1. Introduction
When performing our work, we process personal data of the employees and any temporary employees of the client (hereinafter: personal data of clients). In this privacy statement we explain which personal data we collect, use and store and for what purpose.
Bailiffs office Groot & Evers B.V. is responsible for the use of personal data of clients. In doing so, we comply with the relevant laws and regulations.
General Data Protection Regulation
Implementation Act General Data Protection Regulation
Bailiff Act
Administration Regulation Judicial Officers
Regulation KBvG Standards for Quality
Basic Registration of Persons Act
Guidelines AP Security of personal data
Policy rules AP Identification and verification of personal data
Policy rules AP Security of personal data
AP policy rules Policy rules on the obligation to report data breaches
AP Camera Surveillance Policy Rules
Our contact information
Bailiff’s office Groot & Evers
High Hill Road 4
1101 CC Amsterdam
020-4080453
info@groot-evers.nl
2. Whose personal data we process
We process personal data of employees and temporary workers employed by or acting on behalf of the client. This concerns the employees with whom we maintain business contacts or have contact in the operational coordination regarding the assignment.
3. Why we collect data
As a contractor, we register and maintain personal data of the client’s employees (contact person). This data is used to get in touch, to make business agreements and to file to exchange file data and to communicate about implementation and/or to seek coordination. Where communication takes place, we record with whom that communication took place.
4. Data processed by us
4.1. Information provided by the contact person
When entering into a business relationship, starting from requesting information, up to and including the contacts that exist when handling files, we record the contact details of the contact person. This concerns name, job title, email address and direct (mobile) telephone number.
Before sending newsletters, we explicitly ask for permission for the processing of personal data.
4.2. Camera surveillance and office visits
For the safety of our employees, we have camera surveillance at the counter in our office in Amsterdam. These images are deleted after 2 weeks.
5. Basis for data processing
We process the data of contact persons of the client on the basis of the execution of an agreement. Processing in preparation for an agreement also falls under this. In addition, we process data based on a legitimate interest that we have as a commercial party.
The GDPR has 6 bases for the processing of personal data:
Consent of the person concerned.
The data processing is necessary for the performance of an agreement.
The data processing is necessary for compliance with a legal obligation.
The data processing is necessary to protect vital interests.
The data processing is necessary for the performance of a task of public interest or the exercise of public authority.
The data processing is necessary for the protection of legitimate interests.
6. Who we share data with
We share name and email address with the external system administrator to set up access rights to the client portal.
7. How we protect information
We take appropriate security measures to protect personal data of contact persons. In doing so, we pay particular attention to ensuring that your data does not end up with others and that access to our systems is adequately protected.
8. How long we keep your data
We do not store personal data longer than necessary. In many cases we have a legal obligation to retain data. As far as fiscal data is concerned, this retention period is 7 years.
Because we have a retention period of 10 years for file information, personal data in files is kept for 10 years after the closure of files.
The retention period of other personal data of contact persons ends 1 year after the end of the last moment of contact.
9. What rights you have
Right of inspection
The contact person has the right to inspect the data processed about him or her. The contact person can ask this question via our website or by email to the data protection officer. We will then send an overview of all personal data we have of the contact person within 1 month.
Right to correction
The contact person may ask us to correct or supplement personal data. This is possible if this data contains errors or is incomplete. After our own check, we immediately implement these changes. The contact person can pass on a correction to Human Resources by e-mail.
Object to the processing of your data
The contact person can object to the processing of personal data. When it comes to personal data that we process with permission, we will immediately terminate processing. In other situations, we often have an obligation or another basis to continue using the personal data.
Please contact our data protection officer if you wish to object to the processing of personal data
Right to data portability
In the case of personal data that are digital and that we process with the consent of the contact person or on the basis of the performance of an agreement, the contact person has the right to request that this data be collected in a digital file and sent to him or her or a third party. to be transferred.
Please contact our data protection officer if you wish to request data portability.
Right to erasure of data
The contact person has the right to have personal data removed. When it comes to personal data that we process with permission, we will delete it immediately. In most situations, we have a legal obligation to retain data for a number of years. In that case, we cannot delete that data. We will always review a request carefully and let the requester know whether we can delete the personal data. If that is not possible, we will state the reason.
Please contact our data protection officer if you wish to request the erasure of your data
Further information and questions
The data protection officer is the person at our office who ensures that we handle personal data correctly and protect it adequately. If you have any questions, you can contact him/her.
Contact details data protection officer
Name | Bart van Gerven |
Organisation | Aqturion |
Address | Nachtegaalslaantje 1, 5211 LE 's-Hertogenbosch |
Telephone | 06 28 88 04 84 |
E-mail address | b.v.gerven@aqturion.nl |
10. How to make a complaint
If we collect data from you and you are dissatisfied with this privacy statement or the way in which we handle your data, you can submit a complaint to our data protection officer, Mr B. van Gerven (see point 9). If this does not lead to a satisfactory solution, you can also submit a complaint to the Dutch supervisory authority, the Dutch Data Protection Authority.
Authority for Personal Data
Visiting address: | Hoge Nieuwstraat 8, 2514 EL The Hague (only by appointment) |
---|---|
Postal address | Postbus 93374, 2509 AJ The Hague |
Telephone | 0900 200 12 01 (usual phone costs) |
Opening hours | on working days from 09:00 to 12:00 and from 14:00 to 17:00 |
11. Adjustment of this privacy statement
We ensure that this privacy statement is up to date. We adjust this statement if we collect new or different data, provide it to new parties or if there are changes in retention periods or security measures.
12. Appendix
Applicable Laws and Regulations
- General Data Protection Regulation
- General Data Protection Regulation Implementation Act
- Bailiffs Act
- Judicial Officers Administration Regulation
- Regulation KBvG Norms for Quality
- Basic Registration of Persons Act
- AP Guidelines for Personal Data Protection
- Policy rules AP Identification and verification of personal data
- Policy rules AP Security of personal data
- AP policy rules Policy rules on the obligation to report data breaches
- AP Camera Surveillance Policy Rules
Fundamentals
The AVG has 6 bases for the processing of personal data:
- Consent of the person concerned.
- The data processing is necessary for the performance of an agreement.
- The data processing is necessary for compliance with a legal obligation.
- The data processing is necessary to protect vital interests.
- The data processing is necessary for the performance of a task of public interest or the exercise of public authority.
- The data processing is necessary for the protection of legitimate interests.
Security measures Groot & Evers
- secure connection (ISO 27001)
- access rights (2-way authentication)
- access security
- user identification
List of personal data we process
- Name
- Address/office address
- Place of residence/location
- E-mail address
- Phone number