1. WHO WE ARE
The controller for the processing of your personal data is Vosbor Exchange B.V. References in this privacy notice (the Notice) to “Vosbor”, “we” or “us” are references to Vosbor Exchange B.V.
Piet Heinkade 55
1019 GM Amsterdam
Tel +31 20 217 0982
Fax +31 20 217 0981
Email [email protected]
People whose personal data are processed by Vosbor in the context of its provision and evaluation of its services are:
- Contact persons at our (potential) clients;
- Contact persons at our business relations;
- Contact persons at our referrers;
- Recipients of our communications, such as our newsletters and invitations to events organised by or in cooperation with Vosbor;
- Visitors to our website www.vosbor.com;
- People who contact us otherwise or whose personal data we process otherwise in the context of our service provision.
3. PERSONAL DATA WE PROCESS
We collect this information when you interact with us, for example when you communicate with our staff, complete our contact forms, sign up to receive information by e-mail or visit our website. We also collect or generate personal data in the course of providing our services.
The personal data we process in relation to you are:
- Personal data you have provided to us;
- Personal data that give insight into the use of our website or other electronic means of communication
- Personal data obtained from other sources.
Personal data provided by you:
- Contact details and other personal data. These include details such as your name and (details of) your identification documents (identification data), and other basic information;
- Contact details and other personal data filled in on contact forms or other web forms. The precise content of the data depends on the content of the contact forms and web forms;
- Contact details provided during initial meetings, events, seminars, etc. These may include details provided on business cards;
- Other personal data that are provided by you.
Personal data that give insight into the use of our website or other electronic means of communication. These could include data such as:
- IP address (unique number identifying your device when you connect with the internet), which we use to measure your interest in our website;
Personal data obtained from other sources:
- Personal data available on public professional social media platforms such as LinkedIn. These are names and contact details;
- Personal data obtained from the Trade Register of the Chamber of Commerce. This could include a Chamber of Commerce number and contact details; and
- Personal data available on public professional websites, such as company websites.
4. HOW WE USE YOUR PERSONAL DATA
You are generally under no obligation to disclose personal data to us, unless you have a contractual relationship with us which foresees such obligation. Yet, in order to conclude and perform a contract, we must collect and process the personal data which is necessary for such conclusion and for the fulfillment of the contractual and associated obligations as well as for the fulfillment of legal obligations. Moreover, when using a website, it is necessary to process log data and certain other data. Also in relation to communications between you and us, we must process at least the personal data that you provide to us or that we provide to you.
We may use your personal data for the following purposes. We use your personal data:
- To stay in contact with you and communicate with you. We feel it is important to contact you with information that is relevant for you. We combine and analyze the personal data available to us in order to be able to do so. Based on this, we determine what information and channels are relevant and which moments are most suitable for providing information or making contact. In conducting marketing campaigns, we do not process any special personal data or any confidential data;
- To provide, perform and improve our services to you and our customers, including personal data of others;
- Provided to us or collected by us on behalf of our clients, for example processing identification and background information as part of our on-boarding, finance, administration and marketing processes;
- To administer our relationship with you and with our customers;
- To invoice for services rendered;
- To promote our services, including by sending alerts, updates, event invitations etc.;
- To inform you about our services and products;
- To conduct client satisfaction surveys;
- To improve and secure our website;
- To prepare user statistics. The user statistics from the website enable us to get a picture of, among other things, the number of visitors, the duration of the visit, what parts of the website are viewed and the clicking behavior of visitors. These are generic reports without any information on individual persons. We use the information obtained to improve the website.
- To prepare analyses. To prepare analyses we use:
- Interaction data: Personal data obtained from contact between Vosbor and you. For example, on your use of our website or supporting applications. This also applies to offline interactions, including how often there is contact between Vosbor and you.
- Behavioral data:
- To comply with our legal, regulatory and risk management obligations, including performing audits, establishing, exercising or defending legal claims.
5. USE OF OUR WEBSITE AND E-MAILS
When you use our website, we automatically collect metadata about your browsing session such as your browser, the IP address of your computer, your internet service provider, the site from which you navigated to our website, the duration of your visit to our website and what type of device you are using (e.g. a computer, a smart phone or a tablet and the respective operating system). We also keep a record of the pages that you view during your visit. This information is used to improve the way in which our website operates, for statistical and systems administration purposes.
Our website uses Google Analytics, a service provided by Google, Inc. that tracks and reports on the manner in which our websites are used. Google Analytics does this by placing small text files called “cookies” on your computer or other device. Cookies collect information about the number of visitors to the websites, the pages visited and the time spent on the websites. Based on this information we receive analyses from Google. Google stores this information in the USA; however, your IP address is first shortened in the EU or the EEA. You can prevent the use of Google Analytics through a “Browser Add-on”, which you can install at https://tools.google.com/dlpage/gaoptout.
We may use your name and e-mail address(es) to send you alerts, updates, event invitations and other information by e-mail, but will ask for consent first unless we have obtained your contact details from you in the context of our services. If you receive marketing communications from us and no longer wish to do so, you may unsubscribe at any time by following the link included in these e-mails. Note that we use personal data to understand if you read our e-mails or click on links included in them.
6. ON WHAT BASIS WE USE YOUR PERSONAL INFORMATION
We process your personal data only when this is permitted on grounds of one of the legal bases cited in the General Data Protection Regulation (GDPR). We process personal data on the following legal grounds:
- The processing is necessary in order to establish a contract or in the run-up to the establishment of a contract;
- For legitimate interests. We may also process personal data if we have a legitimate interest and this does not breach your privacy disproportionately. For example, we use your contact details to invite you to seminars and events, for instance. We also have a legitimate interest if we use your personal data to contact you after you have approached us yourself. We do not always need permission to contact you. If we obtain your email address as a result of providing services, we can offer you similar services via direct marketing. In that case, we have a legitimate interest in offering you these services. This also includes, for example, the interest in customer care and communication with customers outside of a contract; in marketing activities; in getting to know our customers and other people better; in improving products and services and developing new ones; in combating fraud, and the prevention and investigation of offenses; in the protection of customers, employees and other persons and data, secrets and assets of Vosbor; in the guarantee of IT security, especially in connection with the use of websites, apps and other IT infrastructure; in the guarantee and organization of business operations, including the operation and further development of websites and other systems; in company management and development; in the sale or purchase of companies, parts of companies and other assets; and in the enforcement or defense of legal claims;
- Statutory obligations;
- Based on a consent, where such consent was obtained separately:
- We ask your consent for participation in a client satisfaction survey.
- If we have requested and obtained your consent to process your personal data, you have the right to withdraw such consent at any time. You can do this by contacting us ([email protected]).
Please see “How we process your personal data” above for additional details.
7. HOW DO WE OBTAIN YOUR PERSONAL DATA
We obtain other information if you actively provide it to us. For example, if you are or become our client or if you sign up for newsletters or events.
We also obtain information from third parties, such as personal data from the Trade Register of the Chamber of Commerce, or personal data available on public professional websites. We also obtain information from professional social media sources like LinkedIn.
8. WHO WE SHARE YOUR PERSONAL DATA WITH
Sometimes it is necessary to share your personal data with third parties. Depending on the circumstances of the case, this may be necessary. There are also statutory obligations which mean that personal data must be passed on to third parties.
We will share your personal data with trusted third parties including:
- Business management services (e.g. accounting or asset management);
- Consulting services, e.g. services of tax consultants, lawyers, management consultants, consultants in the field of personnel recruitment and placement;
- IT services, e.g. services in the areas of data storage (hosting), cloud services, sending e-mail newsletters, data analysis and refinement etc.;
- Credit and background check or debt collection agencies, e.g. if you are interested to become our client or if due receivables are not paid.
For the purposes set out in this Policy and where necessary, we may share personal data with courts, regulatory authorities, government agencies and law enforcement agencies. While it is unlikely, we may be required to disclose your information to comply with legal or regulatory requirements. For example, if a court order requires us to provide personal data to third parties, we must comply with that. We will use reasonable endeavors to notify you before we do this, unless we are legally restricted from doing so. Personal data may also be provided to third parties in the event of a reorganization or merger of our business or sale of (part of) our business.
If we look to use your personal data for a new purpose, beyond what it was originally provided for, we will ask for your explicit consent.
We may engage service providers (processors) for the processing of your personal data, who process personal data exclusively on our instructions. We conclude processing agreements with these processors which fulfill the requirements of the General Data Protection Regulation (GDPR). For example, we work with service providers who provide SaaS (software as a service) solutions or hosting services. There are also ICT service providers who help us keep our systems secure and stable. We also use third-party services to send newsletters and commercial emails.
9. COUNTRIES WE TRANSFER YOUR PERSONAL DATA TO
When your personal data is processed, your personal data may be shared with third parties. We may transfer your personal data to recipients abroad, including in countries that do not provide the same level of protection as EU/EEA law. Before we do so we will implement appropriate measures to protect your personal data, for example by requiring the recipient to agree to data processing agreements (if you would like to receive a copy of these agreements, please contact us at the address indicated above. These agreements are usually based on the EU standard clauses, which you may review here). We can transfer these data if this is necessary to perform the contract for the provision of our services. We may also transfer personal data with your explicit consent and in certain other situations as permitted by applicable law.
10. HOW WE RETAIN YOUR PERSONAL DATA
We retain your personal data for as long as it is necessary for the purposes for which the data is collected, and as long as we have a legitimate interest in keeping personal data, for example to enforce or defend claims or for archiving purposes and IT security. We also retain your personal data as long as it is subject to a legal retention obligation. We will delete your personal data if you have withdrawn your consent or have decided to opt out.
11. HOW WE PROTECT YOUR PERSONAL INFORMATION
We use various technical and organisational measures to help protect your personal data from unauthorised access, use, disclosure, alteration or destruction.
To ensure the security of your personal data, we have taken the following technical and organisational measures, among other things:
- Availability and continuity: We do our utmost to ensure optimal availability and continuity of our website and our systems.
- Physical security: Our building is secured by physical access control and camera security. Only people authorized to access our building may enter.
- Authorisations: The access to our systems is protected via role-based security.
- Monitoring of our systems: Our systems are constantly checked for suspicious behavior
- Threat protection: Various systems have been put in place to prevent unauthorized access and exchange of personal data.
- GDPR design: Every new system we consider adopting must be tested in advance for the principles of privacy by design and privacy by default.
- Data Protection Impact Assessments (DPIA): Before we put a new system into use, we will also subject that system to a data protection impact assessment, if required by law.
- Data Leaks: We have dedicated specialists to detect and report data leaks.
12. AUTOMATED INDIVIDUAL DECISION-MAKING
“Automated individual decision-making” means decisions made automatically, i.e. without relevant human influence, which have a negative legal effect or other similarly negative effects on you. We will inform you separately if we should use such automated decisions in individual cases as far as this is required by law.
13. YOUR RIGHTS
You are entitled to ask for details of the information we hold about you and how we process it and to receive a copy of your personal data. You may also have your data rectified or deleted, restrict our processing of that information, and object to the processing of your personal data. You have the right to have certain personal data relating to you erased and to have your personal data transferred to another party.
You may also choose to withdraw your consent. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or permitted by law.
For more information on the rights you can exercise on the basis of the privacy regulations, please see the website of the Dutch DPA. See this webpage for an overview of your rights under the privacy regulations. You may also lodge a complaint in relation to our processing of your personal data with a local supervisory authority.
Should you have a request regarding the processing of your personal data you may contact us via letter, email or telephone via the following contact details:
Vosbor Exchange B.V.
Piet Heinkade 55
1019 GM Amsterdam
Tel +31 20 217 0982
Fax +31 20 217 0981
Email [email protected]
We must ensure that your personal information is accurate and up to date. Therefore, please advise us of any changes to your information by contacting us at the address indicated above.
If you do not agree to this Notice, do not proceed to further web pages of the Vosbor Website.
Vosbor reserves the right to change this Policy at any time. The first line of this Notice above indicates when the Statement was last updated.
We make use of various types of cookies on our website www.vosbor.com.
1. WHAT ARE COOKIES?
Cookies are tiny (text) files that are placed on your computer, tablet, smartphone or other electronic device (hereinafter “computer”) when you visit a web page.
When a cookie is on your computer your computer can be recognised and information can be collected. This information might include: the IP address, data about surfing habits, such as first, next and current visit, the specific web pages you have visited, the manner in which the website is navigated, the device you use and your settings. For further information, also see the cookie tables.
Cookies are valid for a certain period after they are placed on a computer. After the period of validity lapses the cookie is removed by the browser.
The period of validity of certain cookies is just as long as the duration of the browser session, but there are cookies that are valid for longer, so that they can also be read during a following visit to our website.
2. COOKIES ON OUR WEBSITE
The following cookies are placed via our website:
- Functional (essential) cookies
- Analytical cookies
3. WHAT DO COOKIES DO?
Functional (essential) cookies
We use functional cookies. These are essential for the proper layout of and navigation of the website and for us to remember whether cookies have been allowed or refused. These are our own cookies, and can only be read out by duly authorized employees of Vosbor. The data we collect via these cookies are not shared with third parties, except where there is a legal obligation for us to do so.
Because functional cookies are essential for using the website, they may be placed without consent.
Analytical cookies record how visitors use our website. This information allows us to analyse the use of our website and generate anonymous user statistics and reports. We use this knowledge to improve our marketing activities and also the quality, effectivity and user-friendliness of our website.
To do this we use the Google Analytics service. As the provider of this service, Google Inc. (Google) places analytical cookies via our website.
In line with the manual of the Dutch Data Protection Agency (Autoriteit Persoonsgegevens), we have set the Google Analytics cookies to ‘privacy friendly’. This means that your IP address is partly masked and the option for sharing data is disabled. This way these cookies only have a slight impact on your privacy, and they can therefore be placed without consent.
Allowing, refusing and removing cookies
Moreover, you can manage your cookies by means of your browser settings. You can set the settings in your browser in such a way that no cookies are stored, that you can allow or refuse every cookie, or that all cookies are removed when you close your browser. You will find a useful step-by-step plan for managing cookies on the website of the consumers’ association Consumentenbond.
Cookies are placed on every computer with which you visit websites. If you wish not to receive any cookies whatsoever anymore, you must change the settings on all the computers you use. Please note: if you refuse or remove cookies this could also have an effect on the functional cookies. It could limit your possibilities for using our website or components of our website
The website www.vosbor.com is managed by Vosbor Exchange B.V. You can contact us at:
Piet Heinkade 55
1019 GM Amsterdam
Tel +31 20 217 0982
Fax +31 20 217 0981
Email [email protected]