Data Protection Policy at Silverfin
Silverfin's Data Protection Policy, updated on 6 December 2021, outlines how the company processes personal data either as a data controller—collecting and managing data from users and commercial contacts in compliance with GDPR, UK GDPR, Belgian Privacy Law, and the ePrivacy Directive—or as a data processor under SaaS agreements where customers act as data controllers, and also explains the use of cookies on its website to enhance user experience.
Silverfin & Data Protection
Last update: 6 December 2021
Silverfin may process personal data relating to you, for instance, through the Silverfin platform, by browsing the website www.silverfin.com, or due to your commercial relationship and/or communication with Silverfin.
Silverfin respects your privacy and strives to act in accordance with applicable privacy legislation, such as:
- The General Data Protection Regulation 2016/679 (GDPR)
- The United Kingdom Data Protection Act 2018 (UK GDPR)
- The Belgian Privacy Law of 30 July 2018
- The ePrivacy Directive 2002/58/EC
- Any future national legislation regarding the implementation of the GDPR
This page explains how Silverfin treats personal information in light of privacy legislation.
Silverfin's Role
Silverfin as a Data Controller
Due to your commercial relationship, recent contact with Silverfin, or a visit to or action on the website, Silverfin may collect, store, and process personal data relating to you or, if you are a company, your employees or representatives, as a data controller. This processing is done in accordance with Silverfin's Privacy Policy.
Silverfin as a Data Processor
If Silverfin processes personal data on behalf of a customer in the performance of its obligations under the SaaS agreement ("Agreement"), particularly regarding data uploaded or entered on the Silverfin platform, the customer is considered the data controller and Silverfin the data processor (or sub-processor if the customer is a data processor).
The data controller must ensure compliance with privacy legislation before passing personal information to Silverfin for processing or uploading it to the Silverfin platform. This processing is governed by the Data Processing Addendum, which takes precedence over the Agreement in case of conflict.
Cookies
The website uses cookies to improve your browsing experience. A cookie is a small text file downloaded onto your device when you access a website, allowing the website to recognize your device and store information about your preferences or past actions.
For more information on how Silverfin uses cookies and how you can manage them, refer to the Cookie Policy. When you visit the website for the first time, you are prompted via a cookie banner to indicate your cookie preferences (for non-strictly necessary cookies). You can change your cookie preferences at any time by accessing the cookie preference banner via the icon in the bottom left corner of your browser.
Security
Silverfin is ISO 27001 certified, providing a framework to protect and process your personal information. Organizational and technical measures have been implemented to protect your personal data in accordance with privacy legislation. For an overview of these measures, refer to the Security Policy.
Your Data Subject Rights
Privacy legislation (e.g., GDPR, UK GDPR) gives you certain rights over your personal data with respect to Silverfin (when acting as a data controller). For more information on your rights, consult the Privacy Policy. You can exercise your rights by contacting Silverfin and by using the Data Subject’s Rights Form.
Communication
You can subscribe to Silverfin communications to receive updates on platform changes, tips, events, and more. For information on how Silverfin collects, stores, and uses your personal data for communications, refer to the Privacy Policy. You can select or modify your communication preferences via the Communication Preferences Centre. If you do not wish to receive direct marketing communications, you can object to the processing of your personal data for this purpose via the centre.
Sub-Processors
When acting as a data processor, Silverfin may engage sub-processors to assist in providing services as described in the Agreement and within the scope of the Data Processing Addendum. These sub-processors may have access to personal data uploaded to the Silverfin platform. Silverfin ensures that contracts or similar legal acts are in place to ensure sub-processors treat your personal data in accordance with privacy legislation and the Data Processing Addendum. An overview of sub-processors can be found in Annex III of the Data Processing Addendum.
Complaints
If you are not satisfied with how Silverfin collects, stores, treats, or secures your personal data, you are encouraged to contact Silverfin. You also have the right to lodge a complaint with the authorized supervisory authority (the Belgian Data Protection Authority) or the data protection authority of your residence or workplace if you believe the processing of your personal data infringes privacy legislation. You can contact the Belgian Data Protection Authority at contact@apd-gba.be or via their website.
Contact – Further Questions
For further queries on how Silverfin handles personal information, contact legal@silverfin.com.