We highly value your privacy. In this privacy statement we will inform you on how we will handle your data and on the rights you have. The personal data you provide to us will be handled with great care and secured in compliance with the General Data Protection Regulation (hereafter: GDPR). This privacy statement focusses on the processing of personal data for which we are responsible (controller regarding the GDPR).
In our role as service provider for our customers, we may also be involved in the processing of personal data for which our customers are ultimately responsible. Please contact us for more information on how we handle your personal data. For specific questions, please contact the relevant customer.
Who are we?
Nétive (hereafter also: we), is responsible for the processing of personal data as documented in this privacy statement. When we mention Nétive, we mean the legal entity Nétive Holding B.V., and all related companies. You can find Nétive’s contact details at the end of this statement.
From whom do we collect data and why?
We collect data from persons in the following categories:
- Business relations, including employees of current and potential customers, partners, suppliers, and subcontractors;
- Our employees;
- Visitors on our website and other interested parties.
We will collect your personal data if you are a contact person at at least one of our business relations. We do this in order to execute the agreed cooperation and/or service, in order to service each other in the best possible manner.
As an employer, we collect personal data from our employees. We do this in order to carry out the employment agreement, legal obligations that stem from it, and further conduct of business in our organisation.
If you applied for one of our vacancies, or if we have approached you for this purpose, we will – with your permission – collect the provided personal data. We do this in order to assess if you are, or can be, the right person for the position and to keep in contact with you for this purpose.
Visitors on our website:
If you are a visitor of our websites and you wish to apply for an event and/or newsletter, or if you want us to contact you, you can leave your personal details.
We will collect your data to maintain contact with you, if you wish.
What kind of data do we collect?
The data we collect from our (potential) business relations is limited to the name, position, and (business) contact details.
If you are a job applicant, we only process the personal data required to assess if you are or can be, the right person for the position and to keep in contact with you for this purpose. For example:
Name, address, sex, date of birth, e-mail address, phone number, availability, CV, education and skills, diplomas, certificates, employment history, motivational letter, salary band, references from previous employers, assessment report, (job application) notes, progress reports from job applications/mediation.
In case of a labour agreement we document the following additional data:
Nationality, citizen service number, copy of identification, visa, work permits, marital status, name of partner, emergency contact details, bank account number, pay (slip), certificate of good conduct, confidentiality statements, other employments, income supplements, subsidies, premium discounts, distraint on wages, lease car, absence registration, and other data related to personnel-, salary- and absence registration.
In case of an assignment agreement, we process the following details:
Business name, Chamber of Commerce number, bank account, expiry date identification and document number, VAT number and certificate of good conduct.
We make use of Google Analytics to track our website’s performance. We have a data processing agreement in place with Google. We make use of IP anonymisation and we don’t share any analytics data with Google (we’ve opted out for all data sharing features which may hamper data privacy).
On what legal grounds do we process your data?
We process your data because we need it to carry out an agreement with you or your employer, because we are legally required to do so, you have given your permission, or because we (or a third party) have a justified interest in it (which is in accordance with the purpose for which we process personal data).
With which parties will we share your data?
We may share (your) personal data with other Nétive entities, our (potential) customers subcontractors that provide services or carry out assignments on our behalf, suppliers, governmental organisations and other business relations. We will only do this with your permission, if this is necessary to carry out the agreement with you or your customer and in all other cases where we may be required due to, for example, a warrant or verdict. If this is the case, naturally it only concerns relevant details. We will not sell personal data to third parties.
We will make a controller agreement with companies that process your data in our assignment, so that an equal level of safety and confidentiality of your data is ensured. Nétive remains responsible for this processing.
Is my data shared with parties outside of the EEA?
We will not actively share your data with external parties outside of the EEA. All personal data is stored within the EEA. However, we use certain applications with technical support outside of the EEA. If personal data is visible during this technical support, the data is protected because we only conduct business with parties that are certified under the EU-US Privacy Shield.
How long will we save your data?
We will only save your data as long as is necessary. We use the following retention periods depending on the situation.
If you are a contact person for our business relation, we will save your data as long as you work for our business relation, or for the legal retention period.
After this aformentioned retention period has passed, after you revoke your permission or after a successful request to delete your data, we will delete your personal data from our systems.
When you apply for one of our vacancies, or we contact you for a vacancy and you agree, we will not save your personal data for more than 4 weeks after the application procedure has finished. Possibly, with your permission, we will save your data for possible future vacancies. We will not save your data longer than one year, unless you give us permission once more. Naturally, you can revoke your permission at any given moment.
If you work for us or have worked for us, we will save your data for a maximum of 2, 5, or 7 years, depending on the legal retention period, unless we have a justified interest in saving certain data for a longer period of time.
Which rights do you have regarding your personal data?
You have the right to view, correct, or delete your personal data. Furthermore, you have the right to revoke possible permission for the data processing or to object the processing of your personal data by Nétive. You also have the right to data portability. This means you can file a request with us to send the personal data that we poses in a computer file to you or an organisation you have listed.
You can file a request to view, correct, delete your personal data, a request for data portability or a request to revoke your permission or object to the processing of your personal data to email@example.com. To ensure that you are the one who made the request, we ask you to send a copy of your identification with the request. In this copy, you can black out the photo, MRZ (machine readable zone, the strip with numbers on the bottom of the passport), passport number and citizen service number, in order to protect your privacy.
We will respond to your request as soon as possible, and certainly within four weeks. We would also like to note that you have the option to file a complaint with the national supervisor, the Dutch Data Protection Agency. Please use the following link: http://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons
In some cases we are allowed to refuse your request, for example, if you ask us to delete your data but we require it for the tax authorities or as evidence for complaints. If this is the case, we will inform you as soon as possible.
Cookies, or comparable techniques
We take the safety of your data very serious and therefore take appropriate measures to prevent abuse, loss, unqualified access, undesired disclosure, and illicit changes. We have agreed with processors and external parties that process personal data on our behalf that they need to provide maximum security for the data as well. If you suspect that your data is not well-protected or if there are signs of abuse, please contact us via firstname.lastname@example.org.
Report data incident
If you suspect a (possible) violation of the security of personal data, we kindly request you to report this immediately via email@example.com.
If necessary, we can edit this privacy statement. The most current statement is on our website. The text was last edited on May 25th, 2018.
Questions, remarks or complaints?
If you have questions, remarks, or complaints regarding the manner in which we handle your personal data or regarding this privacy statement, you can contact us by mail or e-mail via the following contact details:
Nétive VMS B.V.
2289 EZ Rijswijk
+31 (0)15 2511840