Beam Tracking B.V. respects the privacy of all individuals whose data it processes and ensures that the personal information you provide us is treated confidentially. In this privacy statement, we explain what personal data we collect, for what purposes, on what legal basis, and how we protect your data.
1. Data Controller
The data controller within the meaning of the GDPR is:
Jacob van Lennepkade 340-H
1053 NJ Amsterdam
The Netherlands
Chamber of Commerce: 70873429
Email: info@beamtracking.com
Phone: (+31) 088-58 000 60
For questions or requests regarding the processing of your personal data, please contact us using the details above.
2. What Personal Data We Collect
We process personal data in the following situations and categories:
Website visitors
- IP address and country-level location data
- Browser type and version, operating system
- Pages visited, referring URL, and session duration
- Form data (name, email address, phone number, company name)
Customers and contact persons
- First and last name, job title
- Business email address and phone number
- Company name, billing address, and Chamber of Commerce number
- Communication and correspondence history
- Subscription and billing data
Software users
- Login credentials (username, hashed passwords)
- User activity and log files within the application
- IP addresses at login attempts
- Device data and session tokens
Job applicants
- Name, contact details, and CV
- Cover letter and references
- Data exchanged during the application process
We only process special categories of personal data (such as health data) where required by law or where you have given explicit consent.
3. Purposes and Legal Bases
We process your personal data for the following purposes and on the following legal bases:
| Purpose | Legal basis |
|---|---|
| Performance of the agreement and delivery of the Software | Performance of contract (Art. 6(1)(b) GDPR) |
| Invoicing and financial administration | Legal obligation (Art. 6(1)(c) GDPR) |
| Customer service and technical support | Legitimate interest (Art. 6(1)(f) GDPR) |
| Security of our systems and fraud prevention | Legitimate interest (Art. 6(1)(f) GDPR) |
| Marketing and newsletter (opt-in only) | Consent (Art. 6(1)(a) GDPR) |
| Website analytics and service improvement | Legitimate interest (Art. 6(1)(f) GDPR) |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c) GDPR) |
We only send you commercial communications if you have given your consent. You may withdraw your consent at any time via the unsubscribe link in our emails or by contacting us.
4. Retention Periods
We do not retain personal data longer than necessary for the purposes for which it was collected, or as long as legally required:
- Customer data and contract documentation: seven (7) years after termination of the agreement (fiscal retention obligation).
- Support tickets and communications: two (2) years after closure.
- User data in the Software: thirty (30) days after subscription termination, after which permanent deletion occurs.
- Website log files and analytical data: maximum fourteen (14) months.
- Application data (rejected candidates): four (4) weeks after completion of the procedure, unless you consent to longer retention.
- Marketing consent: until withdrawal of consent or three (3) years after the last interaction.
5. Recipients and Third Parties
We only share your personal data with third parties where necessary for the performance of our services or where we are legally required to do so. Categories of recipients include:
- IT and hosting partners: cloud infrastructure, databases, and backup services (established in the EEA or under adequate protection safeguards).
- Payment processors: for processing invoices and payments.
- Email marketing platforms: for sending newsletters (only with your consent).
- CRM and customer service software: for managing customer relationships and support tickets.
- Analytics services: for anonymised website statistics.
- Competent authorities: where legally required or by court order.
We enter into a data processing agreement with all processors who process personal data on our behalf, in accordance with Article 28 GDPR.
We never sell your personal data to third parties.
6. International Transfers
Beam Tracking processes personal data primarily within the European Economic Area (EEA). Where data is transferred to countries outside the EEA without an adequacy decision from the European Commission, we ensure an adequate level of protection through:
- Standard Contractual Clauses approved by the European Commission;
- Codes of conduct or certification mechanisms; or
- Binding Corporate Rules where applicable.
You may request a copy of the safeguards we use by contacting us at info@beamtracking.com.
7. Security
Beam Tracking takes the protection of your data seriously and implements appropriate technical and organizational measures to protect your personal data against unauthorised access, loss, alteration, or destruction. These measures include:
- Encrypted storage (AES-256) and encrypted transmission (TLS 1.2+) of all data;
- Access control based on the need-to-know principle and least-privilege;
- Two-factor authentication for management environments;
- Regular security audits, penetration tests, and vulnerability scans;
- Incident response and data breach procedures in accordance with the GDPR notification obligation (72 hours);
- Employee awareness training.
Despite all precautions, no security strategy can offer absolute certainty. If you suspect misuse or a data breach, please contact us at info@beamtracking.com.
8. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
You have the right to know what personal data we hold about you.
You may request that inaccurate or incomplete data be corrected.
You may request deletion of your data ("right to be forgotten").
You may in certain cases request that processing be restricted.
You may receive your data in a structured, commonly used format.
You may object to processing based on legitimate interests.
To exercise any of these rights, send a written request to info@beamtracking.com. We will respond within one (1) month. We may ask you to verify your identity.
10. Children
Our Software and services are intended solely for business use by adults. We do not knowingly process personal data of individuals under the age of sixteen (16). If you believe we have inadvertently collected data from a minor, please contact us at info@beamtracking.com so we can delete this data as soon as possible.
11. Changes to This Statement
Beam Tracking reserves the right to amend this privacy statement. Significant changes will be communicated to you by email or through a prominent notice on our website. We encourage you to consult this statement periodically.
The date of the most recent update is always shown at the top of this page.
12. Contact and Complaints
For questions or requests about your privacy, please contact our privacy contact or Data Protection Officer via:
Privacy contact
Beam Tracking B.V.
Attn.: Privacy
Jacob van Lennepkade 340-H
1053 NJ Amsterdam
info@beamtracking.com
If you believe we are not processing your personal data in accordance with the GDPR, you have the right to lodge a complaint with the competent supervisory authority:
Dutch Data Protection Authority
Autoriteit Persoonsgegevens
P.O. Box 93374, 2509 AJ The Hague, Netherlands
www.autoriteitpersoonsgegevens.nl
We kindly ask you to contact us before filing a complaint, so we have the opportunity to resolve the situation to your satisfaction.