Privacy Policy

Safeguard B.V. and Safeguard Nederland B.V. (hereinafter: "Safeguard"), established at Stationsplein 3, 4811 BB Breda and registered with the Dutch Chamber of Commerce under numbers 63968223 and 68511248, attach great importance to the protection of personal data. In this privacy statement we explain which personal data we process, in what capacity we do so and what your rights are. Do you have any questions? Please contact us at fg@safeguardapp.nl

Safeguard's role
Depending on the context, Safeguard acts in two different capacities under the GDPR, and it is important to understand the distinction between them.
When providing the Safeguard services to customers, Safeguard acts as a processor. This means that the customer, as the data controller, determines the purpose of and the means for the processing of personal data of their employees. Safeguard processes that data exclusively on behalf of and on the basis of instructions from the customer.
For its own business operations, such as marketing, handling contact requests and placing cookies on its website, Safeguard acts as a data controller. In that case, Safeguard itself determines the purpose of and the means for the processing.

Safeguard's customers
If your organisation uses the Safeguard services, Safeguard processes personal data of your employees exclusively for the purpose of performing the agreement. This concerns data that is necessary for automatic attendance registration, alerting in the event of emergencies, communication during an incident, and reporting and evaluation afterwards.
A complete overview of the personal data processed, the purposes, the engaged sub-processors and the applicable retention periods is set out in Annex 1 to the data processing agreement. This can be consulted here.
Safeguard concludes a data processing agreement with all customers, which forms an integral part of the General Terms and Conditions.

Users of the Safeguard services
Are you an employee using the Safeguard services? In that case, the organisation you work for is the data controller for the processing of your personal data within the service. As the data controller, your organisation has instructed Safeguard to deploy the services and is responsible for compliance with the GDPR towards you as a data subject. 
Do you want to know which data is processed about you, or do you wish to exercise your GDPR rights such as access, rectification or erasure? Please address your request to your organisation. Safeguard cannot handle such requests independently, but will support your organisation where necessary in carrying them out.

Prospective customers
For prospective customers, Safeguard acts as a data controller. This applies in the following situations.
Commercial communication and contact requests. When you request a demo, request a price indication or otherwise contact us via our website, we process your name, e-mail address, telephone number and company name. We use this data to respond to your request and to inform you about our services and offers. The legal basis is our legitimate interest, namely being able to respond to contact requests and bringing our services to the attention of organisations that wish to improve safety in the workplace. We retain this data for a maximum of two years after the last contact moment. You can unsubscribe from commercial communication at any time via the unsubscribe link in our e-mails.

Website and cookies
Our website uses cookies. We distinguish three types:

  • Functional cookies are necessary for the operation of the website and for storing your cookie preferences. We use Cookiebot for this. We place these cookies on the basis of our legitimate interest. 

  • Analytical cookies are used to measure the use of our website and to analyse the effectiveness of page elements. We use Google Analytics (GA4) and Hotjar for this. We place these cookies exclusively on the basis of your consent. 

  • Marketing and advertising cookies are used to display targeted advertisements and to track conversions. We use Google Ads, Microsoft Advertising (Bing Ads), Meta (Facebook Pixel), LinkedIn (LinkedIn Insight Tag) and Pipedrive for this. We place these cookies exclusively on the basis of your consent.

You can adjust your cookie preferences or withdraw your consent at any time via our cookie banner or your browser settings. The withdrawal of consent has no retroactive effect. Please note that disabling certain cookies may affect the functioning of our website. The default setting is that only the functional cookies are enabled.

Sub-processors
For the provision of its services and business operations, Safeguard uses a number of sub-processors. Data processing agreements have been concluded with all sub-processors. All personal data is processed within the European Economic Area (EEA).

  • Amazon Web Services (AWS): Safeguard uses AWS for the storage and infrastructure of the Safeguard services. The data is stored in Ireland. 

  • Intercom: used for support communication with users and prospective customers. The data is stored in Ireland. 

  • Pipedrive: used as a CRM system for managing contacts and commercial communication. The data is stored in Ireland. 

  • Bird B.V.: used for sending SMS messages for notifications and emergencies. The data is stored in the Netherlands.

A complete and up-to-date overview of all sub-processors in the context of the services provided to customers is included in Annex 1 to the data processing agreement, which can be consulted here.

Security
Safeguard takes the security of personal data seriously and implements appropriate technical and organisational measures to protect your data against loss, unauthorised access or unlawful processing. These measures include, among others, multi-factor authentication, access to data on the basis of the need-to-know principle, detailed logging and monitoring, encrypted connections and an outsourcing policy with confidentiality obligations for all parties that process data on our behalf.
Safeguard's employees are bound by confidentiality and only have access to personal data to the extent necessary for the performance of their duties.
Safeguard applies the principles of privacy by design and privacy by default. This means that privacy protection is built into our services from the moment of design, and that the default settings always offer the highest level of protection.
In the event of a data breach, Safeguard follows an internal notification procedure. Where Safeguard acts as a processor, it will notify the data controller without undue delay and in any event within 24 hours of discovery, so that the controller can assess whether notification to the Dutch Data Protection Authority and/or the data subjects is required. Where Safeguard itself acts as the data controller, data subjects and the Dutch Data Protection Authority will be informed where legally required.
Safeguard is certified under the following international standards:

  • ISO 27001: for information security, meaning that we demonstrably comply with international requirements for managing information security risks. 

  • ISO 27701: an extension of ISO 27001 specifically focused on privacy management and the secure processing of personal data. 

  • ISO 9001: for quality management, meaning that our processes are structurally monitored and improved.

A detailed overview of our security measures is available on our documentation page.

Your rights
Under the GDPR, to the extent that Safeguard acts as a data controller, you have the following rights:

  • Right of access to the personal data we process about you 

  • Right to rectification of inaccurate or incomplete data 

  • Right to erasure, also known as the right to be forgotten 

  • Right to restriction of processing 

  • Right to data portability 

  • Right to object to processing based on legitimate interest

You can submit your request via fg@safeguardapp.nl. To prevent misuse, we may ask you to identify yourself. We will respond to your request within one month.
Safeguard does not use automated decision-making or profiling that produces legal effects concerning data subjects or similarly significantly affects them.

Complaints
Are you not satisfied with the way Safeguard handles your personal data? You can file a complaint with the competent Dutch supervisory authority, the Dutch Data Protection Authority, via https://www.autoriteitpersoonsgegevens.nl

Changes
This privacy statement may be updated from time to time. In the event of changes, we will inform you by e-mail. The last update was on 25-06-2026.