Menu
Call us
+31 (0) 85 0711080
Mail us
info@dpoconsultancy.nl
MenuClose
privacy statement dpo consultancy

Privacy Statement

How we secure and protect your privacy rights

DPO Consultancy – Privacy Statement

Last update on 16-07-2024.

 

Our Policies

We, DPO Consultancy, located at Europalaan 28b (5232 BC) ‘s-Hertogenbosch, attach great importance to the protection and privacy of our website visitors, customers, partners and other relations. The personal data is therefore handled and secured with care. In all cases, we comply with the requirements of the General Data Protection Regulation (GDPR) and the ePrivacy Directive. The privacy statement informs you about the way in which we handle your personal data. If you have any questions after reading our Privacy Statement, please contact us.

 

What personal data do we collect and how do we use it?

The type of personal data we collect and use is limited to the information you provide to us. This is the case, among other things, if you:

 

  • Contact us in any way;
  • Sign up for the newsletter;
  • Fill in the contact form;
  • Enter into a contract with us or request one of our other services;
  • Visit our website.

This Privacy Statement only applies to the platforms and parts of the websites we manage – which are owned by us – and all personal data that we process of website visitors, prospects, customers and business relations.

 

We will never share or sell your personal data to anyone without your knowledge or approval. We will only share authorized information with third parties if they have been hired by us to facilitate the provision of our services to you or if we are required by law to hand over information to a government agency.

 

Categories of personal data and purpose

Activity

Category of Personal Data

Purpose

Legal basis

When you visit our websiteIP address, actions on our website, information provided in contact forms.
  • To measure and improve interest on our website, to improve your user experience and tailor it to your behavior and interests;
  • To administer and diagnose our website, to protect our business, to troubleshoot problems, and to prevent potentially prohibited or illegal activities;
  • To respond to your question if you have asked it via the contact form and/or so that we can send you the results of the tool.
Consent (Article 6 (1) (a) GDPR) and Legitimate interest (Article 6 (1) (f) GDPR)
When you contact us as a customer or as a business partnerName, (business) e-mail address, (business) telephone number, position, signature
  • To carry out the agreed services;
  • To be able to comply with our own laws and regulations, e.g. obligation to keep records.
Necessary for the performance of a contract (Article 6 (1) (b) GDPR), necessary for a legal obligation (obligation to keep records) (Article 6 (1) (c) GDPR)
When subscribing to our newsletterName, e-mail address
  • To address you correctly in our mailings;
  • To be able to invite you to relevant organized events;
  • To contact you and send you newsletters;
  • To make our newsletter relevant based on your preferences and areas of interest;
  • To keep the data we collect accurate and to ensure that you no longer receive newsletters, if you wish.
Consent (Article 6 (1) (a) GDPR) and legitimate interest (Article 6 (1) (f) GDPR)
When contacting usName, e-mail address, other data you provide.
  • If relevant and necessary, the data will be used in legal proceedings.
Legitimate interest (Article 6 (1) (f) GDPR)
When you download documents from our websiteName, e-mail address, other data you provide.
  • We use this information to process your e-mail, postal or other communications and to link back to your e-mail, postal or other communication.
Legitimate interest (Article 6 (1) (f) GDPR)

Permission

In the event of consent as the basis for the processing of your personal data, you always have the right to withdraw consent at any time. You can do this by sending an email to info@dpoconsultancy.nl.

 

Once you have withdrawn your consent for processing, we will no longer process the personal data in question in the relevant processing. As a result, we will delete the personal data, unless there is a legal basis for further processing of the data (e.g. storage requirements or insofar as processing is necessary for the performance of the contract).

 

Retention periods

We retain your information to enable you to continue using our services for as long as necessary to fulfill the purposes for which it was collected, or as required by law.

 

Automated decision-making

Automated decision-making is decisions made by computers or systems without human intervention. We ensure that no personal data is processed in automated decision-making.

 

Sharing of personal data

We use third parties to operate our platforms. It is possible that these third parties have access to your personal data. If that is the case, we will take appropriate measures to ensure that your data is adequately secured and only used for its intended purposes. We may share your data with third-party service providers, to the extent necessary for the aforementioned purposes (and to the extent permitted by the GDPR). This concerns parties such as our IT service providers, parties from which we purchase advertising and marketing software, parties that arrange hosting, maintenance and support of the website, Cloud providers, Microsoft Outlook, CRM system, SharePoint and providers of systems with which we can exchange files. In addition, this may include competent regulators, authorities, judicial bodies or other parties where we are required to do so by law, or if it is necessary in the context of legal proceedings or to establish or exercise our legal rights (for example, to deal with complaints or proceedings). This is always done in accordance with our legal obligations. Of course, only the personal data that is necessary for the performance of the work will be shared.

 

International transfers of personal data

We may share your data with an organization or entity located outside the European Economic Area (EEA). We will then ensure that your personal data will only be passed on if these parties guarantee that the transfer takes place in accordance with the applicable privacy legislation. This means, among other things, that the personal data will only be transferred outside the EEA in the event that an adequacy decision of the European Commission determines that there is an adequate level of protection for the transfer of the personal data to that country or additional appropriate safeguards have been implemented, such as the Standard Contractual Clauses.

 

We ensure compliance with all additional requirements and guidance from the European Court of Justice, data protection legislation and/or supervisory authorities regarding the transfer of personal data.

 

Protection of personal data

We take the protection of your personal data very seriously. We have put in place appropriate security measures to prevent your personal data from being accidentally lost or accessed or disclosed in an unauthorized way. In addition, we limit access to your personal data to strictly necessary employees, contractors and other third parties. They will only process your personal data on our instructions and are subject to a duty of confidentiality. Finally, we train our employees on the importance of confidentiality and ensuring the privacy and information security of your personal data.

 

Rights of the data subject and their implementation

In accordance with applicable law, you have various rights in relation to the processing of your personal data, which are listed below.

  • The right of access. This means that you can make a request to access the personal data relating to you;
  • The right to rectification or correction of your personal data. This means that you can submit a request to have incorrect personal data rectified or, for example, if your personal data is incomplete.
  • The right to erasure. You can submit a request to have your personal data deleted. However, this is limited to certain circumstances.
  • The right to restriction of processing. You have the right to request restriction of processing of your personal data in certain circumstances.
  • The right to data portability. This means that you have the right to receive your personal data in a structured, commonly used and machine-readable format and to transmit that data to another controller.
  • The right to object. This means that you can object to the processing of your personal data at any time.
  • The right not to be subject to automated decision-making. You have the right to have the processing of your personal data take place under the human watchful eye if the processing can lead to a (legal) consequence.
  • The right to be informed about the correction, erasure and restriction of the processing of your personal data. If there is a processing or change of processing with regard to your personal data, you have the right to be informed.

If you have any questions or would like to exercise any of the above rights, please contact us at info@dpoconsultancy.nl. Reasonable access to your personal data will be granted free of charge after submission of the request to DPO Consultancy within one month of the confirmation of your request.

If we are unable to comply with your request within one month, we will inform you of an expected date on which the information will be provided. In addition, we may require more information to verify your identification before fulfilling your request.

You also have the right to lodge a complaint with a supervisory authority. In the Netherlands, the supervisory authority is the (“Dutch Data Protection Authority“).

Amendments

We reserve the right to amend this Privacy Statement at any time and for any reason. We will publish the amended Privacy Statement on our website. If required by law, you will be notified of important changes to our Privacy Statement.