Privacy Policy
Article 1. General terms and definitions
1.1 Unless expressly stated otherwise below, terms in these regulations are used with the meaning assigned to them by the General Data Protection Regulation (GDPR).
1.2 Personal data: Any information relating to an identified or identifiable natural person.
1.3 Processing of personal data: Any operation or set of operations performed on personal data, including in any case the collection, recording, organisation, storage, updating, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of making available, alignment, combination, as well as the blocking, erasure and destruction of data.
1.4 Controller: The natural person, legal entity, any other party or the administrative body that, alone or together with others, determines the purpose of and the means for processing personal data.
1.5 Processor: The party that processes personal data on behalf of the controller, without being subject to its direct authority.
1.6 User: The party authorised to process personal data under the direct authority of the controller or processor.
1.7 Data subject: The person to whom a personal data item relates.
1.8 Client: The natural person or legal entity that has instructed Bart Landstra to provide services.
1.9 Third parties: Anyone other than the data subject, the controller, the processor or the user.
1.10 Consent of the data subject: Any freely given, specific and informed indication of wishes by which the data subject accepts that personal data relating to them are processed.
Article 2. Scope
2.1 These regulations apply to the wholly or partly automated processing of personal data, as well as the non-automated processing of personal data that are included in a file or are intended to be included in one by Bart Landstra.
Article 3. Purpose of the processing
3.1 Bart Landstra processes personal data for the following purposes:
- Communication with participants about the agreed courses;
- Accountability and reporting to clients;
- Compliance with legal obligations (tax and social security legislation).
3.2 Personal data are not processed in a manner incompatible with the purposes for which they were obtained.
Article 4. Data processed
4.1 As part of the processing, the following categories of personal data may be processed:
- General personal data (name, address, email address, phone number);
- Nationality, place of birth and identification data;
- Education, work and language proficiency information;
- Personal circumstances, insofar as relevant and provided by the data subject.
Article 5. Processing of personal data
5.1 The controller is responsible for the correct handling of the processing of personal data and for compliance with these regulations.
5.2 The controller ensures the accuracy, completeness and security of the data against loss, damage or unauthorised access.
5.3 Processing takes place only insofar as necessary for the performance of an agreement or for compliance with legal obligations.
5.4 Data on ethnicity and health are processed only with the explicit consent of the data subject.
Article 6. Access to the personal data
6.1 Only staff with a job-related need have access to personal data.
6.2 All staff with access to personal data are bound by confidentiality.
6.3 Third parties engaged who have access to the data are bound by a duty of confidentiality.
Article 7. Security of the personal data
7.1 Bart Landstra takes appropriate technical and organisational measures to secure personal data against loss or any form of unlawful processing.
Article 8. Disclosure of personal data
8.1 Unless a legal obligation or court order gives cause to do so, personal data are not disclosed to third parties without the consent of the data subject.
Article 9. Access to recorded data
9.1 Data subjects have the right, upon written request, to access and receive copies of their personal data.
9.2 Requests are handled within four weeks.
9.3 Access is granted only to the data subject or their authorised representative, after proper identification.
9.4 The controller may refuse access to protect the rights of third parties or to prevent criminal offences.
9.5 Costs for copies are in accordance with statutory rules.
Article 10. Supplementation, correction or erasure
10.1 Data subjects may request that their data be supplemented.
10.2 Incorrect, incomplete or irrelevant data can, upon written request, be corrected, supplemented, erased or blocked.
10.3 The controller decides within four weeks and notifies the data subject in writing.
10.4 Erasure does not apply where statutory retention obligations exist.
10.5 Approved changes are implemented as soon as possible.
10.6 At the data subject's request, a note of erasure is recorded.
Article 11. Right to object
11.1 Explicit consent is required for direct marketing communication. Data subjects may object at any time and free of charge.
11.2 Upon receipt of an objection, the controller immediately stops the processing concerned.
Article 12. Retention periods
12.1 Personal data are not kept longer than necessary for the established purposes.
12.2 Unless otherwise determined, the retention period ends two years after the last contact.
12.3 After an assignment ends, identifiable personal data are erased two years after the assignment; legally required data are kept for ten years in non-identifiable form.
Article 13. Website analytics
13.1 This website uses Google Analytics 4 for website statistics. Analytical cookies are placed on your device (including _ga and _gid). No personal data such as name or email address are stored.
13.2 Google Analytics records anonymised visitor data, such as page path, session duration and device type. IP addresses are not stored in full.
13.3 The processing takes place on the basis of legitimate interest (Article 6(1)(f) GDPR) for keeping anonymous visitor statistics. No advertising or profiling cookies are used.
Article 14. Complaints
14.1 Data subjects who believe that these regulations are not being complied with can contact the controller.
14.2 The controller handles complaints in accordance with the applicable complaints procedure.
Contact
Questions about this privacy policy? bart@geweldlozecommunicatietraining.nl · Kanaalpark 157, 2321 JW Leiden · 06-44345779
