Privacy Policy
Last updated: 30-04-2026
1. Controller
Beta2Business, Admiralengracht 63-3, 1057 EP Amsterdam, the Netherlands (KvK 98853953), is the data controller for personal data processed via this website and via the Microsoft Teams agent Vacature Starters Kit (the "Agent"). Contact: [email protected].
2. Scope
This policy covers personal data processed when you use the Agent inside Microsoft Teams or interact with this website.
3. Data we process
- Microsoft Teams identity: tenant ID, user ID, name and email provided by Microsoft Graph during agent installation and chat.
- Vacancy content: job descriptions, requirements and related text you submit to the Agent for analysis.
- Agent output: generated feedback, suggested rewrites and outreach drafts produced in response to your input.
- Operational logs: timestamps, request IDs and error traces used to keep the Agent reliable.
- Website data: IP address and basic analytics if you accept cookies on this site.
4. Purpose and legal basis
- Deliver the Agent functionality you request (legal basis: performance of a contract).
- Maintain, secure and debug the service (legal basis: legitimate interest).
- Comply with Dutch and EU legal obligations (legal basis: legal obligation).
We do not use your vacancy content to train third-party foundation models, and we do not sell personal data.
5. Sub-processors
The Agent relies on the following vetted sub-processors:
- Microsoft — Teams, Microsoft Graph and Azure hosting (EU regions).
- Anthropic — LLM provider used to generate feedback, rewrites and outreach drafts. Inputs are not used to train Anthropic models; zero-data-retention is requested where supported.
- Cockpit — recruitment CRM (operated by Findr Recruitment on behalf of Elevate People Group) holding vacancy and candidate records the Agent reads from.
- n8n — workflow automation platform used to orchestrate Agent calls between Microsoft Teams, Anthropic and Cockpit.
- Airtable — operational data store for vacancy and recruitment metadata where integrated with the customer's workflow.
All sub-processors operate under a Data Processing Agreement and apply appropriate technical and organisational measures.
6. Retention
- Vacancy input and Agent output: up to 30 days, then deleted.
- Operational logs: up to 90 days.
- Account/tenant identifiers: until the Agent is uninstalled.
7. International transfers
Data is processed in the European Union where possible. If a sub-processor transfers data outside the EU, we rely on Standard Contractual Clauses or an equivalent safeguard.
8. Your rights
Under the GDPR you may request access, correction, deletion, restriction, portability or object to processing. Send requests to [email protected]. You may also lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
9. Security and breach notification
We apply encryption in transit (TLS) and at rest, role-based access controls, and audit logging. We notify affected customers of a (suspected) personal data breach without undue delay, and in any event within 24 hours of discovery, in line with our standard Data Processing Agreement. Customers remain responsible for any onward notification to supervisory authorities and data subjects.
10. Changes
We may update this policy. Material changes will be communicated via the Agent or this website at least 14 days before they take effect.
11. Contact
Beta2Business
Admiralengracht 63-3, 1057 EP Amsterdam, the Netherlands
KvK 98853953
[email protected]
