Your business and your privacy

Privacy and your privacy are hugely important to us. Below you can read more about what we do with your data and what you, as a business owner, can do to ensure your privacy at all times.

See also our transparency statements

Your company and privacy

As an entrepreneur, your company data are included in the Crossroads Bank for Enterprises (CBE).  GraydonCreditsafe uses this data to provide reliable business information to companies and public authorities. As such, your data are also included in the GraydonCreditsafe database. GraydonCreditsafe believes that transparency strengthens trust between business partners. When organisations have a clear understanding of the opportunities available to them and the risks they face, collaboration occurs, agreements are made, and ideas grow into reality.

To achieve this, we have also included data about your business in our database. This data may contain (business) Personal Data, and this is subject to privacy legislation (General Data Regulation – AVG / GDPR).

(Business) Personal data can be, for example, the company name, the name of the owner and the address of the company. Is your company a corporation? If so, we may also have the names of the directors in our database. Would you like to know what we process about your company? Then, contact us at gyd-gdpr-be@graydoncreditsafe.be, and our staff will be happy to help you.

Your company and your privacy

Your privacy and data security

What does GraydonCreditsafe do to safeguard your privacy rights?

Is my data safe with you?

At GraydonCreditsafe, we value your privacy. To ensure this, we have a team of privacy experts who work organisation-wide and a Data Protection Officer who watches over your privacy rights.

GraydonCreditsafe also trains internal employees. This way, we ensure that our employees handle your data carefully and according to the law.

We protect your business data very well and carefully. But at the same time, we make sure it gets to the right places so that you can do business safely and securely.

Privacy and diligence are also important for you in your daily business. Therefore, make sure you also know your customers and suppliers. And know who you are doing business with.

It goes without saying that reliability, care and security are paramount when processing your data. We have, therefore, taken appropriate organisational and technical measures to secure your data. In doing so, our information security is certified to ISO standard 27001, the globally recognised standard for risk management in relation to data processing. We will also not keep your data for longer than necessary to fulfil our purposes, unless we need to keep your data to comply with a legal obligation or if there is a dispute.

Want more information about our security? Then, be sure to take a look at our website. Furthermore, you can also find here the necessary certificates.

Data governance

Processing data involves great responsibility. At GraydonCreditsafe, we watch over the secure and effective management of our data. It includes issues such as security and privacy, integrity, usability, integration, compliance, availability, roles and responsibilities and the overall management of internal and external data flows within our organisation.

Would you like to know more about our data governance? Then, click here.

What does GraydonCreditsafe do to safeguard your privacy rights?
Is my data safe with you?

Our information letter

If you established your company as a sole trader and registered it with the CBE, you will have received a letter from us. Through this letter, we inform you in advance that your details have been included in our database. As the only one within the business information industry, we inform you this way (on top of our privacy statement, LinkedIn, website, ...) that we will process your business personal data. The purpose of this letter is to meet your right to information. In fact, as a business owner, you have the right to know what happens to your data. This does not only apply to GraydonCreditsafe, but whenever a third party processes your data, without you providing it yourself, you should be informed.

Your rights

We care about your privacy rights. Below, we are happy to describe the rights you can invoke as part of our services. Do you have any questions about your privacy rights? If so, please contact us.

Inspection

Change

Being forgotten/oblivion

Objection

You have the right to know what data we process in relation to your company. To do so, please contact us at gyd-gdpr-be@graydoncreditsafe.be. We will then send you an overview of the data we process about your company.

You have the right to have your data amended if it is incorrect. Do you believe the details about your company are incorrect? If so, be sure to contact us. We will then gladly adjust the incorrect data.

You have the right to be "forgotten" in our database and thus have your data deleted. For our "Prospecting" service, this is an absolute right, and, at your request, we will no longer use your data for direct marketing purposes.

For our other services, this is not an absolute right and GraydonCreditsafe uses a legitimate interest to be allowed to process your company's data. To this end, we have carried out a general balancing of interests prior to this, carefully weighing your interest as a data subject against the legitimate interest of GraydonCreditsafe and its customers.

Of course, in your case, your personal interests may outweigh the interests of GraydonCreditsafe and its customers, requiring us to proceed with the deletion of your data. Do you think your interests outweigh this? Then contact us so that we can redo the balancing of interests. For this, we do need your specific (individual) interest to redo this balancing. So be sure not to forget to add these.

Any company may send you advertising, obviously within the applicable laws and regulations. If you do not want this, you have the right to object. GraydonCreditsafe will then also remove your company from its database for direct marketing purposes. Please contact us for this at gyd-gdpr-be@graydoncreditsafe.be.

You may also wish, due to personal circumstances, not to be included in the GraydonCreditsafe database. For example, this may be because your profession threatens you at your private address that is also your business address. You can then object to inclusion in our database.

To avoid misunderstandings: you only need to indicate what your specific personal circumstances are in this case, so that GraydonCreditsafe can further consider your request. If you would like more comprehensive information on all rights, please look at our Privacy Statement at the bottom of the page.

Inspection
Change
Being forgotten/oblivion
Objection

Preventing abuse

It is important to note that we do NOT process National Register data. So, you can rule out identity fraud through the processing of your company data at GraydonCreditsafe. There is no need for you to worry about that.

Do you feel that your data could end up in the wrong hands? We are happy to relieve you. Contact us so we can help you further.

Your company and your privacy - preventing abuse

FEBIS

FEBIS stands for Federation of Business Information Services. It is an international organisation representing companies and institutions engaged in providing business information, such as credit information, risk analysis, business reports and other related services.

FEBIS's main objective is to represent the interests of companies in the business information and credit reporting sector.

FEBIS aims to contribute to a sound and transparent business environment, where reliable information plays an important role in minimising risks and promoting economic growth.

You can find more information on how FEBIS works here.

Furthermore, FEBIS and its members have drafted a "Joint Impact Statement". The purpose of this statement is to explain who business information providers are, what value they add to business information, and how they contribute to a more secure and transparent economy. You can download this statement here.

Q&A

The AVG/GDPR, what exactly is it?

The General Data Protection Regulation (AVG/GDPR) is a European legislation that came into force on 25 May 2018. Designed to protect the privacy rights of individuals within the European Economic Area (EEA), the AVG imposes strict rules on companies, organisations and governments that process personal data.

What does GraydonCreditsafe do?

GraydonCreditsafe is a company focused on providing business intelligence, credit ratings reports and risk management solutions. GraydonCreditsafe was formed from the merger of Graydon and Creditsafe, both companies with a long history in the business information and credit reporting sector. These services enable companies to make informed decisions, mitigate risks and strengthen business relationships.

GraydonCreditsafe is part of the Creditsafe group. With now 25 offices across 3 continents, Creditsafe is a global player in business information. Click here for more information on Creditsafe.

Why do companies use business information and how important is business information?

Business information is crucial for a healthy economy. Without business information, companies cannot assess business risks and could result in:

  • either less risk-taking leaving a lot of business potential unused (and thus a drag on the economy)
  • or a lot of risk is taken, resulting in bankruptcies or even a crisis.

Business information allows companies to make balanced decisions to reduce risk.

1. Assessing creditworthiness

  • Risk management: Business information provides insight into a company's financial health. This helps companies evaluate risk before extending credit or entering a new business relationship.
  • Avoiding defaults: By assessing the creditworthiness of a potential customer or supplier, companies can reduce the risk of default or bankruptcy.

2. Trustworthiness of business partners

  • Background verification: Business information helps to check the credibility and background of potential business partners, allowing companies to minimise the likelihood of working with fraudulent or untrustworthy parties.
  • Compliance: Companies can ensure that they comply with laws and regulations by checking whether their business partners comply with relevant laws and standards, such as anti-money laundering regulations.

3. Strategic planning

  • Market analysis: Trade intelligence provides insights into market trends, competition and customer behaviour, which is essential for strategic planning and identifying growth opportunities.
  • Competitive analysis: By collecting data on competitors, companies can adjust their strategy to become more competitive in their market.

4. Investment support

  • Due diligence: In acquisitions, mergers or investments, business information is crucial to conduct thorough due diligence. This helps to identify potential problems or hidden risks before completing a transaction.
  • Assessment of returns: Investors can analyse a company's performance to better understand the potential returns and risks of their investment.

5. Operational efficiency

  • Supplier management: Trade intelligence helps to evaluate suppliers based on their reliability, financial stability and performance, which is essential for minimising operational risks.
  • Customer relationship optimisation: By understanding their customers, companies can optimise their accounts receivable management and improve cash flow.

6. Avoiding legal and reputational risks

  • Avoiding legal disputes: Business information can help companies avoid legal problems by ensuring that they work with reliable and compliant partners.
  • Protecting corporate reputation: By carefully choosing who they do business with, companies can protect their reputation from the negative consequences of association with untrustworthy or fraudulent parties.
Can my data simply be found publicly?

No, your data and your business information report are purchased by our customers via a portal that is well secured. This is therefore not simply publicly accessible.

What is personal data?

Personal data is any data relating to an identified or identifiable natural person. A person is identifiable if he or she can be directly or indirectly identified, for example by a name, an identification number, location data or online identifiers such as an IP address. So, anything that is traceable to a person. Sometimes it can also be through a combination of data. For example, a first name alone will not be enough to identify someone in a large group of people where many people have the same first name. But add age, for example, or surname, and you do identify that particular person.

What is business information?

Business information is detailed information about companies and their business activities. This information is collected, analysed and used by companies, financial institutions, credit rating agencies and other stakeholders to understand a company's performance, reliability and financial health.

Elements of business information:

1. Financial information (financial statements, credit score, ...)

2. Company profile (company name, legal form, address details, directors, ...)

3. Payment behaviour (information on how consistently a company pays its bills on time or not)

4. Sector and market information:

Market trends: Data on the sector in which the company operates

Competitive analysis: Comparison with other companies in the same industry.

And what about my data?

If you have set up a sole proprietorship, your data will also be included in our database. This is your company data as you have provided it to the Crossroads Bank for Enterprises. A report will then also be made of your company.

Your company is also important in economic transactions. For example, if you submit an application to an energy supplier, connect your telephone to a network manager, apply for a loan from the bank or purchase office supplies, these suppliers will probably also use business information before entering into a business relationship with you. It is therefore important that your company is found to prevent doubts in your business relationship (this can, for example, lead to the best payment conditions).

How can GraydonCreditsafe help me?

Business information is for everyone. Whether you have a sole proprietorship or a BV, business information supports you when you do business. Informing yourself well in advance about your business partner will also limit your financial risks and help you to grow your business healthily. You can also request a report from us about your business partners. We are happy to help you and can also advise you, where necessary.

Product privacy notice

This document describes how GraydonCreditsafe Belgium NV (hereafter “Creditsafe” or “us” or “we”), uses and shares personal data we receive about your business within its products and services.

Understanding what personal data we hold and how we use it is important as the data protection law governs the way this data can be used and what rights you have.

Who is Creditsafe?

Creditsafe has the largest wholly owned database in the industry, providing accurate and reliable data to over 500,000 subscribers across the globe. Our global database contains insights on more than 365 million businesses, directors and shareholders worldwide.

We gather data from our local, trusted partners and combine it with our scoring algorithm, resulting in the superior data powering our complete business solutions product suite. 

Creditsafe is the founder and administrator of a global network of leading commercial credit reference agencies. We have live data streams for over 70 countries, working with partners that are recognized market leaders in each country for online database reports. By using local providers wherever possible, we are ensuring niche knowledge is streamed into our data and updated on a regular basis.

How can I contact Creditsafe?

GraydonCreditsafe Belgium nv can be contacted at:

Uitbreidingstraat 84/1, 2600 Berchem, België
E-Mail: support@graydoncreditsafe.be
Website: https://www.creditsafe.com/be/nl.html
Telephone: +32 3 280 88 00

You can reach our Data Protection Officer as follows:

Caspian Point One,
Pierhead Street,
Cardiff,
CF10 4DQ
E-mail: dpocsgroup@creditsafe.com
Tel: +44 (0) 2920 886 500

In accordance with Article 27 of the GDPR we have appointed an EU representative. The contact information is as follows:

Creditsafe Ireland Limited
Block B Joyce’s Court,
Talbot Street,
DUBLIN 1
E-Mail:  eudpo@creditsafe.com
Website: https://www.creditsafe.com/ie/en.html
Telephone: 01 898 3200

Where does Creditsafe’s data originate from?

The data comes from public sources such as commercial registers (for example the KBO), insolvency publications and the register on defaulting debtors, which is kept at central enforcement courts as well as from contractual business partners of Creditsafe.  Information on payment behaviour and special payment agreements are provided by business partners of Creditsafe. Creditsafe uses the same raw data to feed all of its business information products.

Personal data is also processed by us where we receive information from contractual business partners that may rely on consent to share data. You can revoke your consent at any time with the source. This has no retroactive effect. However, due to your revoked consent, we are then no longer allowed to process your data.

In addition, verifiable information you as the data subject decide to provide can be used to update your organisation’s credit reference information.

What data does Creditsafe process and for which purposes?

Business information

Creditsafe processes business related information regarding the financial standing and creditworthiness of businesses, and other organisations, so that businesses can manage their financial risks. Creditsafe uses its proprietary scoring systems to analyse key statistical metrics to determine the financial stability of a company. It provides a credit report that includes information on a company’s group structure, annual accounts, trading locations, CCJ information and Company registry documentation. This information can be monitored and updated whenever there are changes made.

The aim of a creditworthiness check is not only to avoid losses in the (trade) credit business but also to protect borrowers from over-indebtedness.

What data is used for creditworthiness scoring?

The information provided by us often includes so-called creditworthiness assessments (scores), which uses information and assessments from the past to generate a forecast of solvency and payment default probabilities. The scoring is based on the information we have on file for the respective person or business entity.

The following categories of data may be used for the scoring:

  • data on the size of the organisation
  • industry type
  • age of a company
  • number of employees
  • payment behaviour
  • accounting information, e.g. balance sheet, profitability statements and contingent liabilities
  • corporate links
  • address-related data (publicity of address and name at the address), address data (information on non-conforming payment behaviour in the address environment)
  • information gathered from contractual partners of Creditsafe.    

Ledger Management

Creditsafe’s clients provide its 3D Ledger and Ledger Insights products with their own accounts receivable ledger data. Creditsafe then combines it with its live international business data and over 300 million trade payment experiences to provide it with the means to prioritise its collections and gives a view of the risk of default.

Compliance Checks

Creditsafe provides checks on businesses and individuals for the following compliance reasons:

  • Fraud Prevention 
  • Anti-Money Laundering
  • PEPs and Sanctions checks, 
  • Identity and KYC checks
  • Tracing missing persons
  • Compliance Alerts

These products take the name of the business, the names, country of residence and date of birth for current directors of the business and any ultimate beneficial owners and screens them against various anti-money laundering sources, such as global sanctions regimes, national law enforcement agencies, political exposed persons lists and AML relevant adverse media.  

It should be noted that the product displays possible matches. It is up to the client to investigate further to either confirm or reject the match.

Exceptions 

Exceptions is the interpretation and notification to clients of existing data measures but analysed in a way that may suggest an activity, or event, that may require further investigation. Examples might include: 

  • Company changes address 3 times in 6 months. 
  • Duplicate accounts are filed with the national registry. 
  • Change in management shortly after registration. 
  • Resumption of activity after bankruptcy
  • The company is obliged to file annual accounts but does not file.

Data that sits in Creditsafe’s global databases is analysed against a set of defined global and local rules to highlight anomalies that may warrant further investigations. The alerts that are created will be communicated to the client by the Connect API, or by customisable notifications by email. It is then up to Creditsafe’s customers to decide to investigate further and, if necessary, take further actions.

Data Matching and Enrichment

Creditsafe receives business information data from a number of sources, as indicated above, and then uses its proprietary algorithms and technologies to cross reference, match and append this data, thereby providing a more complete picture of any organisation or company director and shareholder. Typically the data provided is restricted to Director name(s), director’s date of birth (month and year), business address, website addresses and business telephone numbers as well as basic financial information about the companies, including a credit score.

Prospect Lists

Creditsafe uses the business information data gathered from a number of sources, as indicated above, and then sorts this data to provide its customers with a list of businesses that match their own criteria. Typically the data provided is restricted to the Company name, business address, website addresses, business telephone numbers, director name(s), director’s date of birth (month and year), as well as basic financial information about the companies, e.g. revenues, as well as a credit score.

News Search

Creditsafe provides its clients with the ability to search for newspaper articles and other media sources that reference the companies, or directors, that they are interested in trading with. Data is inputted by the client and Creditsafe uses a powerful search engine to source relevant articles.

What categories of business information data does GraydonCreditsafe process?
  • Data on Individuals, for example name, given name, date of birth, place of birth, address, previous addresses, business address, business email-addresses and telephone numbers.
  • Due Diligence Information, for example information to indicate if there is a possible connection to a criminal offence, a Politically Exposed Person (PEP), appearance on a Sanctions list or there is an adverse media story connected to a name that is the same, or very similar, to a director’s name.
  • Information on debts, payment behaviour.
  • Creditworthiness and financial information.

Special categories of personal data as specified in Article 9 GDPR (e.g. ethnic origin, health data, or data on political or religious attitudes) are neither processed nor taken into account in the calculation of credit scores. 

What is the legal basis for Creditsafe to process the business information data?

The legal basis for the processing of personal data is Legitimate Interest, Art. 6 (1) (f) GDPR. As a business information specialist, Creditsafe fulfils an important role in economic traffic, by providing business information, Creditsafe helps its clients to estimate certain business-related risks, create new business opportunities, and comply with legal requirements and monitoring duties. Creditsafe’s aim, as such, is to help organisations to make business decisions based on accurate, reliable, and complete business information. In this way, Creditsafe contributes to the certainty and reliability of economic traffic and the development of a healthy economy. The purpose of this processing is to enable businesses to manage their financial risks, protect against fraud, know who they are doing business with, meet compliance and regulatory obligations and better understand organisations, industries and markets. We also licence or sell professional business contact information to authorized resellers or organisations for marketing and data management purposes.

Information is only provided if the respective contracting party has substantiated a legitimate interest in obtaining the information (for example, in the course of an envisaged business transaction which entails the granting of credit for which there is a risk of default) and provided that there is no outweighing interest of the individual. This is confirmed in Creditsafe’s Terms and Conditions which every client must sign.

Who does Creditsafe share data with?

Recipients of the business information data are customers of Creditsafe, who need to assess the creditworthiness of the potential customers before establishing a business relationship with default risk. We also share business information data with other third-party business data partners, including other credit reporting agencies.

We transfer business information data to third parties which process the data on our behalf as a service provider bound by contracts pursuant to data protection law.

We transfer contact information (postal addresses and telephone numbers) to contracted parties for marketing purposes, as long as you have not objected against the processing of your data for marketing purposes.

Finally, personal data is also transmitted to members of the Creditsafe group of companies.

Where is the business information data stored?

Business Information data is stored on servers in the UK and the EU.

How long does Creditsafe store business information data?

We store personal data only for as long as necessary to achieve the purposes described above.  We may hold data in an archived form for research and development, analytics and analysis, or for audit purposes, and as appropriate for the establishment, exercise or defence of legal claims. The criteria used to determine the storage period will include the legal limitation of liability period, agreed contractual provisions, applicable regulatory requirements and industry standards.

Is data transferred to a recipient outside of the UK, European Union, or the European Economic Area?

Where personal data is provided to clients, contractors or group companies outside the United Kingdom, the European Union or the European Economic Area, i.e. to so-called third countries, this takes place taking into account the requirements of the GDPR to recipients in countries with adequate data protection levels (Art. 45 GDPR), or to those recipients with whom EU Standard Contractual Clauses and the ICO’s International Data Transfer Agreement Addendum have been signed (Art.46(2)(c) GDPR) and once Transfer Impact Assessments have been concluded. 

What are your rights as a data subject?

According to Art. 15 GDPR you have the right to obtain information regarding all data we stored about you.

In the event that you discover outdated or incorrect information about yourself, you have the right in accordance with Art. 16 GDPR to have it updated and corrected by us at any time. However should your data have been sourced from a public registry, then you will be advised to have the data corrected at the source. This is because Creditsafe’s databases are automatically updated and therefore any changes that Creditsafe makes will be overwritten by the information from the registry. 

Furthermore, in accordance with Art. 17 GDPR, you may also have the right to have your personal data deleted provided that we have no right or authority to further process the data.

Under the conditions set out in Art. 18 GDPR, you have the right to restrict the processing of your personal data.

According to Art. 21 (1) GDPR you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data.

If you object we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.

In addition, pursuant to Art. 21 (2) GDPR, you may also object against the use of your data for direct marketing purposes. In this case, we will no longer use your personal information for marketing or advertising purposes.

Please direct all data subject rights requests to the contact address found at the top of this page.

Is your data used for automated decision making?

In principle, we do not make any automated decisions within the meaning of Art. 22 GDPR on the conclusion of a legal transaction or its terms (such as offered payment methods, payment conditions or interest), but support our contractual partners only with information to assist in the relevant decision-making. The risk assessment and assessment of the creditworthiness of a person or a company for a particular transaction is carried out solely by the contractual partners of Creditsafe.

Where can you raise a complaint?

Please direct all complaints to the contact addresses found at the top of this page.

In addition, you have the right to contact the Belgian supervisory authority: GBA (Gegevensbeschermingsautoriteit). You can do this via this link

Do you have an obligation to share or update data?

You do not have to provide any data when we ask you. However, if you do not provide any information, your information will not be taken into account when determining scores. 

Will your data be used for profiling and/or scoring?

The information we provide often includes so-called credit ratings (scores), which use past information and assessments to generate a forecast of solvency and probability of default. The scores are based on the information we have on the company in question.

The following categories of data can be used for scoring:

  • data on the size of the organisation
  • company type
  • age of company
  • number of employees
  • payment behaviour
  • accounting information, e.g. balance sheet, profitability statements, debts
  • company links
  • address-related data, address details (e.g. address environment)
  • information collected from Creditsafe's contractual partners 

This Product Privacy Notice was updated in May 2024.