If you visit our website or in any other way contact CoorpID, we process your personal data. By “processing” we mean everything we can do with this data such as collecting, recording, storing, adjusting, organising, using, disclosing, transferring or deleting that data.
This Privacy Statement aims to explain in a simple and transparent way what personal data we gather about you and how we process it. As CoorpID is a part of ING Bank N.V., please also refer to the ING Privacy Statement located at ing.com for further information about how ING processes data and your privacy rights and obligations.
The personal data we collect from individuals using our Services mostly consists of user data, such as name, business function, business address, telephone number and email address. This is information in relation to an individual’s role at his/her company that does not concern him/her as a private person or as an individual consumer customer. These companies that individuals are working for, are our prospects, customers, suppliers or partners. The specific kind of user data collected will depend on the Services used.
A cookie is a small text file that is stored by your browser on your computer. On each subsequent visit to the website, the browser searches for cookies. If the browser finds cookies, it sends the information stored by the cookie to the website. The website downloads cookies on your computer, tablet or mobile phone which are strictly necessary for the functioning of the website, such as cookies that ensure that you can retrieve information on the website quickly, and cookies that are strictly necessary to provide a service which has explicitly been requested by you, such as a cookie that remembers your cookie settings. To download cookies that are not strictly necessary, such as cookies for gathering statistical information, CoorpID needs your prior consent.
Our Cookie Statement gives further information on cookies in relation to our Services.
What we do with your personal data
We process personal data to pursue our legitimate interest to run, maintain and develop our business. Furthermore, we process personal data to comply with our legal obligations.
In some parts of our Services, we might request Users’ consent for the processing of their personal data for specific purposes. In that event, Users may withdraw their consent at any time.
We do not store the personal data for longer than is legally permitted and necessary for the related processing purposes. The storage period depends on the type of personal data, the purposes and the applicable law and therefore varies per use.
We process personal data for the following purposes:
- to allow us to run, maintain and develop our business,
- to allow us to offer and provide our Services,
- to allow us to conduct information and promotional campaigns (including direct marketing) related to our Services (including by phone, mail and email), keeping Users informed about our Services and special offers that are likely to interest them,
- to allow customer service management, e.g. when Users contact our service desk,
- to allow contract management, e.g. to address our invoices to our customers,
- to enhance our Services and the use thereof,
- to perform research and analysis relating to our Services,
- to perform tracking of the use of our Services,
- to conduct market surveys and/or
- to detect fraud, e.g. breaches of intellectual property rights.
Rights of Users
We respect your rights to determine how your personal information is used. These rights include:
- You may access, correct, update or request deletion of your Personal Information.
- You can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you.
- Right to complain: Should you not be satisfied with the way we have responded to your concerns you have the right to submit a complaint to us. If you are still unhappy with our reaction to your complaint, you can escalate it to the ING Bank Data Protection Officer. You can also contact the data protection authority in your country.
When CoorpID is the controller of your Personal Information, you can exercise your rights by contacting us using the information provided in the “Questions” section heading below.
The security of all (Personal) Data is a top priority for CoorpID.
We have protections in place to enhance our users security, and regularly audit the application of our security measures. We have administrative, technical, and physical safeguards designed to protect against unauthorised use, disclosure of or access to Personal Data. In particular:
- CoorpID stores its data within Microsoft’s Azure cloud infrastructure which is managed in compliance with multiple regulations, standards and best-practices, including ISO/IEC 27001, ISO/IEC 27018, SOC 1 and SOC 2.
- CoorpID main databases, storage accounts and backups are encrypted at rest and data is encrypted in transit.
- Low-level auditing software is run on all production systems to record potentially malicious actions that may take place.
- All data processing occurs within the European Economic Area and is subject to any EU data protection law
If we become aware of a security breach of our users’ Personal Data, we will inform the relevant Users and other affected parties, as well as relevant authorities when required by applicable data protection law, about the security breach as soon as reasonably possible.
CoorpID uses certain third-party sub-processors to support the delivery of its software and services. We will maintain a list of such processors on this page. At least 30 days before authorizing any new such processor to process personal data, we will update this list.
You may object to a sub-processor change without penalty by notifying us within 14 days after the website is updated and describing your reasons to object. Objections may be sent to firstname.lastname@example.org.
What Is a Sub-Processor?
A sub-processor is a third-party data processor (engaged by CoorpID) that processes data (which may contain personal information) as necessary to support the delivery of the CoorpID services to its customers. CoorpID uses the following sub-processor:
|Entity Name||Link||Purpose||Country Location(s)|
|Microsoft Azure||azure.microsoft.com||Cloud hosting services||United States|
Changes to the Privacy Statement:
This Privacy Statement may be modified from time to time to comply with applicable laws or to reflect our updated business practices, so please check this Privacy Statement periodically for any changes.
If you have any questions or concerns regarding privacy when using CoorpID’s services, please contact us with a detailed request for further information using the contact information below. We will make every effort to resolve your concerns.
By email: email@example.com.
CoorpID is part of ING Bank N.V. (‘ING’). ING has its statutory seat in Amsterdam at Bijlmerdreef 106, 1102 CT, The Netherlands, Trade Register number 33031431. ING is regulated and licensed by the De Nederlandsche Bank (‘DNB’) and the European Central Bank (‘ECB’) for payment services.
ING is also regulated and licensed by the Autoriteit Financiële Markten (‘AFM’) and regulated by the Autoriteit Consument & Markt (‘ACM’).
Information regarding supervision of ING can be obtained from DNB ( www.dnb.nl), AFM (www.afm.nl) or ACM (www.acm.nl).
The version of this Privacy Statement has been published July 6, 2022.