Privacy Policy

Last updated: October 2024

Website Publisher & Contact Information

Website Publisher

Dealroom.co B.V.
Cornelis Dirkszstraat 27-2
1056 TP Amsterdam, the Netherlands
Chamber of Commerce: 59237368
Intra-community VAT: NL853382104B01
Phone: +31 20 899 0565

Publication Director

Yoram Wijngaarde, legal representative

Website Management

Marketing Department

Website Hosting, Design, Development

Marketing and Development Department

Data Protection Officer

privacy@dealroom.co

Dutch Data Protection Authority

autoriteitpersoonsgegevens.nl

Controller

Dealroom.co B.V., Cornelis Dirkszstraat 27-2, 1056 TP Amsterdam, the Netherlands, Chamber of Commerce number 59237368.

Your privacy matters to us. This privacy policy outlines our practices regarding the collection, use, and storage of your personal information. We are committed to ensuring that your privacy is protected in compliance with the General Data Protection Regulation (GDPR).

What We Do

Dealroom.co operates an online platform that maps the start-up, scale-up, and corporate landscape globally, providing transparency on financing, ownership, and backgrounds of the parties involved. Through this platform, Dealroom.co:

  • Gathers personal data on individuals linked to startups, scale-ups, corporates, and investors
  • Enriches data from multiple sources
  • Assigns "Dealroom.co scores" reflecting subjective opinions
  • Publishes data within the platform
  • Creates and shares email addresses facilitating founder-investor matches
  • Does not employ automated decision-making

Personal Data Collected

We collect personal data from three categories of data subjects:

Users (Registered)

During registration, Dealroom.co collects:

  • Name
  • Email address
  • IP address
  • Job title
  • Company name
  • Telephone number
  • Profile photo
  • Login count
  • Last login date/time

Via sign-on applications (such as Facebook), we may additionally collect:

  • Interests
  • Marital status
  • Profile picture
  • Photos and comments

Authentication uses Auth0 (https://auth0.com/privacy), with EU-based data processing.

Website Visitors (Unregistered)

  • IP address
  • Browser information
  • Behavior, preferences, search history (via cookies, subject to consent)

Platform Subjects (Founders, Investors, Team Members)

  • Name
  • Function/title
  • Company affiliation
  • Company email (created/acquired if not public)
  • Previous companies
  • Portfolio/investments
  • News article content
  • Photo
  • Gender (with consent or if public)
  • Ethnicity (with consent only)
  • Education
  • LinkedIn, Facebook, Twitter URLs
  • Location
  • Investor search activity

Legal Grounds for Processing

Performance of Agreement

Dealroom.co processes user registration data to establish and manage accounts and platform access.

Consent

Cookie usage requires explicit consent. Sensitive data (ethnicity, gender) requires consent. Users may revoke consent anytime by emailing privacy@dealroom.co.

Legitimate Interest

Dealroom.co has assessed balancing tests for data processing. The organization concludes that most published information is publicly available, making legitimate interest the appropriate legal basis. Users may object to processing; objections will halt processing of relevant data.

Data Processing Overview

Data Category Source Legal Ground Legitimate Interest Assessment
Name, email, job title, company, phone, photo (registered users) Data Subject Performance of Agreement N/A
Interests, marital status, profile data (sign-on) Data Subject Consent N/A
IP address, website behavior Cookies Consent N/A
Name, job title (company team members) Public information Legitimate Interest Commercial importance; low impact
Names, addresses (angel investors) Public information Legitimate Interest Investor identification importance; low impact
Financial information (investors) Public information Legitimate Interest Investment history relevance; low impact
Name, education, work experience (founders) Public information Legitimate Interest Success factors; low impact
Education, historical success (founders) Public information Legitimate Interest Assessment factors; medium impact (profiling)
Names, job titles (investor team) Public information Legitimate Interest Investor value assessment; low impact
Profile URLs (angel investors) Public information Legitimate Interest Fact verification; low impact
Name, industry field (investors) Public information Legitimate Interest Funding round decisions; low impact
ID, name, profile, social URLs, logo, address, coordinates, HQ details, companies (people) Public information Legitimate Interest Data accuracy; low impact
Financial, educational portfolio (people) Public information Legitimate Interest Decision-making; low impact
University name (founders) Public information Legitimate Interest Skill assessment; low impact
Gender (founders, team, investors, people) Data Subject or Public Legitimate Interest (if public) Statistical generation for equal opportunity promotion; medium impact
Ethnicity Data Subject Consent N/A

Data Usage Purposes

Personal data enables:

  • Service provision following authentication
  • Platform/service update notifications
  • Content, offers, advertisements
  • Required service communication
  • Invoice delivery
  • Customer service
  • Experience improvement
  • Personalized content and services
  • Preference storage
  • External research and marketing reports
  • Fraud prevention and threat identification
  • Customer characteristic analysis
  • Investor search behavior sharing (with consent)
  • Founder email sharing with prospective investors

Data Retention Periods

User-Provided Data

Stored until removal by user or account deletion. Invoice data is retained for seven years (legal requirement), then deleted.

Platform Usage Data

See our Cookie Policy for details.

Third-Party Sourced Data

Retained until replaced with accurate information, then removed unless historical value exists and consent is provided.

Third-Party Data Sharing

Dealroom.co discloses personal data to third parties when necessary for service provision, subject to user consent shown upfront.

Third-party services include:

  • Analytics tracking (with consent)
  • Authentication via Auth0 (with consent)
  • Advertising/promotion (with consent)
  • Content marketing (with consent)
  • Email marketing (with consent)
  • Payment processing: Mollie BV (shares name, email address)
  • Search behavior (with consent)

Data Processing Agreements ensure third-party privacy compliance. Third parties access data solely for specified tasks.

Additional disclosures may occur:

  • To affiliates/subsidiaries
  • When legally required
  • For rights protection and safety
  • Upon business sale/transfer
  • To third parties in Armenia, Lebanon, India (with prior consent and equivalent protection agreements)

Ecosystem Partners

Dealroom.co services third parties through customized platform versions filtered to their specifications. Data shared includes name, email, user type, and search results (profiles visited).

Partners require prior consent; users may decline or withdraw consent via privacy@dealroom.co.

Listed Ecosystem Partners:

  • Bpifrance (France)
  • Business Finland (Finland)
  • Upstate Capital (New York)
  • Luxinnovation, Startup Luxembourg (Luxembourg)
  • Invest Glasgow (Scotland)
  • Milano&Partners, Camera di Commercio di Milano Monza Brianza Lodi, Promos Italia, Parcam (Italy)

CRM recording and local partner notifications occur; partners request necessary consents as data controllers.

Data Security Measures

Dealroom.co implements technological and organizational safeguards:

  • SSL (https) website encryption
  • Complex, frequently-changed server passwords
  • Netherlands-based, Dutch-serviced servers
  • Restricted physical office access (authorized personnel only)
  • Employee access profiles limiting data access to job-necessary information
  • Continuous privacy policy evaluation

Your Rights

Individuals possess the following GDPR rights:

Access

Request information and copies regarding held personal data via privacy@dealroom.co.

Rectification

Request correction or supplementation of incorrect/incomplete data via privacy@dealroom.co.

Erasure

Request removal of personal data.

Consent Withdrawal

Withdraw consent anytime via privacy@dealroom.co; may require case-by-case consent for certain services.

Portability

Request machine-readable data copies; request transmission to another controller where feasible.

Objection

Object to further use/disclosure for Legitimate Interest processing, including direct marketing.

Processing Restriction

Request processing limitations.

Complaint Filing

Lodge complaints with supervisory authorities.

Children's Privacy

Dealroom.co does not knowingly target or collect information from children under 16. Parents/guardians should contact privacy@dealroom.co regarding suspected child participation. Children wishing to submit personal data require parental/guardian consent.

Newsletters and Email Communication

Account registration offers newsletter/email communication consent. Unsubscribe via email links or account settings.

External Website Links

This policy covers only Dealroom.co's practices. External linked sites operate independently; Dealroom.co bears no responsibility for their privacy practices.

Policy Changes

Dealroom.co may modify this policy. Substantial changes warrant appropriate notice. Continued platform access implies acceptance of revised terms.

Last updated: October 2024

Contact

Data Protection Officer: privacy@dealroom.co

Dutch Data Protection Authority: https://autoriteitpersoonsgegevens.nl

Related Documents