Our Promise
Safeguarding the privacy of (your) data subjects is of vital importance to us. In everything we do, security comes first.
We therefore promise that:
- Only individuals who need access will be granted access to personal data;
- Our systems optimally support the proper processing of personal data;
- We will not make personal data available to third parties, unless previously agreed upon or required by law;
- We will always cooperate in upholding the rights of data subjects;
- We will not retain personal data longer than the period you have specified and/or as required by law;
- All processing of personal data will be carried out based on documented instructions, while also independently considering the relevant laws and regulations.
How do we put our promises into practice?
- All data we process is covered by a formal agreement;
- All our data processing activities are documented in our processing register, detailing the types of data we collect and their purposes;
- We apply the principle of data minimization in all data collection—only processing what is strictly necessary, and only for as long as needed;
- Data that is no longer used is destroyed. We do not pseudonymize or anonymize data;
- Data at rest is strongly secured according to ISO 27001 and NEN 7510 standards;
- Data in transit is encrypted and transferred via secure channels;
- We do not handle data subject requests (e.g., right to information, rectification, or erasure) for personal data provided to us by a client. In such cases, data subjects are referred to the client;
- A detailed overview of the measures we take to protect personal data is available upon request;
- We maintain a written privacy policy, privacy statement, information security policy, and data breach procedure;
- We do not transfer personal data to third countries or international organizations.
Date: 01-07-2024