B3Partners BV considers it important that your data is handled carefully and wants to ensure that the personal information you provide is treated confidentially. That is why this page explains what personal data is collected from you, for what purposes and what happens to it.
In short, this privacy statement means that your personal data:
- only be used for purposes that have been agreed with you;
- not shared with others, unless stated in this privacy statement;
- carefully secured.
Personal data are all data about an identified or identifiable natural person. Special legal requirements are attached to the processing of personal data. When we process personal data of users or customers, we comply with applicable laws and regulations, including the General Data Protection Regulation (hereinafter: "AVG").
Several purposes and roles
B3Partners processes personal data for different purposes and fulfills various roles. These roles are mentioned in the AVG, namely controller and processor. The controller is the person who determines the purpose and means for the processing of personal data. There are a large number of legal obligations for this. The processor processes the personal data only on behalf of another. Legal obligations also apply, but these are fewer. The reason for this is that in the last role the use of personal data is largely determined by the controller.
B3Partners as processor
B3Partners processes (personal) data of customers on the basis of individual processor agreements. These agreements comply with the AVG.
B3Partners as controler
Below, for the different types of services, we indicate which role B3Partners fulfills as controller, for which purposes personal data are used. For the implementation of the agreement:
- providing a service, including the needs and wishes of the customer to adjust a service;
To comply with a legal obligation:
- in the context of compliance with laws and regulations, for the handling of disputes and the execution of inspections, including financial;
Because we have a legitimate interest for this:
- the conclusion of the agreement;
- carrying out market research and compiling management information for product and service development, as well as for determining strategy;
- the provision of information, including for example sending a newsletter, user information, service message or other electronic message;
- directing an offer, for example by e-mail or by telephone;
- provide the customer with the opportunity to share information on a website
- to analyze, maintain, optimize and secure the use of a website, including the associated technology, also to prevent misuse and fraud. This includes analysis cookies from Google Analytics.
Processed personal data
In order to achieve these goals as controller, B3Partners can, among other things, process the following personal data:
- name and contact details of customer representatives. Contact details are mainly the business e-mail address and the contact person's telephone number;
- information that the customer's representative shares in connection with the preparation or execution of an agreement.
Information collected in connection with the use of the website, such as IP addresses and click behavior, is only stored anonymously.
We advise our customers to encrypt the connections. When personal data are transmitted encrypted via such a connection, they can no longer be read by third parties. As a result, the transport of encrypted information is also not regarded as the processing of personal data and all parties are able to achieve the aforementioned objectives while at the same time guaranteeing the security of data and privacy of data subjects.
Use of services
When you use the services of B3Partners BV you may be asked to provide your personal data. These data are then required to be able to deliver the service and are stored in the database of B3Partners BV in accordance with the legal obligation to retain data.
When you send an e-mail or other messages, they are included in the e-mail archives. Due to back-up procedures and legal retention, these messages can be stored for 7 years. Sometimes you are asked about your personal details that are relevant to the situation in question. This makes it possible to process your questions and answer your requests.
B3Partners does not provide your data to third parties, unless necessary for the execution of the service, a request or in general the proper execution of the purpose for which the personal data have been collected. In special circumstances, we make personal data of users or customers available to third parties without permission, for example in the case of a legitimate request from a competent authority.
We keep this personal data in principle as long as this is reasonably necessary for the aforementioned purposes and to comply with statutory and fiscal custody obligations.
In accordance with the obligations of the GDPR, we strive to maintain an adequate level of security in the processing of personal data, which, in view of the state of the art, is sufficient to prevent unauthorized access to, adaptation, disclosure or loss of personal data. The storage of our data takes place at Proserve. A Dutch data center which is certified according to ISO 9001, ISO 27001, NEN 7510. Our processing agreement with Proserve states that our data is stored in the Netherlands.
After a request for access to personal data, data may prove to be incorrect or incomplete. Incorrect or incomplete data can be corrected or supplemented by contacting B3Partners in the following ways. The user or customer can also request B3Partners to delete data. We will comply with a data erasure request if there is no legal obligation or other valid reasons, so that we must retain the data.
Requests for making use of these rights can be made via email@example.com or by post to B3Partners B.V. regarding Data Protection Officer, Zonnebaan 12C, 3542 EC Utrecht, The Netherlands, stating "personal data".
Data breach protocol
We take measures that relate to the prevention of data leaks. This includes digital and analogue security measures on our infrastructure, careful selection of processors, contractual agreements and the continuous training of employees. In addition, procedures are also in place for the steps that have to be taken during a data breach. This ensures that quick and effective action can be taken to limit the damage as much as possible. The highest priority after discovering a data leak is closing the leak. If we are the controller and we are legally obliged to do so, we will report to the Dutch Data Protection Authority, unless it is unlikely that the personal data breach poses a risk for those involved. If we are the controller and the data breach is likely to pose a high risk for the privacy of data subjects, we also inform those involved. In case we are a processor, we will inform the customer about the data breach so that the customer can comply with the legal obligations. We inform the customer both by telephone and by e-mail.
What is a cookie?
Use of permanent cookies
With the help of a permanent cookie we can recognize you at a new visit on our website. The website can therefore be specially tailored to your preferences. You can delete permanent cookies via the settings of your browser.
Through our website a cookie is placed from the American company Google, as part of the "Analytics" service. We use this service to track and get reports on how visitors use the website. The data is stored with this service for the duration of 14 months. Google may provide this information to third parties if Google is legally obliged to do so, or if third parties process the information on behalf of Google. We have no influence on this. We have not allowed Google to use the obtained analytics information for other Google services. The information that Google collects is anonymised as much as possible. Your IP address is emphatically not given. The information is transferred to and stored by Google on servers in the United States. Google states to adhere to the Privacy Shield principles and is affiliated with the Privacy Shield program of the US Department of Commerce. This means that there is an appropriate level of protection for the processing of any personal data.
Right to request access to and correction or deletion of your data
You have the right to request access to and correction or deletion of your data. See our contact page for this. To prevent misuse, we can ask you to adequately identify you. When it comes to access to personal data linked to a cookie, you must send a copy of the cookie in question. You can find these in the settings of your browser.
Switching on and off of cookies and removal thereof
More information about switching on and off and removing cookies can be found in the instructions and / or using the help function of your browser.
More information about cookies
On ICTRecht: "Achtergrond Cookiewet" (Dutch) you can find more information about cookies.
regarding the Data Protection Officer,
3542 EC Utrecht
Stating "personal data".
These contact details also apply to requests to exercise the rights of data subjects.
These Privacy Terms were last modified on June 19, 2018.