- past, present and prospective:
- representatives or contact persons of our customers;
- one-person suppliers or contact persons acting on behalf of our suppliers and service providers.
- visitors of our websites, portal.emsere.com and emsere.com.
2. The types of personal data we process
Personal data refers to any information that identifies or can be linked to a natural person. Personal data we process about you includes:
- Identification data: your name, email address, telephone number;
- Online behaviour and preferences data: IP address of your mobile device or computer and the pages visited on our websites.
3. On what legal ground do we process your personal data?
Obviously, we may not request or use your personal data without good reason. We are allowed to do this only if the processing of personal data is based on one of the ‘grounds’ permitted by law. This means that we may only use your personal data for one or more of the following reasons:
We need your personal data for concluding and performing a contract you have entered into with us in your own name or as a representative of a company.
- Legal obligation
The law may lay down rules that we have to comply with and which would involve processing your personal data (example, employment and tax legislation).
- Our legitimate interest
We also have the right to use your personal data if we have a legitimate interest in doing so. In that case, we must be able to demonstrate that our interest in using your personal data outweighs your right to data protection. Here are a few examples of when this might happen:
- We may keep you up-to-date on product changes and send you tips, offers and other relevant news;
- We aim at organising ourselves efficiently and so make use of other service providers.
4. What we do with your personal data
Processing means every activity that can be carried out in connection with personal data such as collecting, recording, storing, adjusting, organising, using, disclosing, transferring or deleting it. We use your personal data to help make our services as effective, reliable and efficient as possible. We only use your personal data for business purposes such as:
- Contract. If you are a representative of a corporate customer, we may use your personal data to enter into an agreement with the customer, and to contact the customer when needed. If you are a sole person entity, we will process your personal information in order to enter into an agreement with you;
- Research. We study possible trends, problems, root causes of errors and risks to check, for instance, whether company processes have been followed and to ensure improved quality of service;
- Relationship management and marketing. We may ask you to give us feedback on our services. We may send newsletters regarding new and existing services offered by EMSERE. You may opt out of any communication at any time;
- Compliance with legal obligations to which we are subject. We process personal data to comply with a range of legal obligations and statutory requirements (for example, employment and tax legislation).
5. Who we share your data with and why
To offer you the best possible services and remain competitive in our business, we share certain data internally within EMSERE and externally with third parties.
- EMSERE entities
We transfer data across EMSERE businesses for various purposes. We may do this for internal administrative purposes, to improve our services to you, or because we are required to do so by law.
- Government, Supervisory and Judicial authorities
To comply with our regulatory obligations we may disclose data to the relevant government, supervisory and judicial authorities.
- Financial institutions
To process certain payments, we may have to share information about you with our banks.
- Service providers
When we use other service providers to carry out certain activities in the normal course of business, we may have to share personal data required for a particular task. We carefully select these service providers and clearly agree with them on how they are to handle your personal data. We remain responsible for your personal data. Sometimes we engage other parties that also provide services, such as lawyers or auditors. These parties bear their own responsibility for their use of your personal data.
6. Your personal data outside Europe
Your personal data is processed outside Europe too. Additional rules apply in that case. This is because not all countries have the same strict data protection rules as we do in Europe. Emsere has a system of contracts, rules and tools, in an effort to ensure effective levels of data protection.
- Sharing personal data within our group
We may share your personal data outside Europe within our group. If you require further information on this, please contact us on firstname.lastname@example.org.
- Sharing personal data with other service providers
We may occasionally share your personal data with other companies or organisations outside Europe, for instance in the context of an outsourcing agreement.If you require further information on this please contact us on email@example.com.
7. How do we determine the period for which your personal data is stored?
We keep personal data for as long as is necessary to achieve the purposes for which it has been collected. The General Data Protection Regulation does not stipulate specific storage periods for personal data. Other legislation may specify minimum storage periods, however, which we must comply with. Such legislation includes the general requirement for businesses to keep records, as set out in the Dutch Civil Code and tax laws.
Client data may be kept longer for various reasons, such as for risk management purposes, for security reasons or so that claims, investigations or legal proceedings can be handled properly.
When you visit our websites, your data is collected and stored using cookies.
Necessary, marketing and statistics cookies are used on emsere.com and portal.emsere.com and only necessary cookies are used on centrix.emsere.com.
- Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the site. The website cannot function properly without these cookies;
- Statistics cookies help us to understand how visitors interact with our websites and allows us to improve our websites;
- We use Google Analytics to track website statistics. Google sets additional cookies to track users across websites, and that tracking may be used for controlling adverts on a website. However, we do not make use of this feature on our own website.
You do not have to accept cookies, but if you opt to turn off or delete cookies generated via our websites, it may not perform as it has been designed to, possibly reducing the functionality on our websites, the options available to you, as well as the performance of our websites during your visit. All modern browsers allow you to change your cookie settings. These settings will typically be found in the ‘options’ or ‘preferences’ menu of your browser.
9. Your rights and how we respect them
If your personal data is processed, you have privacy rights. If you have questions about which rights apply to you, please get in touch with us through the email address under the heading “Contact and questions” below.
- Right to access information
You have the right to ask us for an overview of your personal data that we process.
- Right to rectification
If your personal data is incorrect, you have the right ask us to rectify it. If we shared data about you with a third party and that data is later corrected, we will also notify that party accordingly.
- Right to object to processing
You can object to us using your personal data for our own legitimate interests if you have a justifiable reason. We will consider your objection and whether processing your information has any undue impact on you that would require us to stop processing your personal data.
You may not object to us processing your personal data if:
- We are legally required to do so; or
- It is necessary to fulfil a contract with you.
- Right to restrict processing
You have the right to ask us to restrict using your personal data on a temporary basis if:
- You believe the personal data is inaccurate;
- We are processing the data unlawfully;
- We no longer need the data, but you want us to keep it for use in a legal claim; or
- You have objected to us processing your data for our own legitimate interests.
- Right to data portability
You have the right to ask us to transfer your personal data directly to you or to another company. This applies to personal data we process by automated means and with your consent or on the basis of a contract with you. Where technically feasible, and based on applicable local law, we will transfer your personal data.
- Right to erasure
We are legally obliged to keep your personal data. You may ask us to erase your online personal data and right to be forgotten would be applicable if:
- We no longer need it for its original purpose;
- You withdraw your consent for processing it;
- You object to us processing your data for our own legitimate interests or for personalised commercial messages;
- We unlawfully process your personal data; or
- A local law requires us to erase your personal data.
- Right to complain
Should you be unsatisfied with the way we have responded to your concerns, you have the right to submit a complaint to us at the email address under the heading “Contact and questions” below. You also have the right to file your complaint with the Dutch Data Protection Authority, https://autoriteitpersoonsgegevens.nl.
10. Exercising your rights
When exercising your right, the more specific you are with your application, the better we can assist you with your question. We may ask you for a copy of your ID, or additional information to verify your identity. In some cases we may deny your request and, if permitted by law, we will notify you of the reason for denial. If permitted by law, we may charge a reasonable fee for processing your request.
We want to address your request as quickly as possible. However, based on your location and applicable laws, the response times may vary. Should we require more time (than what is normally permitted by law) to complete your request, we will notify you immediately and provide reasons for the delay.
11. How we protect your personal data
To ensure the security and confidentiality of the personal data that we collect, we take appropriate technical and organisational measures (we use data networks protected by, inter alia, industry standard firewall and password protection; we take measures reasonably designed to protect that information from loss, misuse, unauthorized access, disclosure, alteration or destruction).
In addition, our employees are subject to confidentiality obligations and may not disclose your personal data unlawfully or unnecessarily. To help us continue to protect your personal data, you should always contact us if you suspect that your personal data may have been compromised.
13. Contact and questions