The implementation of our services necessitates the processing of privacy-sensitive information, also called personal data. In some cases, we cooperate with other organisations and companies. The IoT Safety Company processes personal data from various categories of parties such as clients, suppliers, students and applicants.
The IoT Safety Company does its very best to protect your privacy and therefore is very careful with your personal data. In all cases, the IoT Safety Company respects the applicable laws and regulations, such as the General Data Protection Act. This means that in all cases, the IoT Safety Company:
- Processes your personal data in accordance to the purpose which you have determined, the objective of which is described in the privacy notification (together with the type of personal data);
- Limits the processing of your personal data to the minimum necessary to the objectives for which they will be processed;
- Requests your express permission to process your personal data in cases whereby your permission is necessary;
- Keeps your personal data no longer than necessary for the objectives for which they were provided according to law;
- Has taken the appropriate technical and organisational measures to guarantee the security of your personal data;
- Does not share personal data with other parties, unless necessary for the implementation of the objectives for which they were requested;
- Is aware of your rights concerning your personal data, informs you about them and respects them.
The IoT Safety Company is responsible for the processing of your personal data. After reading our privacy notification or in general, should you have queries or should you wish to contact us, please do so via the contact details below:
IoT Safety Company
3084 CB Rotterdam
Data Protection Officer: Robbert van der Veen
Tel: 088-1202 400
USE OF PERSONAL DATA
Using our services and websites leaves certain data behind. These can be personal data as will be described below. We do not always process all these data. It actually all depends on the type of services you use and/or which functionality you chose to use on our website.
Depending on the services and functionalities that you use on our website, we can process the following personal data:
- NAW data, email address and other contact details;
- Birth details, age group and gender;
- Curriculum Vitae (CV), information on education, diplomas, internships and work experience;
- Passport photo;
- Nationality, BSN number, identification document, driving license;
- User name;
- Login information.
We process the personal data below based on:
- The implementation of the underlying contract;
- Legal obligations;
- Legitimate interest; or
- Your permission (if applicable).
We process the data above for one or more of the following objectives (depending on the type of services and functionalities you make use of):
Clients and suppliers
The personal data of clients and suppliers is used by the IoT Safety Company for the following purposes:
- The targeted communication with clients as a result of requests, the confirmation of price agreements and the establishment of quotations;
- Commercial activities (mailings, etc.);
- The correct administrative processing of purchase and sales invoices.
The personal data processed by the IoT Safety Company is limited to the name, email address and possibly the cell phone number of the contact person linked to the client or supplier.
We regularly make photos and videos for marketing and communication purposes. We ask for your prior permission (in writing). The photos and/or videos can bed used for blog messages on our website, on Facebook, LinkedIn or to create advertencies. Without your express permission, no photos/videos will be taken of you or used in any way.
An applicant who reacts to a vacancy on the website will be asked to first study and to accept this Privacy Notification. Personal data mentioned on the Curriculum Vitae (CV) will be saved on the secure server, made accessible to the HR department and can only be shared with the department head responsible for the vacancy.
The personal data is kept for up to four weeks after the application procedure and then destroyed, unless as a result of the application a job contract with the IoT Safety Company is established. At the request of the IoT Safety Company, the applicant can agree to the preservation of the CV for future vacancies for a maximum period of one year.
DISCLOSURE TO THIRD PARTIES
The IoT Safety Company will not share the personal data that you have provided with third parties, unless required by law and allowed (for example by a court ruling or judgement). In such a situation, the IoT Safety Company is obligated to comply and therefore needs to provide the data.
In addition, personal data can be shared with third parties if you give us written permission, such as with:
- Subcontractors (for example data processors) who in view of their services provide or implement activities;
- Government agencies;
- Other business relations.
The IoT Safety Company makes use of processors (for example a cloud-provider) for the implementation of certain services. Within this framework, the IoT Safety Company provides personal data to the processor but only for the objective in question. The IoT Safety Company concludes a work contract with the processor and makes agreements on confidentiality and security measures. We also make an agreement on the destruction of your data once they are no longer needed.
No personal data will be provided to parties located outside the EU, unless allowed by the privacy law.
PROTECTION AND STORAGE
The IoT Safety Company has taken appropriate technical and organisational measures to protect your personal data against unlawful processing. Here follow some of these measures:
- The IoT Safety Company website on which among other things the registration of students take place is secured via “https”;
- The IoT Safety Company computers are secured via antivirus programmes and firewalls and the operating systems are up-to-date;
- Access to the computers is secured by passwords and monitors switch off in the absence of the user;
- Passwords are secure and regularly changed;
- The IoT Safety Company uses a registration protocol for data leaks.
The above-mentioned measures are detailed in our safety policy and documented in protocols when needed. The IoT Safety Company does not keep data any longer than necessary. This means that we keep the data as long as needed to deliver the service you required. The exception is the data that we are required by law to keep for longer as a matter of obligation.
PERSONAL DATA RIGHTS
You have the right to access, change or delete your personal data. In addition, you may object to the processing of your personal data (or part of it) by us or other processing parties. In terms of your digital data and if you so desire, you have the right to ask us to transfer the data you have provided to you or directly to another party. Please address your request to:
IoT Safety Company
3084 CB Rotterdam
Data Protection Officer: Brigitte Barth-de Brandt
Tel: 088-61 61 400
For an access request and to avoid abuse, we require a written application and an appropriate form of identification by sending a copy of a valid identification document. Do not forget to protect your BSN number and passport photo. You could for example use the “KopieID” app.
Should you wish to complain about the processing of your personal data, please contact us. If we do not come to an agreement, then it is your right to file your complaint with the Authority Data Protection Commission, the supervisory authority in the field of privacy.
PRIVACY NOTIFICATION AMENDMENTS
The IoT Safety Company may make amendments to this privacy notification from time to time. These amendments will be published on our website. We therefore advise regular consultation of this privacy notification to remain up to date.
IoT Safety Company
Version: 1 October 2020