Grassfeld Privacy & Cookie Statement.

This privacy & cookie statement has been checked and certified by Privacy Verified B.V. in cooperation with Stichting Certificering. Below you will find a summary of the main points of the statement, as well as the full details

Last updated on January 7, 2025

Summary by Privacy Verified.

Who is this statement for?

Visitors to the website
App users
Users of our services

About us.

Grassfeld Inc. 
8 The Green # 16180 Dover, DE, 19901 The United States of America

Contacts.

info@Grassfeld.com

You

The Data Subject

Us

The Controller

We control how your data will
be processed

Our suppliers

The Processors

The process your data on our behalf, based on our instructions

What data we collect.

Contact data

E.g. name, phone, number, email address

User generated content

E.g. content of blog posts, comments, feedback

Financial data

E.g. payment details, bank account number

Click and behavior data

E.g. pages visited, visit duration, clicks

Profiling data

E.g. product preferences, interests, target group

When and how we collect data.

Data we collect

Data you give

Activity

Data we collect

Data you give

Running our website

Creating an account

Concluding a subscription

Improving our services

Providing access to our portal

Marketing

Promotions

Handling contact requests

Handling financial transactions

How we safeguard your data?

We respect your personal data rights under the law, which you can find in this statement.

We do not keep data longer than mentioned in this statement.

We ask for your consent where necessary (e.g. cookies, marketing).

We do not share data without your knowledge.

We don't sell your data.

Most of our processing is in the EU. When we process your data outside of the EU, we have strict safeguards in place.

Privacy verified

Certification

This certificate has been issued by
the Stichting Certificering to:

Grassfeld B.V.
Rodezand 80
3011 AN Rotterdam
The Nederlands
CoC:66046203

Organization has stated that it will not make any changes of a material nature without verification from Privacy Verified.

This certificate was issued on:

June 14, 2024

This certificate is valid until:

June 14, 2026

This company has been certified since:

June 8, 2023

Click or scan to verify this certification

Verify This Certification

Privacy & cookies – Full details.

Who we are.

During the processing of personal data, Grassfeld Inc. works conform to the requirements of the applicable data protection legislation, including the General Data Protection Regulation (GDPR) and relevant U.S. federal privacy laws, such as the Children’s Online Privacy Protection Act (COPPA), the California Consumer Privacy Act (CCPA), and the Health Insurance Portability and Accountability Act (HIPAA). This means we:
‍

clearly specify our purposes before we process personal data by using this privacy statement;
limit our collection of personal data to only the personal data needed for legitimate purposes;
first ask for explicit permission to process your personal data in cases where your permission is required;
take appropriate security measures to protect your personal data and demand the same from parties who process personal data on our behalf;
respect your right to access, correct, or delete your personal data held by us.

Grassfeld Inc. is the party responsible for all data processing. In this privacy statement, we will explain what kind of personal data we collect and for which purposes within our online services accessible via: www.grassfeld.com, our knowledge base, and our app. For readability purposes, those services combined are called ‘our online services’ in this privacy statement. We recommend that you read it carefully.

If you have any questions regarding the processing of personal data, you can find the contact details of Grassfeld Inc. below.

Grassfeld Inc.
8 The Green # 16180
Dover, DE, 19901
The United States of America 
Registration number: 10006711

What data we collect.

Contact data: data that can be used to contact you.

For example: name, phone number, (email) address, username (nickname), user-ID and profile picture.

Location data: data about your location, shared by your mobile device with your permission.

For example: GPS cordinates, direction of travel, time when location was recorded.

Profiling data: data based on the results of analyses.

For example: product preferences, interests, gender, age group, and target group.

Financial data: data that enables the payment of our services.

For example: payment details, bank account number, credit card number, payment history and/or invoices.

Click and behavior data: data that on how you use our services and website/app.

For example: pages visited, visit duration, clicks, cookies, and other analytical data.

User-generated content: data you create while using our services or customer service.

For example: content of blog posts, content of comments, answers to surveys, feedback.

How and why we collect your data.

Purpose

Data categories

Legal basis

How long we keep it

Purpose

Registration

Certain features of our online services require you to register beforehand. You will have to provide some information about yourself and choose a username and password for the account that we will set up for you. It is also possible that the username will be provided by us, in this case it will be not possible to choose a username.

For this purpose, we use your phone number, invoice and/or email address, payment details, nickname and profile picture if you want to personalize your account. This is done based on the execution of the agreement you conclude when making an account. We store this information until you close your account. We will retain this data so that you do not have to re-enter it every time you visit our website and/or use our online services, and in order to contact you in connection with the execution of the agreement, invoicing and payment, and to provide an overview of the products and services you have purchased from us.

Data categories

Contact data
Financial data

Legal basis

Performance of a contract

How long we keep it

Until account closure

Purpose

Concluding a subscription

Via our online services, you can take out a paid subscription. We use your personal data to complete the payment.

For this purpose, we use your phone number, invoice and/or email address, payment details, User-ID, if applicable; payment history and invoices. We need this data because of our agreement with you. We store this information until you cancel your subscription. Certain types of personal data will be retained for a longer period with regards to the legal tax retention.

Data categories

Contact data
Financial data

Legal basis

Performance of a contract

How long we keep it

Until you cancel your subscription. Certain types of personal data will be retained longer with regards to legal tax retention

Purpose

Statistics and profiling

We keep as much as possible, anonymized statistics on the use of our online services. These statistics help us to, for example, only show you information that is relevant to you or to improve our services. We may combine personal data to get to know more about the way our services are being used. We will of course respect your privacy at all times.

For this purpose, we use your Usage statistics. We have a legitimate interest in doing this. We store this information for as long as you have a subscription.

After your consent, we can also use your data to provide you with statistical insights in your financial situation, and we use your personal data to generate statistical and anonymized data that can be shown to other users in order to give them statistical insights in their own financial situation.

Data categories

Click and behavior data

Legal basis

Our legitimate interest
Your consent

How long we keep it

For as long as you have a subscription

Purpose

Providing access to our portal

Within our online services, you can access a management environment where you can set, specify and change settings. We will keep track of your activities for proof.

For this purpose, we use your phone number, email address, nickname and profile picture. We need this data because of our agreement with you. We store this information until our services to you have ended. Why profile picture, nickname? We’ll if you login to the system, we need to retrieve, among other information, your image, nickname.

Data categories

Contact data
Click and behavior data

Legal basis

Performance of a contract

How long we keep it

Until the service is terminated

Purpose

Sending newsletters

We have a newsletter to inform those interested on news, updates, tips and information about our products and services. Your email address is added to the list of subscribers, only with your permission! We hate spam too but sometimes it’s necessary to communicate with you. We store this information until you cancel your subscription to our newsletter.

You may cancel your subscription to our newsletter at any time. Each newsletter contains a link to unsubscribe from our newsletter.

Data categories

Contact data

Legal basis

Your consent

How long we keep it

Until you unsubscribe to our newsletter

Purpose

Promotions

Other than the possible advertisements on the website, we can inform you about our new products and/or services by email or via social media.

You can object at all times against this promotional communication. Every email contains a cancellation link. On social media, you can block us or use the cancellation option. You can also inform us through your account. Further, you can inform us through the portal.

Data categories

Contact data

Legal basis

Our legitimate interest

How long we keep it

Until you object to this promotional communication or unsubscribe from this promotion

Purpose

Handling contact requests

You can use our contact form to ask questions or make any request.

For this purpose, we use your phone number, email address, nickname, message you wish to send to us and your User-ID. We need this data because of our agreement with you. We store this information until we are sure that you are satisfied with our response and six months thereafter. This way we can easily access the information in case you have any following questions and train our customer service to improve even more.

Data categories

Contact data
User generated content

Legal basis

Performance of a contract
Your consent

How long we keep it

Until we are sure that you are satisfied with our response and six months thereafter

Purpose

Handling transactions (financial)

If you connect your bank account(s) to our service(s), we will retrieve your transaction history and sync all the future transactions from the selected account(s). Note that we can’t do this by ourselves as you explicitly must authorize this action fully by yourself through your own bank.

All the transactions are anonymized and stored and can only be retrieved by you. We don’t sell data to third parties; this is the reason why we ask a fee to use our services. The anonymized transactions will be analyzed by our Artificial Intelligence engine to provide you the needful insights through our services.

The transactions will be deleted immediately after you disconnect your account and/or delete your profile.

Data categories

Financial data

Legal basis

Performance of a contract

How long we keep it

The transactions will be immediately deleted after you disconnect your account and/or delete your profile

Purpose

Location data

If necessary, we may collect your location data (GPS). If that is the case, you will be asked to grant consent beforehand.

This location data and other data can also be stored and processed by the provider of the navigation/mapping software, such as Google Maps, but the data could also be used by, for example, Google or Apple itself. We have no control over their actions. We recommend that you read the applicable privacy statement of the provider in question.

Data categories

Location data

Legal basis

Click and behavior data

How long we keep it

The location data and other data can also be stored and processed by the provider of the navigation/mapping software, such as Google Maps, but the data could also be used by, for example, Google or Apple itself. We have no control over their actions. We recommend that you read the applicable privacy statement of the provider in question

Purpose

Digitize your personal administration

You will have the ability to digitize your personal administration, through our services you will be able to use our cloud storage soluition which is designed for this purpose. For this purpose, we may process your financial data.

Data categories

Financial data

Legal basis

Performance of a contract
Your consent

How long we keep it

Until you delete your files

Children’s data privacy (COPPA compliance)

As a financial institution, our services are not offered nor available to minors under the age of eighteen, and have restricted the use of our applications to users who are eighteen or older.

Therefore, we do not knowingly collect personal data from minors under thirteen without parental consent, in compliance with COPPA. If we become aware that we have collected data from a child under thirteen without verification of parental consent, we will take steps to delete that information. Parents or guardians can contact us to review, update, or delete their child’s personal information.

How do we keep your data secure?

We take security measures to reduce misuse of and unauthorized access to personal data. These measures include:
‍

Encryption: all sensitive data is encrypted during storage and transmission;
Two-Factor authentication (2FA): ensures secure account access;
Regular security audits: our systems are regularly audited to identify vulnerabilities;
Incident response plan: we have a clear protocol in place to handle data breaches.

We follow industry best practices such as the NIST Cybersecurity Framework (CSF), ISO/IEC 27001, and CIS Critical Security Controls to ensure your data remains secure.

Your privacy rights (CCPA Compliance)

You can always contact us if you have any questions regarding our privacy policy or wish to review, modify, or delete your personal data.

You have the following rights:

Right of access: you have the right to see what kind of personal data we processed about you;
Right of rectification: you have the right to rectify any personal data we have processed about you, if this information is (partially) wrong;
Right to complain: you have the right to file a complaint against the processing of your personal data by us, or against direct marketing;
Right to be forgotten: you can file a request with us to remove any personal data we have processed of you;
Right to data portability: if technically possible, you have the right to ask us to transfer your processed personal data to a third party;
Right to restriction of processing: you can file a request with us to (temporarily) restrict the processing of your personal data.
If you exercise any of the rights mentioned above, we might ask to identify yourself with a valid ID, to confirm it is your personal data. If so, it is important that you hide your social security number and photo.

To exercise any of these rights, contact us at info@Grassfeld.com. We will respond within one month, unless the request is complex, in which case you will be notified of an extension.

Third parties who also process your data.

Except for the parties necessary to deliver the services mentioned above, we do not under any circumstance provide your personal data to other companies or organizations, unless required by law (for example, when the police demand access to personal data in case of a suspected crime).

When personal data is transferred to a third party outside of the EU, we ensure that the necessary measures required by the General Data Protection Regulation (GDPR) and U.S. federal privacy laws are in place.

Our online services feature social media buttons. These buttons are used by the providers of these services to collect your personal data.

How we use cookies (CalOPPA compliance)

Our online service makes use of cookies. Cookies are information files that can be automatically stored on or read from the visitor’s device (such as PC, tablet, or smartphone) when visiting a website. This is done via the web browser on the device or via our app.

The first time you visit our online service, we will show you a notification explaining our cookies and ask for your permission for the use of these cookies. Our online services use cookies or similar technologies where information is stored and/or read on the device (for ease of reading, all such techniques are referred to as “cookies”), used to:

Enable functionalities of the website and to protect the website (technical or functional cookies);
Analyze the use of the website and improve the website (analytics cookies);
Personalize our website (and ads on other websites) based on your preferences (tracking cookies);
Enable the online chat function and the frequently asked questions portal (other cookies).

We offer a cookie management interface where you can customize your preferences and consent.

Complaints.

If you want to file a complaint about our use of personal data, please send an email to info@grassfeld.com. We will look into and respond to any complaint we receive.

If you think that we are not helping you adequately, you have the right to file a complaint with the relevant data protection authority. For The USA, this is the Federal Trade Commission.

Updates to this statement.

We reserve the right to modify this statement. We recommend consulting this statement regularly to stay informed of any changes. Significant changes will be communicated via email notifications, website pop-ups, or direct account notifications.

Cuanto antes empiece a utilizar Grassfeld®, mejor. Al establecer objetivos financieros y hacer un seguimiento de los mismos, usted y su familia disfrutarán de una perspectiva clara. El camino hacia su independencia financiera nunca ha sido tan claro.

Cookie Notice