Our email address is:
We deem the careful handling of personal data to be of the utmost importance. Because of this, we will always carefully process and secure personal data. During processing personal data we adhere to the requirements set forth in the General Data Protection Regulation (GDPR). In this policy we explain which personal data we gather and use, and with what intent. We advise you to carefully read this policy.
As part of the GDPR you have the following rights:
- The right of access to, and rectification or removal of, your personal data, as well as the right to object to (further) processing of your data.
- The right to retrieve your data and/or transfer it.
- In the case the processing of personal data is based on consent, you have the right to withdraw this consent at all times.
- You have the right to file a complaint with the Dutch Data Protection Authority (Dutch DPA) regarding our processing of your personal data.
When you use our website, you provide us with certain data. This data may include personal data. We only process personal data that was directly given to us by you, or of which it is clear that it is provided to us to process.
We strive to secure our website against misuse and unauthorized access to personal data. One of way of doing that is by using SSL secured connections. It is your responsibility to secure the devices you use to visit and use our website, for example by using adequate antivirus software.
If you subscribe to our newsletter and we request data for that purpose, we will only use that data to send you our newsletter by e-mail. You may unsubscribe from the newsletter at any time by using the unsubscribe link in the newsletter. As soon as you unsubscribe we will immediately remove any personal data which are or were related to the newsletter. The legal basis for processing the personal data is consent. In case you are a user of the C-Facts platform, we send you e-mails regarding our products and services without consent, provided that you can always unsubscribe. The legal basis in that case is legitimate interest.
In addition to this we process your data for statistical purposes. This way we can obtain generic insights, such as insights into demographics.
We also gather your personal data in order to build a profile. We do this based on, for example, the links you click in the newsletter, your preferred reading device or when you read the newsletter. The legal basis for building a profile in that case is the representation of a legitimate interest: the ability to provide better content for you. We will not process more personal data than necessary for this purpose and your interests, fundamental rights and freedoms will not be violated. In the event that you unsubscribe from the newsletter, your possible profile will also be deleted.
If you want to ask a question or contact us you can use the contact form provided on our website. The data that you provide to us through this contact form will be used exclusively for the purpose of responding to your inquiry or comment. After responding to your request your personal data will be removed. The legal basis for processing personal data in that case is the representation of a legitimate interest: answering your inquiry or comment. We will not process more personal data than necessary for this purpose and your interests, fundamental rights and freedoms will not be violated.
We may make use of the services of third parties to process personal data. These third parties will be referred to as “processors”. These processors will always operate under the responsibility of us and may never use any personal data for their own purposes. We have entered into data processing agreements with these third parties. It concerns our hosting provider and suppliers of online tools. We use these online tools to, for example, send the newsletter.
Personal data may be processed outside of the E.U. or E.E.A. In this case it would usually be to the United States of America. We ensure that the third parties processing your personal data relies on the EU model contracts for processing.
Websites or services of third parties
This policy is not applicable for third-party websites or services that are associated with our website through links or other methods. We cannot guarantee that these third parties will process your personal data in a secure or reliable manner. We urge you to read the privacy policies or other (General) Terms & Conditions for these third-party websites or services, before making use of these websites or services.
Personal data we process
We always process the following personal data (as processor):
- desired salutation;
- your first name and last name;
- and your user name and password.
We got this personal data from you or your employer. We process / store this information as long as you have an account.
In case you are the main user, we additionally process (as controller):
- your company name;
- administrative contact (which includes the personal data as set out above);
- your phone number
- your VAT number;
- your (invoice) e-mail address
- information regarding payment(s) / invoices.
Due to tax rules and regulations, we process / store this information for seven years after you terminated the contract between your company and C-Facts.
For the rest we do not process any other personal data other than technical information which is necessary for the functioning of the C-Facts platform, such as IP addresses which are logged in the webserver(s) logs, which are used for serving users the functionality of the C-Facts platform. The logs are periodically rotated and eventually removed.
Purpose and legal grounds
We process your personal data to execute the agreement. The legal ground to process your personal data for us is therefore the execution of an agreement.
We strive to secure our platform against misuse and unauthorized access to personal data. One of way of doing that is by using SSL secured connections. It is your responsibility to secure the devices you use to access the functionality of the C-Facts platform, such as mobile phone or tablet, for example by using adequate antivirus software.
We may make use of the services of third parties to process personal data. These third parties will be referred to as “processors”, for example: our hosting provider. These processors will always operate under the responsibility of us and may never use any personal data for their own purposes. We have entered into data processing agreements with these third parties.