Version 1, November 7 2020
EZ Privacy processes personal data in a careful and confidential manner in accordance with the General Data Protection Regulation (GDPR).
1 Processing of personal data
EZ Privacy only collects personal data insofar as necessary for the execution of its business purposes, which are GDPR implementation projects and privacy consulting services.
EZ Privacy processes personal data regarding contacts at organisations, which can include financial data.
EZ Privacy can use the personal data to send messages or to contact persons regarding GDPR developments or EZ Privacy. You can always unsubscribe from messages or indicate that you no longer want to maintain contact.
EZ Privacy can share personal data with other parties such as service providers and accountants. Where possible, EZ Privacy stores personal data within the European Economic Area.
2 Retention period
EZ Privacy processes customer personal data up to two years after the last project, after which only the financial administrative data is retained for the legally required period of seven years.
Potential client data is stored only for as long as EZ Privacy deems it relevant or until the potential client has indicated that it is no longer interested and would like the data to be deleted.
EZ Privacy takes appropriate technical and organisational measures in order to protect your personal data against unauthorised processing, including the following:
- Our employees understand the importance of protecting personal data;
- We have a user name and password policy on all of our systems;
- Only employees who require personal information for the execution of their work will have access to the relevant information;
- All persons who obtain knowledge of your personal data on behalf of EZ Privacy are obligated to maintain strict confidentiality;
- We ensure that personal data is encrypted as necessary;
- We make backups of the personal data in order to be able to recover it in the event of incidents;
- We restrict the use of physical documents with personal data;
- We evaluate our measures on a regular basis.
4 Your rights
You are entitled to request a review, correction or deletion of your personal data.
You can also object to the processing of your personal data, or part of it, by EZ Privacy or one of our processors.
We can require that you provide proof of identity before we can process aforementioned requests.
When we process your personal data on the basis of your consent, then you are always entitled to withdraw that consent.
If you have a complaint regarding the processing of your personal data, then we request that you contact us so we can resolve the issue together.
You are always entitled to submit a complaint to the Autoriteit Persoonsgegevens (Data Protection Authority), which supervises the protection of privacy in the Netherlands. Information regarding the submission of a complaint is located on www.autoriteitpersoonsgegevens.nl.