Privacy Statement AuditDirect

Version: January 2026

In this privacy statement, we explain how AuditDirect handles your personal data. We respect the privacy of our visitors and potential clients and ensure that the personal information you provide to us is treated confidentially. Personal data is processed in a manner that complies with the requirements of the General Data Protection Regulation (GDPR).

1. Identity of the company (Controller)

The controller responsible for the processing of your personal data is:

AuditDirect
Van Leeuwenhoekstraat 132
7908 BN Hoogeveen
Chamber of Commerce number: 91987024
Email: auditdirectnl@gmail.com
Telephone: +31 6 300 24 200

2. Which personal data do we process?

We process personal data that you provide to us yourself when you use our services or fill in the contact form on our website. Below you will find an overview of the personal data we process:

• First and last name;

• Company name and role;

• Address details (if provided);

• Telephone number;

• Email address;

• IP address, location data and information about your activities on our website (via cookies);

• Other personal data that you actively provide, for example in the description of your request (for example, details about the desired audit).

3. For what purpose do we process personal data?

AuditDirect processes your personal data for the following purposes:

• Matching: To assess your request and put you in contact with a suitable independent consultant or auditor who fits your question.

• Contact: To be able to call or email you if this is necessary to carry out our services (for example, to verify your request).

• Quotation process: To enable the selected consultant to make you a suitable proposal.

• Service improvement: Analyzing behavior on the website in order to improve the website and tailor the range of services to your preferences.

• Administration: For handling any payments and legal administrative obligations.

4. On what legal basis do we process data?

We process your data on the basis of the following grounds under the GDPR:

• Performance of the agreement: Processing is necessary to provide the service you requested (finding a consultant).

• Legitimate interest: For securing and optimizing our website and services.

• Legal obligation: For data we need for our tax return.

• Consent: For placing non-essential cookies or sending newsletters (you can withdraw this consent at any time).

5. Sharing personal data with third parties

Sharing your data with third parties is an essential part of our services as an intermediary. However, we never sell your data for commercial purposes (spam) to parties that have nothing to do with your request.

We share your data with the following categories of third parties:

• Independent Consultants and Auditors: Once we have found a suitable match for your request, we share your contact and project data with this consultant. Please note: From the moment the consultant receives your data, this party is an independent controller for the further processing of your data in connection with the quotation and execution of the audit.

• ICT service providers: Parties that host our website, manage email servers and support our digital infrastructure (e.g. Google, hosting provider).

• Accounting office: For the processing of our financial administration.

With companies that process your data on our behalf (such as hosting providers), we enter into a data processing agreement to ensure the same level of security and confidentiality of your data.

6. How long do we keep personal data?

AuditDirect does not keep your personal data longer than is strictly necessary to achieve the purposes for which your data are collected. We apply the following retention periods:

• Requests and matches: Maximum 2 years after the last contact, unless a long-term customer relationship develops.

• Financial administration: 7 years (legal tax retention obligation).

• Analytics data: Maximum 26 months.

7. Cookies

AuditDirect uses functional, analytical and tracking cookies. A cookie is a small text file that is stored in the browser of your computer, tablet or smartphone during your first visit to this website. During your first visit to our website, we already informed you about these cookies and asked for permission to place them. You can opt out of cookies by configuring your internet browser so that it no longer stores cookies. In addition, you can delete all information previously stored through your browser settings.

8. Accessing, adjusting or deleting data

You have the right to view, correct or delete your personal data. In addition, you have the right to withdraw your consent to data processing or object to the processing of your personal data by AuditDirect. You can send a request for access, correction, deletion or data portability to auditdirectnl@gmail.com. To make sure that the access request was made by you, we may ask you to identify yourself. We will respond to your request as soon as possible, but within four weeks.

9. Security

AuditDirect takes the protection of your data seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized alteration. The website uses a reliable SSL certificate to ensure that your personal data does not fall into the wrong hands. If you have the impression that your data is not properly secured or there are signs of misuse, please contact us at auditdirectnl@gmail.com.

10. Right to complain

We would also like to point out that you have the option to file a complaint with the national supervisory authority, the Dutch Data Protection Authority. This can be done via the following link: www.autoriteitpersoonsgegevens.nl.