Privacy Policy

In this statement “FIDENTY”, “we” or “us” refers to FIDENTY B.V. and subsidiary entities.

Where we refer to ‘you’ or ‘customer’, it refers to the (prospective) customer of FIDENTY, end customers
of a FIDENTY customer or the website visitors, each as applicable in the context of the relevant personal
data processing.

In this privacy statement, you can read about the personal data we collect, what purposes we use
this data for, how we protect your privacy and personal data, how long the data is stored and how
you can exercise your data protection rights.

CONTACT INFORMATION
FIDENTY BV
De Entree 201
1101 HG Amsterdam
The Netherlands
+31(0)202446987
info@fidenty.com
www.fidenty.com

Applicability
To offer our services, FIDENTY can process personal data of our partners, website visitors, customers
and their end users. This privacy statement applies for the processing of personal data by FIDENTY in
this context. FIDENTY respects your privacy and ensures that your personal data is processed in
accordance with applicable laws and regulations such as the GDPR.

The FIDENTY privacy statement is meant to inform you FIDENTY which personal data are collected by
FIDENTY, for which purpose and on which basis they are collected and used how you can raise
questions or exercise your rights concerning your personal data. In the cookie statement you will find
more information on how we deal with the data of website visitors.

What is personal data and personal data processing?
Personal data is all data that relates to an identified or identifiable natural person. FIDENTY is the data
controller for the processing of your personal data for the purposes described in this statement. By
processing, we mean any operation or set of operations performed on personal data, including for
example, collecting, recording, storing, altering, using, transmitting and erasing personal data.

In the context of the services that FIDENTY provides, some services are supported or provided by a third
party (such as a telecom operator provider or a partner we may work with). Such third party can act
as a separate controller when processing personal data and – when acting as independent controller will be responsible for the personal data it processes. In that case, the privacy statements of such
third party applies instead. If you have questions about how such third party handles your personal
data, you can contact this third party directly. If you choose not to provide the personal data, you
might not be able to make use of the desired service / function or technical assistance.

What personal data do we use?
Personal and User Information

When you purchase a service from FIDENTY, visit our website or when you contact us, FIDENTY
processes your personal data. The information processed by FIDENTY when you use or purchase our
services can be name, (business) address, telephone number, IP address and other technical data to
visit our website and your email address, information about the ultimate beneficial owner (“UBO”),
credit information and bank account number.

We can also perform a credit check on you or perform a check on the UBO, to protect your and our
interests and to comply with (financial) laws and regulations that may apply to us and our services.
To perform such checks, we may ask you to provide us with personal data of you or the UBO(s). We
may also use data obtained from public and other registers, such as the National Credit Register
(‘BKR’) and the Chamber of Commerce or use data that we have obtained from third parties such as
credit agencies. We may also be required to register a credit with the National Credit Register and will
use the required personal data to complete such registration.

Traffic data
When using our services, traffic data will be processed. This data is required for us to facilitate
communication. Traffic data is generated and processed automatically when an end user make use
of our telecommunication services, Traffic data that we use consists of: the calling and called
numbers, the date, the time, the duration, and the fees that were charged for said call.
This data does not concern the contents of the communication. In the case of a data session, we also
register the amount of data, and when roaming, we register the network that was used.

Location data
When you set up a call or data session, FIDENTY processes information that can make a very rough
determination of your location at that moment to facilitate our service offering and invoicing process.
FIDENTY uses the telecom operators’ mobile network of other operators. These operators are able to
accurately determine your location by looking at which transmission tower was used for your call or
data session. FIDENTY does not have access to this information.

Website
www.fidenty.com and our customer portals use cookies and similar technology to optimize the
functionality of certain pages on the website. Cookies are small information files that are placed onto
the device you use to visit our website. When we refer to “cookies” in this privacy policy we also mean
it to include similar technologies, such as JavaScript’s and web beacons. This allows FIDENTY to serve
the visitor even better when they next visit the site. The visitor can decide how cookies should be
handled. Any processing of your personal data via cookies and/or similar technologies will take place
in accordance with our cookie notice, which may be updated from time to time and is available on
our website www.fidenty.com.

Processing purposes
FIDENTY processes your personal data based on a legal basis and for specified, explicit and legitimate
purposes, such as performance of our services, or to allow you to visit and use our website.

Processing principles
FIDENTY only processes your personal data if and in so far as one of the conditions referred to below
is met:
 you have granted permission for your personal data being processed (consent);
 the processing is required for the performance of a contract to which you are party, or it is
required to take specific measures, on your request, before the contract is entered into;
 the processing is required to meet a legal obligation which we are subject to;
 the processing is required to protect your vital interests or the vital interests of other persons;
 the processing is required to perform a task carried out in the public interest or assigned to us
by a public authority;
 the processing is required for the representation of our legitimate interests or a third party’s
legitimate interest.

We may use your personal data for other purposes than the purpose for which you provided personal
data to us. In that case, the new purpose must be in line with the purpose for which you initially
provided your personal data to us. Where we, or 3rd parties acting as our processors, transfer personal
data outside the European Economic Area, such transfer will always take place in accordance with
the applicable data protection laws and regulations.

WHAT DO WE USE THIS INFORMATION FOR?
Providing services and invoicing
FIDENTY uses the aforementioned information primarily for the offering, provision and improvement of
our services. Based on these services and the use thereof, FIDENTY creates an invoice. This invoice
shows the fees charged for each service, specified by type of use. You can see fees incurred abroad,
call costs, data usage and more.

Traffic management, network planning and quality of services
For the sake of the maintenance and the improvement of our website and platform, we analyze
information about the use of the network. We do this so that we can, among other things, redirect
traffic in case of potential overloading, but especially so that we can prevent this by planning and
implementing targeted improvements. In addition, we can use the information to see when
malfunctions occur on the platform.

Security analysis
Based on analyses of call and internet behavior, FIDENTY can proceed to restrict certain destinations
when excessive usage is detected. Higher usage than average call behavior may indicate fraud. A
blockade can limit fraud and misuse, and therefor prevent you from receiving an excessive invoice for
services and service fees that you have not used yourself. FIDENTY also uses advanced techniques
(such as firewalls, spam filters and virus scanners) to protect against security breaches, viruses, spam
and malware.

Legal requirements
In some cases, FIDENTY is legally required to give your information to third parties. For example, the
provision of information in the context of a criminal investigation, to authorities, and – at your request
– to other providers for the purposes of shielding the called number in the records.

Mandatory Provision
When FIDENTY requests you to provide personal data, we will inform you whether the provision of these
data is necessary or mandatory and what the (possible) consequences are if the personal data is not
provided.

Data exchange with third parties
In specific circumstances to do with the offering or performance of its services or to comply with
applicable legal obligations, FIDENTY may provide third parties with your personal data. FIDENTY only
shares personal data with third parties under appropriate conditions, in accordance with the
processing purposes set out in this privacy statement.
In order to provide telephony to our business customers, it is necessary for us to transmit traffic data
via operators. FIDENTY uses several European infrastructure providers, and these operators therefore
process personal data. These operators are independent controllers for the processing of personal
data within their respective networks (see also under “What is personal data and personal data
processing?”.
)
We might also pass on your personal data to data processors acting as suppliers for us, this could be
in relation to our website for example, we may use various data processors, e.g., for sending out
newsletters and website maintenance.

Automated decision-making and profiling
At this moment FIDENTY does not use profiling in combination with automated decision-making.

Retention period
Your data will not be retained any longer than necessary. If a statutory data retention term applies,
FIDENTY will comply and keep the personal data for that term. If the statutory retention term and the
retention term agreed with a customer should differ, we will observe the longer retention period. If you
would want your personal data to be erased at an earlier stage, this may be granted in specific
circumstances. Please refer to the heading ‘right to rectification and erasure’ for more information.

Personal data security
FIDENTY takes appropriate technical and organizational measures to secure your personal data
against loss or any form of illegal processing. Measures that are applied in this context, as much as
reasonably possible include confidential treatment of personal data and data minimization.

Your rights
FIDENTY respects the rights that you have pursuant to current applicable data protection laws and
regulations. Below we give you some more information about these rights and how you can invoke
them.

Right of access;
You have the right to verify which of your personal data FIDENTY processes.

Right to rectification and erasure;
In specific circumstances, you are entitled to have your personal data rectified or erased if the data
are not – or are no longer – correct or if the processing is – or is no longer – legitimate.

Right to object;
When FIDENTY processes your personal data by reason of a legitimate interest or a task carried out in
the public interest, you have the right to object. If you object to any other form of processing with respect to your personal data, we will verify if we can honor your objection. If your objection carries
more weight than the interest we have in processing your personal data – and in continuing to do so,
we will stop processing these personal data.

Right to data portability;
If FIDENTY processes your personal data on the basis of your consent or an agreement entered into,
you have the right, with respect to these personal data, to receive (in return) the data you provided us
in a digitally structured, commonly used and machine-readable format. You are then free to transmit
these data to any other party.

Withdrawal of consent;
If FIDENTY processes your personal data on the basis of your consent (e.g., for direct marketing), you
have the right to withdraw your consent. We will then stop the relevant processing of your personal
data. Withdrawal of consent has no retro-active effect. Any processing that has taken place up to that
moment will remain lawful.

Exercising the rights referred to above
If you want to invoke one of the rights referred to above, you can contact us by sending an email/
FIDENTY does not charge any costs when you exercise the rights referred to above – except where
rights are abused.

Terms
In principle, FIDENTY will respond to your request within a month. If answering your question should
take more time, which we hope will not be the case, we will inform you about this within a month. .

Identification
FIDENTY may request further proof of identity when you file a request. We apply this rule to prevent
personal data being provided to the wrong person or being changed or erased incorrectly and to
prevent any changes in the way in which those personal data are processed by us. In order to be able
to handle your request as efficiently as possible, we will ask you to identify yourself in accordance with
our further instructions.

Balancing individual interests involved in a request
FIDENTY would like to point out that the rights described above do not constitute absolute rights.
Specific circumstances may lead to a specific request not being honored. We will assess each request
on an individual basis. In the event we cannot honor a specific request, we will explain why not, stating
reasons. The right to object to the use of data for direct marketing purposes is an absolute right,
unsubscribing for possibly commercial forms of communication will in any event be honored.

Supervisor
Under the data protection laws and regulations you can also file a complaint with the competent
supervisory authority, the Dutch Data Protection Authority. You will find further details on the website
of the Data Protection Authority: (www.autoriteitpersoonsgegevens.nl).

Scope and amendments
This privacy statement is applicable for all data processing as from November 1, 2023. Please visit our
webpage www.fidenty.com on a regular basis to stay informed about how FIDENTY processes personal
data.