Web-IQ offers services that enable our customers to search public data from the internet and use this for their own objectives. We work primarily for customers who are active in the field of security, justice, risk assessment and fraud prevention and who use our services to make the world a better and safer place.

To make this possible, Web-IQ collects publicly available data from various online sources, such as social media, news sites, marketplaces, blogs, forums and the dark web. This may include your personal information. We may collect the following information: name, address, postal code, city, region, country, and social media profiles. Web-IQ does not however collect any protected information.

Web-IQ collects publicly available data because the processing is necessary to improve the quality of our services and to improve the minimisation of data collection. Furthermore, publicly available data is also collected on behalf of our customers in which case the collection process is limited to data that contributes to their information needs. This means that in terms of the GDPR, Web-IQ acts as a controller as well as a data processor.

In addition, Web-IQ enables customers to install and operate Web-IQ software themselves on their own servers. As part of this, customers may capture public data from the internet or dark web onto their own systems, potentially including your personal data. We help our customers to comply to the privacy and data protection regulations for their situation by providing software that allows them to control and limit what data is being collected, how long the data is stored and who and how the data can be accessed.

In our agreements with our customers, we state that our customers may only use our services, data and products in a lawful manner that respects all applicable privacy aspects. Web-IQ will not do business with organisations that are related to countries, individuals or groups on the European Union Sanctions list.

We also use personal data from our customers, business contacts, web site visitors and people who signed up for our newsletters. More detailed information about how we use personal data can be found below.

‍

If you become our customer or partner, we may collect personal information about you or your employees, like names, email addresses and telephone numbers. We also process payment information and other information we need from your business to offer you our services. We process this data to execute our agreement with you. We use this information only to contact you and fulfill our contractual obligations. We will not share this information with other customers nor third-parties without your consent and we will make sure that this information is protected properly. We store this information during the time we have an agreement with you and up to 12 months, or longer if necessary, after we end this agreement. Some information is stored longer due to the legal retention period.

Customers that sign up for our services need to provide a valid email address to create an account. After an account is created, you can log in to your account using your username or email address and password. We process this data to execute our agreement with you. We will use your email address only to send you monitoring alerts and other automated system notifications (that you opt in for) and system maintenance updates. Your email address will never be disclosed to third-parties, nor will it be used for promotional or commercial purposes by Web-IQ without your prior consent. Web-IQ does not actively collect nor monitor your navigational actions (like queries and clicking on items of interest). However, this information, including personal information like your IP address can appear in the log files of our underlying services. Log files are kept for a limited period (30 days) and only for support and maintenance purposes. If you need more information about how we protect your case data in our services, the agreement and the terms and conditions that apply, please contact us at info@web-iq.com. We store this information during the time we have an agreement with you and up to 12 months, or longer if necessary, after we end this agreement. Some information is stored longer due to the legal retention period.

In a similar way to how search engines work, Web-IQ searches and stores public data from the internet and the dark web. As part of this, we may capture your personal information which is publicly available. We only collect public data. This is data that is actively shared online at places such as social media, news sites, darknet marketplaces, blogs and forums and can be found with a standard internet search engine or by visiting the relevant site on the internet or dark web. We have designed our services with privacy in mind:

• We do not collect data that is protected or shared in private.
• We aim not to collect nor store data when there is no specific reason to do so. We search and collect data that is required to answer the questions from our customers and to improve the quality of our service and minimise data collection.
• We do not store data collected to improve the quality of our services longer than needed. Although the retention period may vary per case, all information will be deleted after two years from the date it was collected.
• We do not store data collected on behalf of our customers longer than needed. Some use cases, such as discovering trends over time and reconstructing events from the past, require us to store the collected public data for a longer period. Other use cases, like most of our risk and fraud detection services keep the collected data in memory for only a few seconds but never store any data on disk or in a database at all. We will delete data when the contract with our customer ends.
• We aim to anonymise the data as much as possible, although this might not always be possible given the use cases of our customers.
• We do not share the collected public information with third parties aside from data collected on behalf of our customers.
• We have implemented best practices and guidelines that ensure privacy and information security in our organisation, such as separation of environments, encryption of documents and communication, access control, incident reporting procedures, monitoring and audits. Web-IQ is ISO27001:2022 certified.
• We work with well-known partners located within the European Economic Area who have the appropriate certifications and approvals.
• We will always be open about our intended use of the data and we will inform our customers about how we have collected the data, so our customers can make sure that the way they use the data on their side is lawful and respects privacy.
• We will make sure that all data that is collected is linked to the original source, so the information can always be placed in its original context.
• When requested by an individual we will disclose all public information held on that individual if Web-IQ is Controller in that specific case. A GDPR request for personal data can be done by filling out our GDPR request form, which can be found here. In cases where Web-IQ is Processor, the request will be forwarded to the Controller. Please note: Web-IQ is processor in the case of its Human Trafficking Intelligence module. Any request made regarding this module will be forwarded to the relevant customer using it.

If you ask us to stop handling your personal information, we will stop unless we can show you that we have compelling grounds as to why our use of your personal information should continue. For other questions regarding your rights under the data protection laws, please contact us at dpo@web-iq.com.

‍We will endeavor to deal with any questions, requests, or complaints as quickly as possible. If you feel that we do not help you in the right way, you have the right to lodge a complaints with the Dutch Data Protection Authority. More information about submitting a complaint to the Dutch Data Protection Authority can be found at https://autoriteitpersoonsgegevens.nl.

Changes to this privacy statement

We may update this privacy statement from time to time. The latest version of this privacy statement can be found on our website. If you have any questions about this privacy statement, please contact us.

Data Protection Officer
‍dpo@web-iq.com

Web-IQ B.V.
Helperpark 278-10
9723 ZA Groningen
The Netherlands
+31 (0)50 21 11 622
‍info@web-iq.com

‍