BuildExitReady, an advisory division of 7Mills
ProgrammesBlogContact
Start the Free Score
BuildExitReady
The 7 Mills ScoreProgrammesBlogContactStart the Free Score

Legal

GDPR Statement

7MILLS Equity Partners B.V. · Last updated: May 2025

Our commitment

7MILLS Equity Partners B.V., trading as BuildExitReady, is committed to protecting the personal data of everyone who interacts with us — whether as a prospective client, existing client, website visitor, or business contact. This statement explains how we meet our obligations under the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Dutch implementation thereof (UAVG).

As a controller established in the Netherlands, we are directly subject to GDPR. We take our responsibilities seriously and have implemented appropriate technical and organisational measures to ensure lawful, fair, and transparent data processing.

Data controller

7MILLS Equity Partners B.V.
Ooldselaan 11, 7245PP Laren
The Netherlands
Chamber of Commerce 98530828
[email protected]

Principles we follow

We process personal data in accordance with the six data protection principles set out in Article 5 GDPR:

  • Lawfulness, fairness, and transparency — we always have a legal basis for processing and are open about how we use data
  • Purpose limitation — data is collected for specified, explicit, and legitimate purposes and not processed in ways incompatible with those purposes
  • Data minimisation — we collect only what is necessary for the purpose
  • Accuracy — we take reasonable steps to ensure data is accurate and kept up to date
  • Storage limitation — data is retained only as long as necessary
  • Integrity and confidentiality — we apply appropriate security measures to protect personal data against unauthorised access, loss, or destruction

Legal bases we rely on

We rely on the following legal bases under Article 6 GDPR to process personal data:

  • Article 6(1)(a) — Consent: for marketing communications and non-essential cookies
  • Article 6(1)(b) — Contract: for processing necessary to deliver advisory services
  • Article 6(1)(c) — Legal obligation: for retaining records required under Dutch tax and accounting law
  • Article 6(1)(f) — Legitimate interests: for responding to enquiries, improving our services, and communicating with prospective clients

Data subject rights

Under GDPR, you have the following rights with respect to your personal data:

  • Right of access (Art. 15) — obtain a copy of your personal data and information about how it is used
  • Right to rectification (Art. 16) — have inaccurate or incomplete data corrected
  • Right to erasure (Art. 17) — request deletion of your data ("right to be forgotten") where there is no overriding legitimate reason to retain it
  • Right to restriction of processing (Art. 18) — limit how we use your data in certain circumstances
  • Right to data portability (Art. 20) — receive your data in a structured, commonly used, machine-readable format
  • Right to object (Art. 21) — object to processing based on legitimate interests, including direct marketing
  • Rights related to automated decision-making (Art. 22) — we do not use automated decision-making or profiling that produces legal or similarly significant effects

To exercise any of these rights, email [email protected]. We will respond within one month of receiving your request (extendable by a further two months for complex or multiple requests, with notice).

International transfers

Where we use third-party service providers that process data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place as required by Chapter V GDPR. These may include:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs) as approved by the European Commission
  • Binding Corporate Rules, where applicable

We will provide further information about the safeguards in place on request.

Data security

We implement appropriate technical and organisational measures to protect personal data, including:

  • Encryption of data in transit and at rest where applicable
  • Access controls limiting data access to authorised personnel only
  • Regular review of our data processing activities and supplier security
  • Documented procedures for responding to data breaches

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Autoriteit Persoonsgegevens within 72 hours and, where required, inform affected individuals without undue delay.

Complaints

If you believe we have not handled your personal data lawfully, you have the right to lodge a complaint with the Dutch supervisory authority:

Autoriteit Persoonsgegevens
Postbus 93374
2509 AJ Den Haag
autoriteitpersoonsgegevens.nl

We would, however, appreciate the opportunity to address your concerns directly before you contact the authority. Please reach out to us first at [email protected].

Further information

For full details of what data we collect, how long we retain it, and the third parties we share it with, please read our Privacy Policy.

BuildExitReady, an advisory division of 7Mills

Helping owner-managed businesses become genuinely sellable.

Start the Free Score

Advisory

  • Programmes
  • Partner With Us
  • About
  • Blog
  • Contact

Resources

  • The 7 Mills Score
  • Valuation Calculator
  • Free Exit Guide
  • All Resources

Legal

  • Privacy Policy
  • Terms of Service
  • GDPR Statement
  • Accessibility Statement

Registered Office

7MILLS Equity Partners B.V.
Ooldselaan 11
7245PP Laren
The Netherlands

Chamber of Commerce 98530828

© 2026 BuildExitReady · An advisory division of 7Mills