Privacystatement re: Digibeetle’s Website and App

version 1.1 dated 1 April 2023

Summarized information about pre-registration

  • If you have pre-registered yourself to gain access to the Digibeetle App (after our approval), we will only use your e-mail address.
  • Your e-mail address will be used to informed you that you are eligible to access the Digibeetle App as a trial user.
  • Once you have logged-in to the Digibeetle App for the first time, your status will be updated to trial user and your trial starts. The provisions of this privacystatement will then apply to your situation.
  • If you do not log-in to access the Digibeetle App, despite our e-mail reminders, then your e-mail address will be automatically deleted after one year of Digibeetle’s launch unless you log-in prior to that moment.
  • In any case, you can always opt-out from our mailings as a pre-registered user. Your e-mail address will then deleted from the pre-registration mailing list directly after your opt-out.

Our identity and contact details

Who is the controller Digibeetle?

  • We are “Digibeetle”, a company established as a general partnership under Dutch law;
  • We are the creators of the Digibeetle App (available at as well as our Digibeetle Website (available at We act as the controller regarding the processing of your personal data when you visit or use either the Digibeetle App or Website.
  • This privacy statement governs our processing activities related to your data, regarding both your use of the Digibeetle App and Website.
  • You can contact us for questions about this privacy statement or if you want to enact your rights, by sending an email to:

Processing purposes and legal basis

Why do we use your data?

  • The data we process are collected from you. These data are: (a) login credentials (your email address + password), (b) billing information (your first and last name, billing address, postal code, city and country), (c) the IP-address of the computer you use to access either the Digibeetle App or Website.
  1. Your login credentials are used to ensure access to the Digibeetle App in a secure manner. Your email address will be used as part of our newsletter. For more info about this, please go to “Newsletter”.
  2. Your billing information is used to send you an invoice if you are a customer (paying user). 
  3. Your IP-address is used for security purposes. It helps us to detect and retrace malicious access to the Digibeetle App. For instance, it enables us to detect attacks on our Website and App and helps us to verify whether or not login credentials are illegally shared with others.

Legal basis: our contract and legitimate interests

  • The login credentials and billing information (points a and b) are necessary to provide our service, the Digibeetle App, to you. Without the data, it is impossible to do this. This processing is thus necessary to enter into a contract with us based on our Terms and Conditions. Regarding the use of your email address in the context of mailings, please go to “Newsletter” for more information.
  • The IP-address (point c) is used based on our legitimate interests. Let us explain:
  1. we pursue legitimate interests which are the security and continued proper functioning of our Website and App including the improvement of the Website and App,
  2. it is necessary to process IP-addresses because we need to identify the computer accessing our Website and App with sufficient precision in order to be able to effectively and quickly detect and trace malicious use of our Website and App – this cannot be done based on other data such as your name;
  3. your (data protection) rights and interests do not take precedence, because the proper functioning of our Website and App safeguards the integrity of your account and computer as well as those of other users of the Website and App. If we don’t do this, everyone’s access to the Website and App becomes at stake and risks for unlawful data breaches will increase. In addition, you benefit from these processing activities because it ensures a continuous and seamless use of the Website and App.
  • The IP-address is also used to periodically verify login credentials sharing, in breach of our Terms and Conditions. This check is part of our contract, in which you agreed to refrain from sharing login credentials with others.
  • We do not use personal data for analytical (statistical) purposes, thanks to our Matomo configuration. However, in the future it is possible that you provide us – on a voluntary basis – more information about yourself. For instance information about your profession or sector. Such data may then be processed to an aggregated level, which allows us to gain insight in our user base. Those data could also be used by us to send emails- tailor-made to certain segments (e.g. lawyers working in finance) – to you (if you are part of the target audience) in order to keep you updated on Digibeetle related matters (such as case-law updates within the field of finance).

No automated decision-making

We do not perform automated decision-making, including profiling, as referred to in Article 22(1) GDPR and 22(4) GDPR

Recipients of your data

  • Recipients of your data are companies who act as our processors:
  1. Asana, Inc.: Asana is a U.S. based ISO 27001/27017/27018 and 27701 certified company which allows us to organize our work. Asana is committed to privacy and data protection (learn more). If you send us a support ticket, a task to respond to your ticket will be made automatically in Asana. This allows us to follow-up on your ticket (containing a request or spotted bug, for instance). Asana processes only your name and email address if these are part of the support ticket.
  2. Combell NV: this Belgian company hosts the Digibeetle Website and App, including your data consisting of your login credentials, billing information and IP address. Combell NV is ISO 9001 and 27001 certified and has a good track-record if it comes to data security (learn more).
  3. Moneybird B.V.: Moneybird is a Dutch ISO 27001 certified company that handles our financial administration. Moneybird receives the billing information you provided to us. Moneybird also handles invoicing and payments, in cooperation with the Dutch payment processing company Adyen NV (learn more about Adyen’s privacy policy). 
  4. The Rocket Science Group LLC (“Mailchimp”): Mailchimp is a U.S. based ISO 27001 company which delivers our newsletters to you. It takes security seriously and you can learn more about Mailchimp’s privacy policy on the website of its parent company. Mailchimp only receives the email address you provided to us. 
  5. Zapier, Inc.: Zapier is a U.S. SOC certified based company which allows us to connect services we use. Zapier is focused on the protection of data, and adheres to – as they call it – European privacy rights (learn more). At the moment, Zapier connects your support ticket to Asana via our Website or App. Zapier processes only your name and email address if these are part of the support ticket.
  • The above-mentioned processors act on our instructions based on data processor agreements we have with them. We also activated multi-factor authentication for added protection. In addition regarding the U.S. processors, we configured the data storage to European servers where possible.

Can my data end up outside the EU/EEA – if so, which?

  • If you provided your email address to us, you will be added to our mailing list (For more info about this, please go to “Newsletter”). The U.S. based company Mailchimp takes care of the mailings, which means that your email address ends up on Mailchimp’s servers in the U.S., which is a so-called “third country”. Based on our assessment, we think it is justified to entrust Mailchimp with your email address. As can be read here, Mailchimp has several legal and technical safeguards in place to protect your email address; including data encryption. Moreover, we protected our Mailchimp account with multi-factor authentication.
  • As part of our support ticket procedure, your name and email address may be transferred to U.S. based companies Zapier and Asana. If you want to avoid this, you can reach us by different channels such as regular email ( 
  • Any data transfers we perform to these U.S. based companies are based on standard contractual clauses (“SCC’s”). In addition, we expect that these companies will also be part of the upcoming US-EU privacy framework.

Data retention

How long and why do we store your data?

  • In case you pre-registered to gain access to the Digibeetle App once it goes live (after our approval), we give you 12 (twelve) months to apply as a trial user. After that period, your e-mail address will be automatically deleted unless you started using the Digibeetle App as a trial or paying user.
  • Your login credentials associated with your account are stored for the duration of your license, and 3 (three) months after the end of the license. The 3-month period is needed if you want to re-activate your account. After this period, the login credentials are permanently deleted. This retention period also applies to your IP-address and your personal data which can be part of a support ticket.
  • Your billing information is stored for a maximum of 7 (seven) years. This is because we have to comply with Dutch tax laws and regulations.
  • Your email address used in relation with the mailings you receive, will be stored and used until you opt-out from the mailings (newsletters). You can do this by clicking unsubscribe in the email you’ve received from us.
  • Your IP-address will be stored for 60 days as part of our security logs.

Your rights

  • You have several rights based on the GDPR. Relevant are:
  1. the right to request access to and rectification (or erasure) of your personal data, or 
  2. restriction of processing concerning you as a data subject, or 
  3. to object to processing, as well as 
  4. the right to data portability regarding the data you have provided to us;
  • If you want to send us a request based on these rights, just send us an email:
  • You also have a right to lodge a complaint with a supervisory authority. In The Netherlands, this is the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).


  • If you pre-register to gain access to the Digibeetle App once it goes live (after our approval), then your email address will be automatically added to our mailing list. Your e-mail address will only be used to remind you that you are eligible to access the Digibeetle App.
  • If you register as a trial or paying user of the Digibeetle App, your email address will be automatically added to our mailing list. Once your email address is on the mailing list, you can receive updates on Digibeetle’s new features, promotions, etc. As part of your trial, we will ask your opinion about our services and remind you of your trial period. Based on the Dutch Telecommunications Act, we do not ask for consent because you are our customer. However, you can always unsubscribe from this newsletter by clicking unsubscribe in the email you received from us.
  • You cannot unsubscribe from service messages. For example, messages regarding scheduled maintenance or other important (technical) changes related to our App such as information about a change in our privacy statement or terms and conditions.

Cookies or similar technologies

We don’t use cookies or similar technologies, other than the automatic retrieval of your IP-address (learn more about the use of your IP-address) and a check to verify you as a recurring visitor of the Website or App (shown as a “welcome back!” text when you want to log in). These activities are necessary for the proper functioning of our services, and are allowed without your consent according to the Dutch Telecommunications Act.