Data Processing by AvePoint Following the Acquisition of Ydentic

Notice on Data Processing by AvePoint, Inc. and its affiliates, including Ydentic (collectively “AvePoint”) of Ydentic Data. 1. Background   On…

Ydentic powered by AvePoint

Notice on Data Processing by AvePoint, Inc. and its affiliates, including Ydentic (collectively “AvePoint”) of Ydentic Data.

1. Background  

On January 29th, 2025, Ydentic B.V. and Ydentic Holding B.V. (collectively “Ydentic”) were acquired by AvePoint, Inc. As part of Ydentic’s integration into the AvePoint group, certain business processes will now be supported by AvePoint, including the processing of personal data controlled by Ydentic of customers, business partners, and other parties (collectively “Ydentic Data”) by AvePoint. 

2. What Data Is Processed? 

The following categories of Ydentic Data may now be processed by AvePoint: 

  • Basic customer information (e.g., company name, contact persons, contact details) 
  • Billing and payment information 
  • Contractual and usage data related to our services 
  • Regulatory compliance data (e.g., KYC documentation, if applicable) 
  • Marketing and Lead Data 
  • The data categories as laid out in AvePoint’s Data Protection and Information Security Privacy Standard at https://www.avepoint.com/agreements/dataprotection

3. Purpose of Processing 

The purposes of processing of Ydentic Data by AvePoint are:

  • Contract execution (including invoicing and payment processing) 
  • Group-wide reporting (in particular financial reporting) 
  • Compliance with legal obligations (e.g., accounting, tax regulations, KYC requirements) 
  • Improvement and development of Ydentic and AvePoint products 
  • Integration of Ydentic into the AvePoint group structure 
  • Prevention and detection of fraud or other criminal activity; establishment, exercise or defence of legal claims 

4. Legal Basis for Processing  

The processing of data by is based on Article 6.1(b) GDPR (performance of a contract), Article 6.1(c) GDPR (legal obligation) and Article 6.1(f) GDPR (legitimate interest). Any processing of special categories of personal data is further subject to Article 9.2 GDPR. 

5. Data Sharing and Security Measures 

AvePoint ensures that Ydentic Data is processed exclusively for the purposes stated above. No data will be shared with unrelated third parties. All processing is conducted in full compliance with applicable data protection laws and with appropriate security measures in place. If data is transferred outside the European Economic Area (EEA), AvePoint will use appropriate safeguards, such as Standard Contractual Clauses, to protect it. 

6. Your Rights  

As a data subject, you have the following rights under the GDPR, subject to legal conditions: 

  • Access to the personal data we process about you 
  • Correction of inaccurate data 
  • Erasure or restriction of processing, where no legal retention obligations apply 
  • Objection to processing in certain cases 

7. Further Information and Contact 

In addition to this Notice, AvePoint’s Privacy Notice at https://www.avepoint.com/company/privacy-notice applies. If you have any questions regarding data processing or wish to exercise your rights, you can contact us at any time at privacy@avepoint.com