DSA Privacy Statement
DSA Webform Privacy Statement
This privacy statement applies to the personal data of individuals which FareHarbor may process in any form. Individuals are hereafter together or individually referred to as “you” or “your”.
The privacy statement applies to FareHarbor for the processing of the personal data within the scope of this privacy statement (hereafter referred to, as applicable, as “FareHarbor” or “we” or “our”).
FareHarbor B.V., located in Amsterdam, the Netherlands, is responsible for processing individuals’ data.
This statement describes how FareHarbor processes personal data collected from individuals using the DSA webform.
For information about the use of cookies at FareHarbor, see the separate Privacy and Cookie Statement.
Data collection
The personal data FareHarbor collects in regards to individuals are the personal data collected via the DSA form and the interaction with FareHarbor products. The personal data FareHarbor collects about an individual can include the following – depending on the specific situation, not all of the following data items may be considered personal data because they may relate to a business instead of an individual:
Personal data you give to us
- General information and Contact details
We collect general information and contact data of individual’s identification data, such as first name/last name, (business) email address, or any other information you provide to us. - Communication
When communicating with FareHarbor, FareHarbor collects and processes such communications.
Information we collect automatically
When using the DSA form for reporting illegal content, FareHarbor also collects information automatically, some of which may be personal data. This includes data such as language settings, IP address, location, device OS, log information, time of usage, URL requested, status report, user agent (information about the browser version) and operating system.
Personal data you give to us about others
By sharing other individuals’ personal data in relation to your report (for instance, the individual subject to your report or other individuals within your agency/authority), you confirm that this is done in compliance with applicable (privacy) laws and you are authorized to do so.
Other information we receive from other sources
- Fraud detection
In certain instances, and as permitted by applicable law, FareHarbor may need to collect data through third party sources for fraud detection and prevention purposes.
Processing purposes
FareHarbor uses the previously described individual’s information, some of which may be personal data, as relevant, for the following purposes:
A. Registration, administration and verification
FareHarbor uses account details, general information and contact details to manage the report submitted, including verification purposes.
B. Communication
FareHarbor uses your personal data in order to communicate with you, as may be required, in relation to your report and to ensure proper resolution.
C. Analytics and improvement:
FareHarbor uses the information provided, which may include personal data, for analytical purposes. This is part of our drive to improve the individual and enhance user experience, for testing purposes, troubleshooting and to improve the functionality and quality of the individual, and can also be used for analysing the incoming requests.
D. Security, fraud detection and prevention
We process the information provided, which may include personal data, in order to investigate, prevent and detect fraud and other illegal or violating activities. This may be personal data a individual y has provided to FareHarbor, for example for verification purposes as part of the registration process, personal data collected automatically, or personal data obtained from third party sources. FareHarbor may also use personal data to facilitate prosecution where necessary. FareHarbor can use personal data for risk assessment and security purposes, including the authentication of users.
E. Legal and compliance
In certain cases, FareHarbor needs to use the information provided, which may include personal data, to handle and resolve legal disputes or for regulatory compliance.
If we use automated means to process personal data which produces legal effects or significantly affects you, we will implement suitable measures to safeguard your rights and freedoms, including the right to obtain human intervention.
Legal Bases As applicable for purposes A to D, your personal data is necessary for FareHarbor’s legitimate interests, as described under each processing purpose. When using personal data to serve FareHarbor’s or a third party’s legitimate interest, FareHarbor will always balance your rights and interests in the protection of your information against FareHarbor’s rights and interests or those of the third party.
For purpose E, FareHarbor relies where applicable on compliance with legal obligations. Finally, where needed under applicable law, FareHarbor will obtain your consent prior to processing personal data.
If you wish to object to the processing set out under A to D and no opt-out mechanism is available to you directly (for example, in your account settings), to the extent applicable, please contact privacy@fareharbor.com
Data sharing
Sharing with third parties. We share individual’s information, which may include personal data, with third parties as permitted by law and as described below.
- Service providers (incl. Suppliers and trusted advisors). We share personal data with third party service providers to enable and/or advise on the administration, verification, processing and management of the report submission on our behalf.
- Compelled disclosure. When legally required, strictly necessary for the performance of our services, in legal proceedings, or to protect our rights or the rights of FareHarbor or clients, we may disclose personal data to investigative organizations or other group members.
International data transfers
The transmission of personal data as described in this Privacy Statement may include overseas transfers of personal data to countries whose data protection laws are not as comprehensive as those of the countries within the European Union. Where required by European law, we shall only transfer personal data to recipients offering an adequate level of data protection. In these situations, as may be required, we make contractual arrangements to ensure that your personal data is still protected in line with European standards. You can ask us to see a copy of implemented safeguards (where possible) by contacting us at privacy@fareharbor.com
Security
In accordance with European data protection laws, FareHarbor observes reasonable procedures to prevent unauthorized access to, and the misuse of, information including personal data.
We use appropriate business systems and procedures to protect and safeguard information including personal data. We also use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorized personnel are permitted to access personal data in the course of their work.
Data retention
We will retain personal data for as long as we deem it necessary to manage the relationship with you, to handle your report, to comply with applicable laws (including those regarding document retention), resolve disputes with any parties and otherwise as necessary to allow FareHarbor to conduct its business. All personal data we retain will be subject to this Privacy Statement and our internal retention guidelines. If you have a question about a specific retention period for certain types of personal data we process about you, please contact us via the contact details included below.
Your choices and rights
Depending on where you are located or the FareHarbor entity processing your personal data, different rights may apply to the processing of personal data as set out in this privacy statement. As applicable:
- you can ask us for a copy of the personal data we hold about you;
- you can inform us of any changes to your personal data, or you can ask us to correct any of the personal data we hold about you;
- in certain situations, you can ask us to erase, block or restrict the personal data we hold about you, or object to particular ways in which we are using your personal data; and
- in certain situations, you can also ask us to send the personal data you have given us to a third party.
Where we process your personal data based on legitimate interest or the public interest, you have the right to object at any time to that use of your personal data subject to applicable law.
We rely on you to ensure that any personal data we hold about you is complete, accurate and current. Please always inform us promptly of any changes to or inaccuracies of your personal data.
Questions or complaints
If you have questions or concerns about our processing of your personal data or you want to exercise any of your rights you have under this Privacy Statement, please contact us via privacy@fareharbor.com All privacy related questions and complaints reported to FareHarbor will be investigated. FareHarbor will attempt to resolve complaints and questions in line with internal policies. You may also contact your local data protection authority with questions and complaints.
Changes to the Privacy Statement
This Privacy Statement may change. If we make material changes or changes that will have an impact on you (e.g., when we start processing your personal data for other purposes than set out above), we will contact you prior to commencing that processing.
Version/Date: v1.0, January 2024