Privacy Policy

1. General

These Privacy Policy conditions apply:

     1.1   Terms and conditions: These Terms and Conditions, which are fully applicable to any

            agreement between The Editor and the Client of which these Terms and Conditions are an

            integral part.

     1.2   The Editor: the partnership Daamen & van Sluis Accountants Tax Advisors, registered in

            Rotterdam and offices at Fascinatio Boulevard 722, 2909 VA Capelle aan den IJssel and all

            at Daamen & van Sluis Accountant Tax Advisors affiliated entities, also the Contractor,

            hereafter called D&vS.

     1.3   Information: The personal data is as described in Annex 1.

     1.4   Client: the actual person or legal entity that has instructed the Contractor to perform work

             and is also accountable for the work performed.

     1.5  Contractor: the partnership Daamen & van Sluis Accountant Tax registered office in

             Rotterdam and offices at Fascinatio Boulevard 722, 2909 VA Capelle aan den IJssel.

     1.6   Agreement: any agreement between Client and Contractor to perform Work by Contractor

             for the Client, should be as specified in the order confirmation.

     1.7    Responsibility: the Client who is an actual person or legal entity to the Contractor, also The

             Firm, has commissioned the Contractor or The Firm to perform work.

     1.8   Work: all work for which an order has been given or carried out by the Contractor or

             Subcontractor. This applies in the broadest sense of the word and in any event comprises

             the work as specified in the order confirmation.

 

2. Applicability Privacy Policy

     2.1   This Privacy Policy applies to all data in the context of the implementation of the agreement

             with the Client collected by D&vS for the Client, as well as all activities resulting in the

             gathering of data also in the context of the implementation of the agreement.

     2.2   The responsible has the responsibility for processing the data as described in Annex 1.

     2.3   In the implementation of the agreement is D&vS responsible for processing certain

             personal data.

     2.4   These privacy requirements are in accordance with Article 14 of the Data Protection Act, in

             which the rights and obligations with regard to the processing of personal data is regulated

             in writing and where security is a priority.

     2.5   These Privacy Policy terms are part of the terms and conditions of D&vS and make part of

             any future agreements between all parties.

 

3. Scope Privacy Policy

     3.1   By giving the Contractor an order to perform work the Client is instructing D&vS to process

             data on behalf of the client in the manner specified in Annex 1 in accordance with the terms

             of this Privacy Policy.

     3.2   D&vS process the data in accordance with this Privacy Policy, as mentioned in Annex 1.

             D&vS confirm not to process the data for other purposes.

     3.3   D&vS has no responsibility, regarding control over data.

     3.4   The persons responsible may give additional written instructions to D&vS because of

             adjustments or changes to the applicable regulations in the field of personal data

             protection.

     3.5   D&vS only processes data in the European Economic Area.

 

4. Obligations responsible party

     4.1   The responsible party is obligated to take the necessary measures to ensure that personal

             data always have regard to the purposes for which they were collected or further

             processed and are accurate when provided to D&vS.

 

5. Confidentiality

     5.1   D&vS and the persons employed by D&vS that perform or that carry out work for D&vS, to

             the extent that these persons have access to personal data, process the data only on

             behalf of D&vS, subject to different legal obligations.

     5.2   D&vS and persons employed by D&vS that perform or carry out work D&vS, where these

             persons have access to personal data are required to maintain the confidentiality of the

             personal data of which they acquire knowledge, except where any statutory regulation

             body requires them to communicate.

 

6. Sharing of information

     6.1   D&vS will not share information with or supply information to third parties, unless D&vS has

             received prior written consent or instructions required on the basis of statutory regulations.

             If D&vS on the basis of statutory regulations is obliged to share the data with or provide to

             third parties, then D&vS will inform the client in writing, unless this is not permitted under

             the said regulations.

 

7. Security measures

     7.1   D&vS will - taking into consideration the applicable regulations in the field of the protection

             of data, level of technology and the cost of operation - insure that all technical and

             organizational security measures are taken to protect your data against loss or against any

             form of unlawful processing. At the moment the security measures that are in place, can

            be obtained through D&vS.

     7.2   D&vS takes measures aiming at preventing unnecessary collection and further processing

             of personal data.

 

8. Monitoring compliance

     8.1   Once per calendar year D&vS allows the client after giving notice of a reasonable period, to

             verify compliance with D&vS privacy conditions and in particular the security measures that

             have been taken as referred to in Article 7.

     8.2   D&vS is required (mentioned in the context of control in paragraph 1) to provide an

             overview of the data being processed.

     8.3   Once a year D&vS issues a report at the request of the client to the client in which D&vS

             informs about the state of security as defined in Article 7.

     8.4   The responsible persons and D&vS together may decide to take extra security measures

             after studying the report mentioned in Article 8.3

 

9. Data leak

     9.1   As soon as D&vS becomes aware of an incident or data breach that relates to or may relate

             to the clients data, D&vS will inform the client through the D&vS known contact information

             and will provide the known information on the nature of the incident or data breach, the

             affected data, the established and expected impact of the incident or data breach to the

             data and the measures D&vS has taken and will take.

     9.2   D&vS will support the client when reporting to stakeholders and / or authorities.

 

10. Third parties

     10.1   If D&vS under the agreement may delegate duties to a third party then the third party

              must adhere to the Privacy Policy. D&vS will issue the third party with an additional

              agreement regarding the responsibilities and obligations of the sub-editor if necessary.

 

11.  Liability

     11.1   D&vS is only liable, in accordance with the provisions of Article 49 Data Protection Act,

              which stipulates, for damage or injury to the extent caused by their activity. D&vS is liable

              only for damages that are attributable to them in connection with their activities in

              accordance with this privacy policy and / or non-fulfilment of obligations by D&vS under

              this Privacy Policy.

 

12.  Duration and Termination

     12.1   These privacy conditions are valid as long as D&vS has the permission of the client to

              process data under the agreement between the client and D&vS. And only as long as

              D&vS carry out the work for the persons responsible these privacy conditions shall apply.

     12.2   If D&vS is under a legal obligation to retain certain data and / or documents, computer

              disks or other media on which or in which the data must be retained for a statutory period,

              D&vS will arrange for the destruction of such information or documents, computer disks or

              other media within 4 weeks after completion of any legal holds.

     12.3   Upon termination of the agreement between the client and D&vS, the client can make a

              request for all documents, computer disks and other data carriers, to be returned to the

              client. All costs incurred are for the client. When returning data D&vS will provide the data

              in the form as kept by D&vS.

     12.4   Without prejudice to the provisions for the rest of article 12, after termination of the

              agreement D&vS does not use or keep files.

 

13. Nullity

     13.1    If one or more provisions of this Privacy Policy are or become invalid, the remaining

               conditions remain fully applicable. If any provision of this Privacy Policy is not valid, the

               parties will negotiate the contents of a new provision, which provides that the content of

               the original provision will be rewritten as closely as possible to the original.

 

14.  Toepasselijk recht en forumkeuze

     14.1   Dutch law governs this privacy statement.

     14.2   Any disputes in connection with the Privacy Policy or its implementation should be

              submitted to the court at the District Court of Rotterdam.

 

 

Capelle aan den IJssel, October 1, 2016

 

 

ANNEX 1

DATA AND PURPOSES

 

DATA AND PURPOSES

 

The client allows D&vS to process the data noted below by D&vS under contract, including but not limited to personnel administration, payroll, financial reporting:

 

(1)     Name (initials, surname)

(2)     Telephone

(3)     E-mail

(4)     Date of birth

(5)     Location

(6)     Data ID-proof (in connection with the Wwft)

(7)     Financial data, both business and private

(8)     Contact details and BSN staff in charge

 

The activities for which the above data may be processed is only if necessary or only when:

 

(1)     The work should be regarded as the primary service, under whose authority has issued a

         contract to D&vS;

(2)     Maintenance, including updates and releases, is by D&vS or a third party to a system made

         available by the client;

(3)     The data and technical management, also by a third party;

(4)     hosting, also by a third party.