Our partners (companies that introduce you to us);
• Our clients (when they wish to make a payment to you);
• Credit reference agencies;
• Fraud prevention agencies;
• Identity verification agencies;
• Sub-contractors and advisers;
• Agents and suppliers;
• Government and law enforcement agencies (such as the commercial registries, domestic revenue services, credit reference agencies);
• Publicly available online sources, such as company websites, social networks and company registries; and
• In case of a job application only: Pre-employment screening provider.
3.2. Information you provide about other people
If you provide us with personal information about another person, we ask that you inform them of our identity and the purposes for which their information will be processed.
If you ask us to make a payment to another individual, you will need to provide us with their bank account and contact details. We use their contact information to notify the individual that they will be receiving a payment from us, on your behalf. We will never use the information you provide about another individual for marketing purposes.
3.3. Cookies
Our websites use cookies to distinguish you from other users of our websites. This provides you with a better browsing experience, and also allows us to improve our websites. For detailed information on the cookies we use and the purposes for which we use them, please see our Cookie Policy.
4. How we use your information
We will only use your information under the following circumstances:
When it is necessary to fulfil our contract with you
Some of the information we process is required for us to provide you with our products and services. For example, we require your banking details in order to settle payments on orders you place.
Where we are under a legal obligation
In certain cases, we are required by law to collect and process your information. For example, to fulfil our financial reporting obligations, we must store all records of communications you make with us that relate to transactions. That means that your communications (e.g. telephone communications to direct line or mobile numbers, Zoom and other remote communication platform meetings etc.) with us may be recorded. We are also required to check that you are the person you say you are before we discuss any of our clients’ accounts (which we may do by asking you to confirm your date of birth or other details about yourself) and to retain personal information to facilitate investigations detecting and preventing fraud, money laundering, and other financial crimes.
Where we have obtained your consent
In specific situations, we will collect and process your information with your consent, e.g. when you tick a box to receive marketing material from us, or ask us to contact you about our products and services.
We will always make it clear to you what you are consenting to and what information is necessary for our services. If you have given consent to the use of your personal information, you are entitled to withdraw this consent at any time. Please be aware, however, that in some circumstances, the withdrawal of your consent may result in us being unable to provide some services to you.
Where we have a legitimate interest
Sometimes, we use your personal information to pursue our legitimate business or commercial interests in a way you might reasonably expect. We will not rely on our own legitimate interests without first considering your own rights, freedoms or interests, which we hold in the highest regard.
Some of our legitimate interests include carrying out marketing activities:
• Carrying out marketing activities;
• Communicating with you about our products and services;
• Improving our products, services, and relationships with you and our partners;
• Create a smoother customer service experience;
• Monitor complaints handling; and
• Improve our websites to ensure that content is well presented for you.
4.2 Combining information
We may combine information about you which we receive from other sources with the information you give to us, and the information we collect about you, for the same purposes as those set out above.
5. How we share your information
We only share your personal information under the following circumstances:
• If we are under a duty to disclose or share your personal information in order to comply with a legal obligation;
• In order to conduct necessary background checks on you before offering our products and services;
• Where we have been asked for information to facilitate an investigation;
• In order to enforce or apply our terms and conditions and other agreements;
• To protect the rights, property, or safety of Global Reach Group, our customers, or others;
• Where we have a legitimate business interest that is not overridden by your own rights and freedoms;
• Where we have obtained your consent.
Entities that we may share your information with include:
• Other Global Reach Group companies;
• Our partners (companies that introduce you to us);
• Our clients (when they wish to make a payment to you);
• Credit reference agencies;
• Fraud prevention agencies;
• Identity verification agencies;
• Agents, suppliers, sub-contractors and advisers;
• Regulatory bodies.
6. International Transfers and Security
We may be required to transfer your information to countries outside the European Economic Area (“EEA”), e.g. if we are obliged to report to foreign authorities, or when your information is processed by one of our suppliers under our instruction. In these cases, there will be a contract in place to make sure the recipient protects the information to the same standard as the EEA. We also implement strict procedures and security features to ensure that your information is transferred securely in line with the standards set out in the General Data Protection Regulation (“GDPR”).
7. How long we store your information
Personal information is retained according to our retention schedule. We only retain your information for a period necessary to fulfil the purpose for which it was originally processed, or in order to fulfil a legal obligation.
8. Your rights
Access
You may request access to the information we hold about you by making a Subject Access Request.
Erasure
You may request that we destroy, delete or discontinue using your personal information when it is no longer necessary for the purpose we originally collected it.
Restriction
You may request that we stop processing your information when you contest its accuracy or the lawfulness of the processing.
Rectification
You may ask us to update and correct any out-of-date or incorrect personal information that we hold about you.
Portability
Under certain circumstances, you may ask us to provide a copy of your information to another organisation in a structured, machine-readable format.
Withdrawing consent
Whenever you have given us your consent to use your information, you have the right to change your mind at any time and withdraw your consent.
Legitimate interests
In cases where we are processing your information on the basis of our legitimate interests, you can ask us to stop for reasons connected to your individual situation.
We will do so unless we believe we have a legitimate overriding reason to continue processing your information. Please bear in mind that if you do object, this may affect our ability to provide you with some of our services.
Marketing
You have the right to stop our use of your information for direct marketing activities through all channels, or selected channels. You always have the opportunity to opt-out, and we will always comply with your request.
To do so, click the ‘unsubscribe’ link in any email communication we send to you to notify us that you would like us to stop any further emails.
9. Submitting a request
You can request to exercise these rights at any time by contacting us at:
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Policy.
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act on your behalf.
You will not have to pay a fee to access your personal information (or to exercise any other rights). However, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. If we do refuse your request, we will explain to you the reasons for our refusal.
You also have the right to lodge a complaint with the Netherlands Authority Private Data (AP). Further information, including contact details, is available at:
https://autoriteitpersoonsgegevens.nl/en.
10. Contacting us
In the event that you have any questions, comments or concerns regarding this Privacy Policy, please contact our Data Protection Officer through the following methods:
Email: [email protected]
Phone: +31 20 299 3962
Letter: Global Reach Group
Attn: Data Protection Officer
Weesperstraat 61
1018 VN AMSTERDAM – NL