General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) will apply as of 25 May 2018. On this page, we will explain what this means and what measures Symbid has taken to guarantee your privacy.


What is GDPR?

By now, you will have probably heard of the GDPR. The General Data Protection Regulation will replace the Personal Data Protection Act on 25 May 2018 and will affect all companies with customers in Europe. Now that data is becoming available on an ever larger scale, there is an increased risk of misuse of that data.


What does the GDPR mean in practice?

Citizens get more rights when it comes to knowing which data is collected from them, how long they are kept and to which third parties this information is provided. They are given the opportunity to have their data changed or removed. Governments, organizations, and companies that do not comply with the rules can be fined for this.


As a User, Investee or Investor you have the rights listed below:

  • Right to information: You have the right to ask Symbid whether your personal data are processed.
  • Right of access: You may check whether and if so, how your personal data are processed.
  • Right to rectification: If your personal data are incorrect, you can request rectification from Symbid.
  • Right to restriction of processing: In some cases, you have the right to have the processing of your personal data temporarily restricted.
  • Right to data portability: You have the right to receive a copy of the personal data that you have provided to Symbid.
  • Right of opposition: You have the right to ask Symbid to no longer use your personal data.
  • Right to be forgotten: In cases in which you have consented to the processing of your personal data, you have the right to have your personal data erased. However, this is possible only if Symbid can still comply with its legal obligations, like the statutory retention periods.
  • Right to object: You have the right to object to the processing of your personal data. Symbid will honor your request unless it has legitimate grounds for processing.


What does Symbid do to guarantee your privacy?

Symbid has taken a number of measures to ensure your privacy as well as possible.

  • The Privacy Policy of Symbid is adapted to the new legislation.
  • We have created a Data Register in which all available data points have been collected.
  • In all mail communication, it is clearer how you can adjust your mail settings.
  • We have further tightened our internal security with the latest security certificates.
  • We have built an online portal where you can request your data or submit a request for deletion.
  • We have made clear agreements with all our partners on how safety and privacy are guaranteed. These agreements have been incorporated in the new privacy policy.



What information do you possess from me?

We collect the following data from users who register on our platform:

  • Name, address, residence data
  • Phone number
  • Employer
  • Date of birth
  • Education
  • Account number
  • Copy ID
  • If registered via oAuth: Social media account
  • If you have a professional account:
  • Chamber of Commerce number
  • Excerpt Chamber of Commerce


Do you want to request your data? You can do this via the following registration form.


I want to have my data removed from you.

You can request a removal of your data via the following form.


Please note: due to our obligations as a BO-certified organization towards the Dutch Authority for the Financial Markets (AFM), we are not allowed to delete transaction data.


I would like to change my email preferences. How can I change this?

You can adjust the frequency and type of emails you receive via the following page.


I want to change my data. Where can I do this?

Log in to your Symbid account and click on settings. You will find here the details you have entered when registering and here you have the possibility to adjust this data.


I want to delete my account altogether. How do I do this?

Log in to your Symbid account and click on settings. At the bottom of the page, you will find the "Delete my account" button. Note: you can only delete your account if you have no investments on your account. In other cases, we are obliged to keep your data in our system.


Which internal security measures have you taken?

The critical systems we use are all secured by means of:

  • Two-step authentication
  • Suspicious login identification
  • Security Roles
  • Mobile login monitoring
  • Data breach notification
  • Auto-lock
  • Restricted Account Recovery
  • Restricted data export


I have a number of specific questions about the AVG. Where can I ask these questions?

GDPR-related questions can be sent directly to .