Customer Data Protection Directive

 

Goal of this directive

For whom?
This directive applies to all employees of Precedence BV. The directive is not about data of applicants and employees.

Privacy is comprehensive theme. As employee you often (unconsciously) have to deal with privacy-sensitive data. It is impossible to make a check list in the field of privacy, that answers to all possible questions and situations from praxis. Often you can’t indicate exactly what is and what isn’t allowed. There is a grey area. Basic assumptions in recording data are that you do it professionally and only if the data is necessary for the relationship with the customer.

What are personal data?
Personal data is information you can trace back to a natural persons, such as name, address, residence, date of birth and citizen service number.

What does ‘processing’ mean?
Processing includes all actions you perform with personal data, such as inspection, copying, storing, forwarding, adjusting, archiving, deleting or recording data.

Whose personal data is recorded and what data is recorded?

  • Contact persons of business relationships of Precedence BV
    • Names of contact persons including position, phone number and e-mail address
    • Notes on projects, quotations, conversations and meetings with contact persons of business relationships.
  • Prospects of Precedence BV
    • Names of contact persons including position, phone number and e-mail address (as far as known)

The data of contact persons of business relationships is recorded in encrypted files in Dropbox (customers), in Hubsport (customers and prospects) and in the personal contacts of employees of Precedence (as far as relevant for the execution of their work assignment and/or in a start-up or current sales- or order process).

Precedence explicitly doesn’t process data of customers of clients within the Precedence environment. If customer data of a client has to be processed in the context of an order, it is consciously done in the physical AND online environment of the client (for example in the office of the client and on a device provided by the client.

Security of personal data of contact persons of business relationships and prospects
The personal data of contact persons of business relationships and prospects is exclusively used and stored for the benefit of business relationships. Precedence doesn’t send newsletters and/or unsolicited information to customers and prospects. The contact data is exclusively used to maintain the contacts in the business relationship.

How long will this information be retained?
The data is retained for as long as required from the point of view of the business relationship.

Right of inspection
Contact persons of business relationships have right of inspection in the personal data that Precedence BV has recorded. It means, that they may ask what personal data is recorded, where and how, without reason given. If a person wants to inspect his/her data, Precedence BV will clearly inform him/her:

  • What data have been recorded;
  • The purpose of using this data;
  • To whom Precedence BV has passed on this data;
  • The origin of the data

Scope of right of inspection
You may only inspect your own data. Contact persons of business relationships have no right to view information about others.

Data breach
Precedence does it utmost to secure the safety of the contact data of business relationships. In case of a data breach, the process ‘Handle Privacy Notification’ is applied and all necessary steps are followed. After discovery, the data breach will be investigated within 24 hours. Based on the outcome of the investigation, Precedence will personally inform people who have been or are affected by the data breach.

Application inspection
If a contact person of a business relationship wants to view and/or adapt his/her own data, he/she can submit a request, by sending an e-mail to info@precedence.nl. Precedence will react within 5 days. After verification Precedence usually provides the information within max. two working weeks. Changes or deletion of information only occur if it is in accordance with the legal rules.

Customer Data Protection Directive_May 2018

Maastricht, 23rd May 2018, version 1.0