GDPS Group B.V. and our group entities (“GDPS”) collect personal data from (the employees of) our clients and our website visitors in order to provide our services. GDPS handles your data carefully and conform the applicable laws and regulations. In this Privacy Statement we set out which data we collect and process, how we do this and how you can object to this practice. This Privacy Statement may change from time to time.
1. When is this Privacy Statement applicable?
1.1 This Privacy Statement applies to all personal data from you that GDPS processes in relation to the services that GDPS provides, including the website visitor data of GDPS.
2. Who is responsible for your data?
2.1 GDPS Group B.V. is responsible for processing the personal data. Registered address is Hoofdstraat 185, 3781 AE Voorthuizen.
3. Which personal data is processed by GDPS?
3.1 We may collect and process data in the following ways:
i) Information that you provide to us, such as name, address, phone number, date of birth and email address (or that of your employees or customers); and
ii) Information we receive through your usage of our services or by visiting our websites, such as name, date of birth, address, email address, IP address, bank account number and social security number of your employees or customers. We also process your preferences for certain products and services.
4. For which purpose does GDPS use your data?
GDPS uses the data we collect for:
4.1 Service provision
GDPS processes your personal data first and foremost to be able to provide our services to you. We use the data for example for member and customer communication, billing and invoicing and to manage our relationship with you. We also use the data to be able to respond to requests for information or to assess your job application.
4.2 Contracting third parties
GDPS may contract third parties for the provision of their services. For as far as these third parties have access to personal data when providing these services, GDPS has taken contractual or organizational measures to ensure that your data will exclusively be processed in accordance with applicable laws and regulations and for the purposes set out in this Privacy Statement.
4.3 Marketing and sales activities
We like promoting our services by sending specific offers for our products and services to our clients (also after a contract has ended). We may do this via phone, email or post, unless you object to this.
4.4 Processing your personal data on GDPS websites
We collect and use your personal data on our website first and foremost to provide our (web) services and to communicate with you. Your data may also be used for the purpose of research and analysis, with the aim of improving our services and websites. We may, in certain cases, also use your data on our websites to be able to send (commercial) information about other GDPS services by email, provided you have given your permission to do so.
5. Information to third parties
We do not share your personal data to third parties outside of GDPS, unless one of the following circumstances occurs:
5.1 We have your explicit permission
We may share your personal data to third parties outside GDPS if you have provided your permission explicitly for this purpose. You may revoke this permission at all times.
5.2 For the purpose of third party processing (subcontractors)
We may share personal data with affiliated parties or other trusted parties so they can process these on our behalf, but exclusively according to our instructions and conform our Privacy Statement and conform other applicable confidentiality and security obligations.
5.3 Legal obligations and other legal reasons
We may share your personal data with third parties outside GDPS if we can reasonably assume that access to and usage of the personal data is necessary for:
i) Compliance with applicable laws and regulation and/or a court order;
ii) Investigation into fraud, technical or security problems, prevention thereof or otherwise; and/or
iii) Protection of the interests, properties and security of GDPS, our clients and the general public, conform the applicable laws.
5.4 We may share or disclose anonymized or depersonalized data to our partners, such as advertisers. We may for example publish data that shows trends in the usage of our services.
6. How long does GDPS retain your data?
6.1 GDPS does not retain your data any longer than legally permitted and no longer than necessary for the purposes for which your data is processed. How long certain data will be retained, depends on the type of data and the purposes for which they are processed. The retention period may vary per type of use .
7. Inspection, correction and deletion of your personal data
7.1 You have the right to access your personal data. This means that you can request from us what personal data we have registered about you and for which purposes the data is used. You can send a data access request by post or email with your name, address, telephone number and a copy of an official ID to GDPS Group B.V., Corporate Legal Department, Hoofdstraat 185, 3781 AE Voorthuizen, the Netherlands, or to email@example.com. If your access request is in relation to personal data linked to a cookie, you will need to include a copy of the respective cookie in your request.
7.2 If you are of the opinion that we retain incorrect personal data for you, you may have the personal data corrected. Please contact us at GDPS Group B.V., Corporate Legal Department, Hoofdstraat 185, 3781 AE Voorthuizen, The Netherlands or firstname.lastname@example.org. You will receive a response in writing within 4 weeks.
7.3 You may also send us a request to remove your personal data from our systems. We will comply with your request, unless we have a justifiable interest not to remove the data. Once we have removed the data, we may not be able to delete all copies of the data immediately from our servers and back up systems for technical reasons.
7.4 We may refuse to comply with the above mentioned requests if these are submitted unreasonably often, require unreasonably technical efforts or unreasonably severe technical effects for our systems, endanger the privacy of others and or when the requests are extremely unpractical.
7.5 GDPS may charge a fee to the maximum of EUR 4.50 as compensation for the cost of the request and to comply with the right of access and correction.
8. Right to object
8.1 You have the right to object to the use of your personal data if the use of your personal data is not necessary for the provision of our services or to comply with legal obligations. Also, if you have given your permission at an earlier stage, you may object to further usage of your personal data.
8.2 If you wish to object to the use of your data, please inform us about this by letter or email and send this to GDPS Group B.V., Corporate Legal Department, Hoofdstraat 185, 3781 AE Voorthuizen, The Netherlands or email@example.com. In case you wish to object, please clearly state in your letter which data usage you wish to object to. You will receive a response in writing within 4 weeks following your objection.
8.3 If we are no longer allowed to use your personal data, this may lead to fewer user possibilities across our websites and other services.
9. Information security
9.1 We will take all reasonable and applicable security measures to protect GDPS and our clients against unlawful access or change, disclosure or destruction of personal data.
9.2 Should a security incident occur, despite all security measures, and the incident may likely have negative effects on your privacy, we will inform you as soon as possible about the incident.
10. Applicability and amendments
10.1 Our Privacy Statement is applicable to all GDPS services and websites at a global level. This Privacy Statement will be published in Dutch and in English. Should there be any contradictions in the explanations of this Privacy Statement, the Dutch text is always decisive and binding.
10.2 We may adapt our statement regularly. The most up-to-date version will always be available on our website. We will not limit your rights without your explicit permission. Should there be important changes, we will inform you about these changes in a more personal manner.