Skip to main content

Privacy Notice

Last updated: May 2026

Samotics is committed to protecting your privacy and data protection rights. This Privacy Notice applies to the Samotics group of companies ("Samotics", "we", "our", "us"), which means Samotics Holding B.V. and each entity in which Samotics Holding B.V. has a majority holding or owns or controls the majority of voting rights (including Samotics B.V., Samotics Ltd and Samotics Inc.).

Samotics Holding B.V., registered at Bargelaan 200, 2333 CW Leiden, the Netherlands, is the primary data controller for personal data processed through our website (www.samotics.com) and for centrally managed business activities (including marketing, CRM, analytics and group administration).

Where you enter into a contract with a specific Samotics entity, or otherwise interact directly with that entity, that entity will act as the data controller for personal data processed in connection with that relationship. This may include:

  • Samotics B.V. (The Netherlands)
  • Samotics Ltd (United Kingdom)
  • Samotics Inc. (United States)

The relevant Samotics entity determines the purposes and means of processing your personal data in accordance with applicable data protection laws. Where we process personal data on behalf of our customers, we act as a data processor and process such data under their instructions.

If you are unsure which Samotics entity is acting as controller in your case, you may contact us at legal@samotics.com.

This Privacy Notice informs you about our use of your personal data, how we process it and what rights you have. Please note that not all parts of this Privacy Notice might apply to you, as our use of your personal data will depend on the capacity in which you interact with us, our services and/or our website.

Accessibility

If you require support or an alternative format to review this Privacy Notice, please contact us at legal@samotics.com.

Personal data we process

Prospective customers' data:

  • Contact details (name, email, phone)
  • Company / job title
  • LinkedIn profile
  • Inquiry, demo, marketing preferences
  • Account creation information

Customer representatives' data:

  • Full name
  • Job title and company name
  • Corporate email address
  • Phone number
  • Country
  • Signature

Existing or prospective suppliers:

  • First/last name
  • Job title and company
  • Corporate email address
  • VAT number
  • Signature

Website visitors:

  • IP address, device and browser identifiers
  • Usage and analytics data
  • Location data
  • Cookies

Job applicants:

When you apply for a job, we will process your personal data as set out in our Candidate Privacy Notice.

Data sources: all personal data processed by Samotics regarding its prospects or customers is either shared directly by them or, regarding prospects, collected from publicly available sources (such as company websites and professional networking platforms) and from reputable data enrichment service providers who compile business contact data from publicly accessible sources, professional networking platforms and other licensed partners. We take reasonable steps to ensure that such data providers process personal data in accordance with applicable data protection laws.

How we use your personal data

We may process personal data for the following purposes:

  • Provide, maintain and improve our services
  • Provide, operate and improve our website
  • Prepare, negotiate, and enter into agreements with customers, prospects, suppliers and partners, including providing quotations and proposals
  • Promote our products and services
  • Develop new products, services and features
  • Respond to your inquiries
  • Provide customer support
  • Inform you about our products, services and business updates
  • Manage and maintain our business relationships with customers, prospects, suppliers and partners
  • Identify and contact relevant professionals for business opportunities
  • Send business-related communications (e.g. outreach, partnerships, services)
  • Organise and manage events, webinars and other business activities
  • Detect and prevent fraud or security breaches
  • Analytics, customer surveys and research
  • Compliance with legal and regulatory requirements
  • Establish, exercise or defend legal claims
  • Enforce our policies (including but not limited to customer agreements)
  • Facilitate eventual mergers, acquisitions, investments or other corporate transactions
  • Use AI-assisted tools to support internal operations, including drafting communications, analysing documents, and processing business data

The legal basis we rely on

We process personal data only where we have a valid legal basis under applicable data protection laws. Depending on the circumstances, we rely on one or more of the following legal bases:

  • Performance of a contract: we may process your personal data for the fulfilment of contractual obligations resulting from contracts with you or your company, or as part of pre-contractual measures we take.
  • Consent: we will ask your consent for the activities described in this Notice when required by applicable law, for example when we process your data for analytics through the use of first- and third-party cookies and similar technologies.
  • Legal obligation: where processing is necessary to comply with applicable laws and regulatory requirements.
  • Legitimate interest: in some cases, we rely on our legitimate interests to process your personal data insofar this is not overridden by your own fundamental rights and freedoms. Such interests may include:
    • Ensuring network, information and platform security
    • Improving and personalising our services and communications
    • Managing and developing customer, supplier, and partner relationships
    • Conducting analytics for business intelligence activities
    • Promoting and growing our business
    • Allowing interaction with and functionalities within our products and services

How we share your personal data

We may share your data with:

  • Service providers, consultants and processors when necessary for us to support or manage our services, including promotion thereof (business advisors, hosting and cloud infrastructure providers, analytics providers, payment service providers, CRM and marketing platforms)
  • AI-assisted tools and platforms operated by vetted processors used to support internal business operations (such as drafting, summarising and analysing business content), which are subject to data processing agreements and security assessments
  • Our affiliates and subsidiaries when necessary for us to provide you with our services
  • Business transfers, in case we are involved in a merger, sale, acquisition, restructuring, dissolution, bankruptcy or other change of ownership or control (including due diligence of such transaction)
  • Auditors, upon request
  • Legal or regulatory authorities when required, or to exercise our legal rights and respond to a legal claim

We use Data Processing Agreements with all processors and require full GDPR compliance. Any processor used by Samotics is put under rigorous scrutiny to assess their security, confidentiality and privacy policies, as well as the adoption of adequate safeguards.

Samotics only discloses personal data to service providers where the disclosure is necessary to provide the services to our customers. Samotics does not sell any personal data.

International transfers

When we transfer your personal data outside the EEA/UK, these are protected by adequacy decisions, standard contractual clauses, binding corporate rules and/or other approved safeguards.

Samotics also always implements appropriate technical and organisational measures to ensure your personal data is treated securely and in accordance with applicable data protection legislation.

Your rights

  • Access your personal data
  • Rectify your inaccurate personal data
  • Erase your personal data
  • Restrict the processing of your personal data
  • Data portability
  • Object to our processing of your personal data (you may object to the processing of your personal data at any time by writing to us or by using the opt-out mechanism provided in the respective communication you received)
  • Withdraw your consent for the processing of your personal data at any time
  • Lodge a complaint with the competent supervisory authority. Depending on your location, the relevant authority may be the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) for processing by Samotics Holding B.V. or Samotics B.V., or the UK Information Commissioner's Office (ICO) for processing by Samotics Ltd. You may also contact the supervisory authority in your country of residence or place of work.

To exercise any of these rights, please contact legal@samotics.com. We respond within statutory timeframes.

Automated decision-making and profiling

We do not engage in solely automated decisions producing legal effects. If any profiling occurs, you will be informed of the logic and relevance.

Security

We apply appropriate safeguards such as:

  • Technological security measures including encryption in transit and at rest, firewalls, anti-virus software and other security controls
  • ISO-aligned access controls
  • Data minimisation
  • Periodic security reviews and audits
  • Physical security measures to access our premises
  • Confidentiality agreements
  • Internal security training for all our staff

Personal data breach

By personal data breach we mean a breach of Samotics' security that leads to accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed by Samotics' systems.

In the event of a personal data breach that is likely to result in a high risk to the rights and freedoms of individuals, Samotics commits to notify all data subjects without undue delay after discovery of the incident. Samotics also commits to notify the data protection authority without undue delay and, where feasible, no later than 72 hours after having become aware of the breach if it may result in a risk to the rights and freedoms of natural persons.

Children's data

Our services are not directed at individuals under 16. If we learn we have processed children's data, we will delete it.

Retention

We retain personal data as long as necessary and relevant to fulfil the purposes it was collected for, plus a documented retention period when necessary to fulfil our legal or regulatory obligations, resolve related disputes, and enforce our legal agreements and policies.

Anonymised data may be maintained by Samotics for longer periods of time, as necessary for reporting, statistics and training purposes as well as to improve our products and services.

Cookies

We use cookies to make our websites work, or work more efficiently, as well as to collect information. We may obtain information about your general internet usage by using a cookie file which is stored on your browser, your mobile device or the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our systems and to deliver a better and more personalised user experience. Some of the cookies we use are essential for the website to operate. We will not use the data to make any decisions about you.

For more information, please read our Cookie Policy below.

Changes to this Privacy Notice

We may revise this Privacy Notice from time to time. The latest version will be posted online with a last updated date.

If you are seeking employment with Samotics, please refer to our Candidate Privacy Notice.