www.d-basics.com
Search
Menu
  1. Home
    1. d-basics Collector v2
      1. Accounting software
      2. Partners
      3. Technical information
    2. d-basics Portal v2
    3. Security
  3. Support
  4. News
    1. Company profile
    2. Legal
    3. GDPR
      1. Data processing agreement
    4. Contact information
    5. Contact form
    6. Work at d-basics
Search
Monday, October 20, 2025
OrganisationGDPR

GDPR

 

GDPR

From 25 May 2018 the General Data Protection Regulation (GDPR) enters into force and below you will find answers to the most important questions concerning the use of the software of d-basics and the GDPR.

 

Your rights under the GDPR

The GDPR entitles you to the following rights:

  • Access

    You have the right to access the data collected by d-basics B.V., to be informed about the purpose for which the data were collected and to know whether they were shared with any third parties.

  • Data portability

    This right entitles you to request the data d-basics B.V. has about you, so that you can file them for personal (re-)usage or to pass them along to another organisation.

  • Removal

    You have the right to register a request to have the data d-basics has stored about you removed. Please note, however, that following the removal of the data you will no longer be able to use the d-basics data extraction software and you will not be able to access or use the d-basics Portal.

  • Rectification and completion

    You have the right to complete or amend the data stored by d-basics B.V. or you may register a request for d-basics B.V. to do this on your behalf.

  • Objection

    You have the right to object to the processing of your data by d-basics B.V. You may also register a request to process less data.

  • Transparancy

    It should be clear to you why d-basics B.V. collects, uses, or consults personal data, or how it processes these data in any other way.

This document outlines the implementation of these rights by d-basics B.V. and how it affects the use of the d-basics B.V. software.

Which personal data is collected by d-basics B.V.?

To understand the impact of the GDPR on the use of the d-basics software fully, a distinction must be made between:

  • The collected data of the users of the d-basics software by d-basics B.V.
  • The (personal) data copied and sent from the accounting package by the d-basics software

Personal data users d-basics software

D-basics B.V. processes the following details from the users of the d-basics software:

  • First and last name
  • Gender
  • Business address details
  • Job title
  • Business telephone numbers
  • Email address
  • Other personal details that you add yourself to your d-basics Portal profile
  • Log information on how you use the d-basics software
  • Technical information on how you configured the d-basics software
  • Information related to help desk activities, such as tickets (including comments and status updates)
  • IP-address
  • Bank details

Data collected by d-basics software

The d-basics data extraction software copies information from your accounting package, turns it into data files and sends these to external recipients such as factoring companies, banks, etc.

The nature of the information collected and sent by the d-basics software is very diverse and it depends on the specific purpose for which the software is being used.

Within computer environment of user

To understand the influence of the GDPR on the use of the d-basics data extraction software fully, it is important to realise that the d-basics data extraction software is installed within the computer environment of the user (sender) and that the software is used and controlled by this same user.

During regular use d-basics B.V. has access neither to the software nor to the (personal) data that are being processed through it. Consequently, d-basics B.V. cannot be seen as a processor as such when it concerns the usage of the d basics software for importing and sending information.

Special personal data

D-basics B.V. will never ask for special personal data from d-basics software users.

It is, however, possible that special personal data, such as race, political preferences, or social security information, is copied and sent from your accounting package when information is imported and sent using the d basics data extraction software.

When the d-basics software is used to import and send special personal data it is the responsibility of the sender that this process complies with GDPR guidelines.

Remote support

To support clients adequately, d-basics B.V. employees will use remote desktop software to connect to the computer of d-basics software users.

During the remote desktop session the d-basics B.V. employee will see data as it is displayed on the user’s computer screen, which may include personal data.

Users who give their permission for a remote desktop connection are asked not to have person-al data on display during the remote desktop session.

User has full control

A remote desktop connection can only be established with the cooperation of a user of the d basics software. The user retains full control during such a session and can break the connection at any moment he/she chooses.

After the connection has been broken the d-basics B.V. employee will not be able to re-establish the connection independently.

The data that were visible at the time of the desktop connection will not be copied to d-basics B.V.

Test data

There are times when d-basics B.V. employees will ask users of the d-basics software for a copy of a database and/or data files. These copies are used to add links to new accounting packages to the d-basics data extraction software or to improve or expand existing links to accounting packages.

Providing these copies is not part of the regular usage of the d-basics software and in such cases clear agreements on the conditions under which the copies are provided will always be made with the user concerned.

If the databases or data files concerned contain special personal data d basics B.V. will request users to make this known beforehand. In this case d-basics B.V. will refrain from copying the parts that contain the data concerned.

For which purpose does d-basics B.V. collect your personal data?

D-basics B.V. only collects the essential personal data for the purpose of legal obligations, legitimate interest, as part of an agreement, or because we have been given permission to do so.

More specifically:

  • Accounting and invoicing

    Your personal data are used to carry out regular accounting actions such as invoicing and receivables management.

  • Client contact and support

    Your personal data are used to communicate with you. Often this concerns the necessary support to install or use the d-basics software and this communication usually takes place by telephone, email, or through our ticket system. D-basics B.V. also communicates about important updates of the d-basics software and about the availability of the help desk.

  • Access to the d-basics software

    Your personal data are used to create a user account. You need this account to be able to use the d-basics software.

  • Usage of the d-basics software

    Your personal data are used to check the proper functioning and the security of the d-basics software.

  • Improvement of the d-basics software

    Your personal data are used for the maintenance and development of the d-basics software.

  • Backup of settings

    During the regular use of the d-basics data extraction software a copy of the settings of this software is synchronised with the d-basics Portal. If passwords are synchronised, they are encrypted in such way that they cannot be decrypted by d-basics B.V.

    The synchronised settings do not contain (personal) data that were copied from the accounting package.

  • Website visit

    Information is collected during visits to the d-basics B.V. websites regarding the use of the websites concerned and the origin of the visitors.

Granting permission for cookies

When you visit the d-basics B.V. websites you are requested permission for the use of cookies. These functional, tracking, analytical, and 3rd party cookies are used by d-basics B.V. to optimise visits to the websites.

Access to your personal data

D-basics B.V. employees have access to the personal data of users of the d-basics software as part of their daily support, management, and development activities.

As previously indicated, d-basics B.V. employees do not have access to the data that are sent by users through the d-basics software.

Disclose personal data to third parties

D-basics B.V. will only disclose your personal data to third parties if there is a legal obligation to do so..

How does d-basics B.V. keep your personal data secure?

D-basics B.V. is constantly taking preventative measures to ensure your privacy and data are kept secure:

Organisational measures

  • Remaing ISO9001 and ISO27001 certified
  • Employees must sign a confidentiality agreement
  • Employees are given instructions and training about privacy and information security.
  • The d-basics B.V. privacy policy provides employees with guidelines on how to handle your privacy and data responsibly.
  • The internal processes and procedures at d-basics B.V. are constantly reevaluated
  • Your data are only accessible to those who need access to them based on their job descrip-tion.

Technical measures

D-basics B.V. constantly re-assesses whether the software developed by d-basics B.V. as well as the infrastructure used by d-basics B.V. provide a sufficient level of warranty to adequately process personal data.

Examples of measures that were taken to this effect are:

  • SSL certificates

    Connection to all d-basics B.V. online environments is encrypted using SSL certificates. Additionally, the d-basics data extraction software sends the information imported from the accounting package to the recipient through an encrypted connection provided the recipient has taken the technical measures to establish such an encrypted connection.

  • Penetration tests

    In order to check the security of the products developed by d-basics B.V., “pentests” are executed periodically.

  • Backups

    D-basics B.V. makes a daily backup of all the servers used by d-basics B.V. and the data stored on them. These backups are encrypted and are stored at different locations.

  • Active network management

    D-basics B.V. carries out active network management that is aimed at minimising any risks. Among other things, this consists of consistently installing updates, using firewalls, multiple means of protection against cyber risks, and carrying out daily network scans.

  • Data in Europe

    Information collected by d-basics B.V. is stored on our own d-basics B.V. servers. Where it concerns data in the d-basics Portal, it is stored in the European Microsoft Azure environ-ment.

How does d-basics B.V. handle data breaches?

In case of a data breach d-basics B.V. will notify the Authority for Personal Data within 36 hours if the breach is discovered by d-basics B.V. D-basics B.V. will notify the Authority for Personal Data within 48 hours if the data breach is brought to the attention of d-basics B.V. by another party. D-basics B.V. will also notify those who are affected by the data breach.

D-basics B.V. requests anyone who suspects a data breach to notify d-basics B.V. of the potential issue. You will find the relevant contact details at Contact information.

Data processing agreement with d-basics B.V.

As previously indicated d-basics B.V. is not necessarily a data processor if a user copies and sends data to an external recipient from the accounting package using the d-basics data extraction software.

In this case d-basics B.V. has no access to the data that were sent and as such is unable to influence the way the data are being sent.

Where d-basics B.V. is the processor of the personal data you provided, you are required to close a data processing agreement with us.

This situation occurs, for example, when a factoring company sends a request - which includes personal data - to d-basics B.V. on behalf of their clients for the installation of the d-basics software.

This is when d-basics B.V. will process data which fall under the responsibility of the factoring company, making the factoring company responsible for closing a data processing agreement. In this case, the factoring company is responsible for the personal data and d-basics B.V. will be the data processor.

To make the process of closing a data processing agreement as smooth as possible, d-basics B.V. drafted their own data processing agreement which is fully compliant with the GDPR guidelines and is based on the model provided by Netherlands ICT.

This data processing agreement includes matters such as which personal data will be processed, why they are being processed, the confidentiality clause, sub-processors, security measures and audits.

Click here for more information about the d-basics data processing agreement.

Contact us

If you wish to contact us about the GDPR you may contact d-basics B.V. as follows:

Copyright 2025 by d-basics b.v. Terms Of Use Privacy Statement
Back To Top