Marketing Data Transparency Notice

Creditsafe Business Solutions Limited Transparency notice for business information data.

Transparency Notice for Business Information Data
pursuant to Art. 13/14 and Art. 21 General Data Protection Regulation  (GDPR)


Creditsafe Ireland Limited  (hereinafter "Creditsafe“ or "we“, "us“)

Who is the responsible Controller for the Data?


Who can I turn to?


Name and address of Data Controller:

Creditsafe Ireland Limited

Unit 1H, Block 71

The Plaza, Parkwest Facilities Complex

Nangor Road

Dublin 12

Tel.: 01 898 3200

You can reach our Data Protection Officer as follows:

Caspian Point One

Pierhead Street


CF10 4DQ

Tel.+44 (0) 7808 245896        

Which categories of Data does Creditsafe process for which purposes?

We save and process personal identifiable information for our internal marketing purposes.

We process the following categories of personal data:

·          Data on Individuals associated with businesses like e.g. name, given name, date of birth, place of birth, residential address, previous addresses, business address, business email-addresses and phone/fax numbers

·          Related business information like e.g. industry, business type, financial worthiness, payment behavior and settlement of claims


Special categories of personal data in the sense of the Art 9 GDPR (e.g. nationality, ethnic origin, health data or data on political or religious attitudes are not processed for this purpose.

The personal data may be held and processed with customer relationship management systems operated by Creditsafe for prospect and customer management purposes.

Where does the data originate from?

The data comes from public sources such as the commercial register and third party data suppliers, which will have obtained the data from you in the course of their business. We also collect personal data via our website, for example, when you submit a request for information, a free report or trial, or otherwise contact us.

We also collect usage information on our website via cookies and analytics providers. More information regarding this is available in our Privacy Policy and Cookies Policy, accessible via our website.

What is the legal basis for processing the data?

The legal basis for the processing of personal data is the General Data Protection Regulation, in particular Art. 6 (1) (f) GDPR, which permits processing for the protection of the legitimate interests of the controller or third parties, unless there is an outweighing interest of the person concerned which prohibits such processing. In particular, we rely on legitimate interests on the basis that a business has made its details available and it is for the benefit of all businesses that marketing is facilitated, as envisaged by recital 47 of the GDPR.

For businesses that do not wish to receive marketing, there are legitimate means to prevent it, including not supplying the details for inclusion in business registers, objecting to direct marketing under the GDPR, and/or registering with the TPS/CTPS under the Privacy and Electronic Communications Regulations (PECR) and Creditsafe is fully compliant with such requirements.

Who do we share your data with?


Where is personal data stored?

Creditsafe may share personal data with third party suppliers of Creditsafe in order to provide services in connection with Creditsafe’s marketing activities, including marketing due diligence, data enhancement, and marketing analytics. All such suppliers will be subject to contractual obligations which meet data protection requirements.

Personal data may also transmitted to other members of the Creditsafe group of companies for their own marketing purposes, for example in the case of a prospect which is outside of the UK & Ireland.

Personal data is stored on Creditsafe servers in the EU.

Is data transferred to a recipient outside of the European Union or the European Economic Area (i.e. a so called third country) or an inter­national organization?

Where personal data is provided to contractors or group companies outside the European Union or the European Economic Area, i.e. to so-called third countries, this takes place taking into account the requirements of the GDPR to recipients in countries with adequate data protection levels (Art. 45 GDPR) or to those recipients with whom EU standard contractual clauses have been concluded (Art. 46 (2) (c) GDPR).

How long does Creditsafe keep the data?

We store personal data only for as long as necessary to achieve the purposes described above.  We will archive personal data after 6 years unless there is a business justification for continued use. We may hold data in an archived form for things like research and development, analytics and analysis, for audit purposes, and as appropriate for establishment, exercise or defence or legal claims. The criteria used to determine the storage period will include the legal limitation of liability period, agreed contractual provisions, applicable regulatory requirements and industry standards.


What are my rights as a Data Subject?

Where can I raise a complaint?

According to Art. 15 GDPR you have the right to obtain information regarding all data we stored about you.

In the event that you discover outdated or incorrect information about yourself, you have the right in accordance with Art. 16 GDPR to have it updated and corrected by us at any time.

Furthermore, in accordance with Art. 17 GDPR, you may also have the right to have your personal data deleted provided that we have no right or authority to further process the data.

Finally, under the conditions set out in Art. 18 GDPR, you have the right to restrict processing of your personal data.

Please direct any inquiries for information about the data we store about you, their rectification, deletion or restriction of processing, to the contact address mentioned in point 1.

In addition, you are entitled to the right of objection pursuant to Art. 21 GDPR. Please see the separate information box below.

In addition, you can contact our supervisory authority, the Data Protection Commissioner.

Do I have an obligation to share or update data?

You do not have to provide any data when we ask you.

Is there any automated decision making?

We do not make any automated decisions within the meaning of Art. 22 GDPR.

Is my data used for Profiling and/or Scoring?

Not for the purposes set out in this transparency notice. Please see our ‘product information’ transparency notice for more information on our profiling/scoring activities.

Right to object according to Art GDPR:

1. Right to object on grounds relating to the particular situation:

According to Art. 21 (1) GDPR you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data.

If you object we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms (e.g. to assert or defend ourselves against legal claims)

2.  Right to object against marketing:

In addition, pursuant to Art. 21 (2) GDPR, you may also object against the use of your data for direct marketing purposes. In this case, we will no longer use your personal information for advertising purposes.

An objection does not require a particular form and should be directed to the address stipulated in paragraph 1.