Privacy Policy

Our Commitment to Privacy and Data Protection

Privacy Policy: FinSolConsult B.V. Last Updated: 01-02-2026 Registered In: Netherlands

1. Introduction

FinSolConsult B.V., a private limited company incorporated under Dutch law (“we”, “our”, “us”), acts as the Data Controller for all personal data processed through our website and during our services.

We provide finance, accounting, reporting, automation, advisory, and system-integration services across multiple jurisdictions. We are committed to protecting the privacy, security, and confidentiality of all information shared with us.

This Privacy Policy explains how we collect, use, store, and protect your personal and business data in line with:

1. EU General Data Protection Regulation (GDPR)

2. Dutch GDPR Implementation Act (UAVG)

3. Dutch Anti-Money Laundering and Anti-Terrorist Financing Act (Wwft)

4. Professional ethics for finance and accounting practices (e.g., ACCA standards)

By using our website or engaging our services, you agree to the terms of this Privacy Policy.

2. Data We Collect

We only collect data necessary for service delivery, legal compliance, or communication.

A. Personal Information (Provided by You)

1. Name, job title, and company information.

2. Contact details (email address, phone number).

3. Identification Data: Passport, national ID, or driver’s license copies.

4. Citizen Service Number (BSN): Collected only when strictly required by tax or payroll legislation.

Important Note on ID Redaction: When providing ID copies for identity verification (Wwft), you are permitted to redact (black out) your photo and the Machine Readable Zone (MRZ) unless we require an unredacted copy for specific verification purposes. You should always redact your BSN on these copies unless we have explicitly requested it for tax return or payroll processing purposes.

B. Financial & Operational Data (Client-Provided) Used strictly for delivering services:

1. Accounting records and financial statements.

2. ERP, BI, and accounting system data.

3. Contracts, invoices, and project documentation.

4. KPIs, dashboards, and management information.

C. Technical Information (Collected Automatically)

1. IP address, device type, and browser type.

2. Essential and analytics cookies (see Section 13).

3. Purpose of Processing

We process data only for clear, legitimate purposes:

1. Service Delivery: Accounting, reporting, automation, ERP, or finance advisory services.

2. Communication: Managing client projects and updates.

3. Compliance: Fulfilling Wwft (AML/KYC), tax, and audit obligations.

4. Quality & Risk: Internal training, quality control, and risk management.

We never sell personal data to third parties.

4. Legal Bases for Processing

We process personal data under the following lawful grounds (GDPR Art. 6 & 9):

1. Contractual Necessity: To perform the services agreed upon in our engagement letter.

2. Legal Obligation: Compliance with Wwft, Tax Law (AWR), and audit standards.

3. Legitimate Interest: For internal administration, security, and service improvement.

4. Consent: For newsletters or optional cookies (withdrawable at any time).

Special Categories (IDs & BSN): For identification documents and BSNs, processing is justified under the Dutch Implementation Act (UAVG) and GDPR Article 9(2)(g) (substantial public interest) strictly for the fulfillment of statutory duties.

5. Required vs. Optional Data (Consequences of Failure to Provide)

Some personal data is mandatory to provide our services or meet legal obligations.

1 . Mandatory Data: Identity verification documents (Wwft) and financial/fiscal records.

Consequence: If this data is not provided, we are statutorily prohibited from establishing a business relationship or performing our contractual duties (e.g., filing taxes).

2. Optional Data: Newsletter signups or dietary preferences.

Consequence: Withholding this data has no negative impact on our core services.

6. AML/KYC & Onboarding Requirements

Under the Dutch Wwft, we are legally required to:

1. Verify the identity of clients and Ultimate Beneficial Owners (UBOs).

2. Screen clients against EU and international sanctions lists.

3. Retain copies of verification documents for 5 years after the relationship ends.

We handle all AML/KYC data securely and strictly segregated from general marketing data.

7. Confidentiality & Professional Ethics

We follow strict confidentiality standards consistent with:

1. Professional accounting ethics (e.g., NBA, ACCA).

2. IFRS/GAAP documentation requirements.

3. Client NDAs and contractual confidentiality clauses.

8. Sharing of Data

We share data only with:

1. Verified Subcontractors: Consultants bound by strict confidentiality agreements.

2. Technology Providers: Secure cloud platforms (ERP, BI, email) necessary for service delivery.

3. Authorities: The Dutch Tax Authorities (Belastingdienst), FIU-Netherlands, or other regulators only when required by law.

Business Transfer Clause: If FinSolConsult B.V. is acquired, restructured, or involves a transfer of assets (e.g., merger or bankruptcy), client personal data may be transferred to the new legal owner to ensure service continuity. The new owner will be bound by the terms of this Privacy Policy.

9. International Data Transfers

When transferring data outside the EU/EEA, we ensure protection via:

1. EU Standard Contractual Clauses (SCCs).

2. Adequacy decisions by the European Commission.

3. Strict encryption and security protocols.

10. Data Retention

We retain personal data strictly for statutory periods:

1. Wwft Data (ID copies): 5 years after the end of the business relationship.

2. Fiscal/Tax Data: 7 years as required by the State Taxes Act (Algemene wet inzake rijksbelastingen).

3. General Project Data: Deleted or anonymized when no longer required for the engagement or liability periods.

11. Automated Decision-Making

We do not use automated decision-making or profiling within the meaning of Article 22 GDPR. All client acceptance decisions involving risk assessments are reviewed by human professionals.

12. Children’s Data

Our services are not intended for children under 16. We do not knowingly collect data from minors unless required for specific family-office tax services (in which case, guardian consent is obtained).

13. Cookies

We use only:

1. Essential cookies: Required for the website to function.

2. Basic analytics: Anonymous data to improve website performance. Users can disable cookies via browser settings.

14. Data Security

We implement enterprise-grade security including:

1. Encrypted data storage and transfer.

2. Two-factor authentication (2FA) for all systems.

3. Role-based access controls.

4. Regular security reviews.

15. Your Rights (GDPR)

You have the right to:

1. Access your data.

2. Correct inaccurate information.

3. Request deletion (“Right to be Forgotten”).

4. Restrict or object to processing.

5. Data portability.

Note on Statutory Limitations: Please be aware that your right to deletion or access may be limited by our statutory obligations. For example, we cannot delete data that we are legally required to hold for Wwft (5 years) or Tax (7 years) purposes. Furthermore, under the Wwft, we are prohibited from disclosing (“tipping off”) if an Unusual Transaction Report has been filed regarding a client.

Right to Lodge a Complaint: If you have a concern, please contact us first. You also have the right to file a complaint with the Autoriteit Persoonsgegevens (Dutch DPA):

1. Website: https://autoriteitpersoonsgegevens.nl

2. Complaint Form: Click here

16. Contact Details

Data Controller: FinSolConsult B.V. Amsterdam, Netherlands

Privacy Inquiries: privacy@finsolconsult.com

General Contact: info@finsolconsult.com