Privacy policy
Softcrow Trusted Electronic Services B.V.
Version: 2025, replacing the previous version
1. Introduction
Softcrow Trusted Electronic Services B.V. (hereinafter: Softcrow) processes personal data in the context of its services. In this statement we explain which data we collect, why, how we store and secure it, and what rights you have.
This statement applies to all data that Softcrow processes in the context of its escrow services.
Softcrow Trusted Electronic Services B.V.
Monitorweg 11
1322 BJ Almere
E-mail: privacy@softcrow.com
KvK: 33251600
VAT: NL8023.94.620.B.02
2. Who is Softcrow?
Softcrow is an escrow service provider. We offer continuity arrangements that allow users of software to keep using that software, even if the supplier goes bankrupt or for another reason can no longer meet its obligations.
In the context of our services, we hold data for two reasons:
- Contact details: data of our (prospective) customers, both users and suppliers of software
- Deposit: data that a supplier deposits with us as part of a continuity arrangement
3. Which data do we process and why?
Contact details
This is data we receive from suppliers, beneficiaries or other parties involved in our services, such as name, e-mail address, telephone number and office address.
We use this data for:
- Getting in touch: if you contact us via our website or otherwise, we record your details in order to answer your request
- Business communication: to communicate about agreements, services, status and progress of our services
Deposit
Suppliers of SaaS services can, as part of a continuity arrangement, place a data deposit with us. The contents of this deposit are determined by the supplier and usually contain data that users of the SaaS service have entered into the system.
It is possible, but not always the case, and not verifiable for Softcrow, that this deposit contains personal data within the meaning of the GDPR.
Important: Softcrow has no access to the contents of a deposit. The supplier encrypts the deposit itself, before delivery. The encryption key is not shared with Softcrow, but solely with the beneficiary. Softcrow stores only encrypted files and has no access whatsoever to the contents. This is the core of our zero-knowledge architecture.
The deposit is stored solely in order to deliver it, encrypted and unchanged, to the beneficiaries named in the continuity arrangement, if the arrangement calls for it.
4. Storage and security
Contact details
Contact details are recorded in our contacts administration. Where necessary for carrying out our work, data is also included in physical documents such as agreements. All company documents are stored online; printed documents in our secured archive room.
Deposit
For the storage of deposits we use the following approach:
- Secure storage: deposits are stored in a secure storage environment in an ISO 27001 certified data centre within the EU
- Daily back-up: a daily back-up is made in two independent ISO 27001 certified data centres within the EU
- Encrypted by the supplier: the deposit is encrypted by the supplier before delivery. The encryption key is not shared with Softcrow. As a result, Softcrow has no access to the contents of the deposit, zero-knowledge
- Append-only storage: delivered data cannot be changed, deleted or downloaded after storage. Delivering new versions is always possible. Download access is made available only on request
- Integrity check: a SHA256 checksum is calculated for each deposit and verified weekly
5. Your rights
The rights below relate solely to contact details. With regard to data that may form part of a deposit, Softcrow cannot exercise these rights, because Softcrow itself has no access to that data.
| Right | What it means |
|---|---|
| Access | You can request which data Softcrow has recorded about you |
| Rectification | You can have incorrect or outdated data corrected |
| Portability | You can request your data or have it transferred to another party |
| Erasure | You can request that your data be deleted |
| Objection | You can object to the use of your data |
To exercise one of these rights, we ask you to identify yourself with a copy of a valid identity document.
When a beneficiary ends its participation in a continuity arrangement, or when the arrangement as a whole is ended, the associated deposits are destroyed via a secure wipe procedure.
6. Our obligations
Softcrow processes data on the basis of a legitimate commercial interest. We only request the data that is minimally necessary for carrying out our services.
Data is only shared with other parties involved in the same agreement, insofar as this is necessary for carrying out the services. If it is necessary to share data with parties outside the agreement in question, we always ask for consent in advance.
Softcrow reserves the right to disclose data when this is legally required or when it is necessary to comply with a legal request. In doing so, we respect your right to privacy as much as possible.
7. Website statistics
Our website measures visitor statistics with Matomo, an open-source analytics tool that we host ourselves on our own infrastructure. All data stays with Softcrow; nothing is shared with Google or other third parties.
Privacy-friendly and cookie-free. We have configured Matomo so that it:
- places no cookies, which is why no consent banner is needed;
- anonymises your IP address before it is stored;
- respects your browser’s “Do Not Track” setting.
Which data. Matomo processes anonymised data about your visit, such as the pages you view, the duration of your visit, your approximate region (based on an anonymised IP address) and general information about your device and browser. We do not collect directly identifying data.
Purpose and basis. We use this data solely for website statistics and to improve the site. Because the processing is privacy-friendly and cookie-free, we rely on our legitimate interest (Article 6(1)(f) GDPR); your consent is not required for this.
Retention. Visit data is retained for a maximum of 14 months and is then automatically deleted.
Opting out. If you do not wish to be counted, enable the “Do Not Track” setting in your browser; we respect it.
For questions or requests regarding this privacy policy, you can reach us via:
E-mail: privacy@softcrow.com
Telephone: +31 (0)20 696 20 50
Post: Softcrow Trusted Electronic Services B.V., Monitorweg 11, 1322 BJ Almere
9. Changes
This privacy policy may be amended as a result of changes in our work, new insights or changes in legislation. The current version is always available on our website.