ABOUT THIS PRIVACY STATEMENT

In order to provide you with a good service and to carry out our work as efficiently and effectively as possible, TEKEN EN ADVIESBUREAU STAR (TABSTAR) processes your personal data.

TABSTAR considers a careful handling of your personal data of great importance. You can count on your data being safe with TABSTAR and that we comply with the applicable legal rules.

We have described in this Privacy Statement how we handle your personal data. In this Privacy Statement you can read which personal data we process, for what purposes, who can view your data, how we store your data, to whom we pass on your data and what influence you can exercise yourself.

TABSTAR can adjust this Privacy Statement. The last change was at 18 February 2019. You can always find the most recent version on our website at www.tabstar.nl.

Do you have questions or comments about our Privacy Statement? Then please contact us.

CONTACT DETAILS

As TABSTAR we are responsible for the processing of your personal data. If you wish to contact us, you can do this by contacting:

Wim Star

Capelseweg 3

2907 XA Capelle aan den IJssel

010 – 461 23 93

info@tabstar.nl

WHAT ARE PERSONAL DATA?

Personal data are all data that can be traced to a natural person and that is you. With personal data you can think of: your name, address, date of birth, telephone number, e-mail address, CV.

We receive this type of data from you if, for example, you fill out a contact form on the website, send a letter or e-mail or enter into an agreement with us. Even when you visit the TABSTAR website, you also provide us with personal data in some cases. For example in the form of an IP address or a cookie.

The moment your personal data is shared with TABSTAR by yourself or by a third party, we process it. The meaning of the term processing is broad and includes, among other things: collecting, storing, consulting, removing, using and providing data to third parties. But the deletion or destruction of data also falls under the term ‘processing’.

TABSTAR PROCESSES PERSONAL DATA FROM THE FOLLOWING:

We can process personal data of all persons with whom we have contact or who visit our website, which we call stakeholders. This is in particular data from:

–           Visitors

–           Customers

–           Employees

According to the applicable legislation, TABSTAR is obliged to inform those who are involved in this. You can therefore always read and consult this Privacy Statement via our website https://www.tabstar.nl. Relevant documents, such as assignment and employment contracts, will also refer to this Privacy Statement.

BASIS AND PURPOSE FOR PROCESSING YOUR PERSONAL DATA?

The table below indicates per group of data subjects and per personal data on the basis of which TABSTAR processes the personal data and what purpose TABSTAR has for that purpose.

INVOLVEDPERSONAL DATABASISTARGET
EmployeesName, birth data,
(mobile) telephone number, nationality, E-mail address,CV, bank account number
Labor contractTo enter into and maintain an employee / employer relationship (employment contract) with a financial, personnel, time, absenteeism and / or salary administration for this
EmployeesCopy of identification with fiscal numberLegal obligationThe employer is obliged to verify the identity of a new employee on the basis of an original document. A copy of the identity certificate must be kept in the administration for any checks, for example the Dutch Inspectorate SZW.
CustomersName and address, (mobile) telephone number, nationality, E-mail address, bank account numberContract agreementTo enter into an agreement with you.
VisitorsName, E-mail address, telephone numberPermissionTo be able to contact you as a result of your contact request.

We only process your personal data for the aforementioned purposes. When we use your data for other purposes, we will inform you about this.

SUPERVISION OF PROCESSING PERSONAL DATA

The rules on protecting your personal data are laid down in the General Data Protection
Regulation (GDPR). The Dutch Data Protection Authority (AP) ensures that this law is complied with.

If you believe that the provisions of this Privacy Statement are not or insufficiently complied with by us, you have the right to submit a complaint to the AP. The contact details of the AP are:

Bezuidenhoutseweg 30

2594 AV The Hague

0900-2001201

SAFE

To protect your privacy and the confidentiality of your data, TABSTAR takes appropriate technical and organizational measures. We take security measures to prevent abuse of and unauthorized access to personal data, such as the application of access control, firewalls and secure servers, and encryption of certain types of data.

In addition to securing the systems, we also want that within TABSTAR not everyone has access to all your data. Our systems are set up in such a way that employees can only see the information for which they are authorized.

DATA BREACH PROCEDURE

If a data breach or suspected data breach is found, this must be reported immediately to TABSTAR, Wim Star. This can be done by sending an email to info@tabstar.nl and / or by telephone: 010 – 461 23 93.

The notification must contain at least the following information:

–           the nature of the infringement (so: what happened?);

–           the cause of the data breach (hack, theft, loss, etc.)

–           description of the leaked personal data (nature of the data, quantity, etc.);

–           any measures that have been / are being taken to close the data breach;

–           an estimate of the risk that those involved can run

–           contact details of the reporter.

The internal reporting obligation applies not only to TABSTAR employees, but also to external processors of TABSTAR personal data. A reference to this data breach procedure must be included in the processing agreement with these parties.

TABSTAR investigates on the basis of the internal notification whether or not there is a problem

data breach. If so, TABSTAR will report the data breach ‘immediately’ (no later than the second working day after the occurrence of the incident) to the Data Leak Reporting Center of the AP. This report is made via the report form published on the website of the AP.

TABSTAR then determines whether the data breach results in a “substantial risk of loss or unlawful processing that has adverse consequences for the personal data and privacy of the data subject (s)”. If this is the case, the parties involved must be informed about the data breach.

The reporting to data subjects can be done by posting a message on the TABSTAR website and / or via email, telephone or letter to data subjects. The notification to data subjects must at least contain the following information:

–           the nature of the personal data breach

–           a telephone number or web page where more information about the infringement can be obtained

–           recommendations to mitigate possible negative consequences of the infringement for those limit.

CONFIDENTIAL

We assume that your information is always confidential. All TABSTAR employees are therefore required to maintain confidentiality. Persons charged with carrying out technical work on our systems are also bound by confidentiality. In short, anyone who has insight into your data is charged with confidentiality.

HOW LONG DO WE STORE YOUR DATA?

TABSTAR does not store your data longer than necessary for the purposes for which your data is processed and then permitted by law. How long certain data is stored depends on the nature of the data and the purposes for which it is processed. The retention period can therefore be different for each purpose:

  •      For example, a statutory retention period of 7 years applies to the saving of payslips.
  •      For persons with whom TABSTAR establishes and concludes an agreement, the retention period is 7 years after the end of the agreement, whereby here too a possible extension of this retention period can only take place after written approval from you.

At the end of the retention period, personal data will be deleted both physically (shredder) and digitally.



PROVIDED TO THIRD PARTIES

We only provide your personal data to third parties if this is necessary in the context of the performance of the activities of TABSTAR, if this is necessary for the performance of an agreement, if this is required by law or if you have given your permission for this.

TABSTAR may also be required to provide personal data on the basis of laws or regulations, on the basis of a decision by a competent court, or in the event of fraud or abuse. If that is the case, TABSTAR cooperates.

TRANSFERRING YOUR DATA TO COUNTRIES OUTSIDE THE EUROPEAN UNION

TABSTAR will not pass your details on to a company or branch in a country outside the European Union unless a model agreement has been concluded for this or when you have signed a statement in which you consent to the transfer.

PERSONAL CONTACT WITH TABSTAR

Many contacts between you and TABSTAR proceed by telephone, contact form, email or social media. We record personal data that you provide for this if required for our services.

WHAT DO WE DO WITH COOKIES?

We make use on our site of a cookie which determines the preferred language of the visitor so the language on the site can be set to English or Dutch. A cookie is a small file that is sent along with pages from this website and by your browser is saved on your hard drive from your computer, tablet or telephone. etc. (‘device’).

WHAT ARE YOUR RIGHTS?

When TABSTAR processes your personal data, you have certain rights in accordance with the applicable regulations. Your rights will be explained below.

INSIGHT IN YOUR DATA

Would you like to see which of your personal data are known to us? Then you can use your right to have insight in your data. We request you to indicate specifically which personal data you would like to receive.

RIGHT OF RECTIFICATION

You have the right to rectify data if your data is incorrect or incomplete. You also have the right to rectify the data if the data is not relevant for the purpose for which we are processing it, or if your data has been processed by us in violation of a legal regulation.

We will inform the third party (or parties) who have received your data from us of any rectification, unless this is impossible or requires a disproportionate amount of effort on our part.

RIGHT TO DELETE DATA

You also have the right to have certain data removed. For example when your data is no longer needed for the purposes for which we received it, you object to the processing or when your data has been processed unlawfully by us. However, we cannot always delete all requested data, because we are (or might be) obliged to retain certain data from you. This includes fiscal number or a copy of your proof of identity if you work or have worked for us.

RIGHT TO LIMIT PROCESSING

You also have the right to limit the processing of your data. The right to limitation means that we may not (temporarily) process your personal data or change it. This is the case if you dispute the accuracy of the data, if you believe that the personal data are no longer needed for the purposes or if you believe that the processing of your personal data by TABSTAR is unlawful.

RIGHT OF OBJECTION

You can object to the processing of your personal data by TABSTAR if your personal data is used for purposes other than necessary for the implementation of an agreement or necessary for the fulfillment of a legal obligation.

RIGHT TO DATA PORTABILITY

If you have provided your personal data to us, you are entitled to data transferability in certain cases. This means that we will provide you with your data in a structured, current and readable manner, if you so request.

HOW CAN YOU EXERCISE YOUR RIGHTS?

If you wish to make use of your rights, you can contact us at any time via the contact details above or by sending us an e-mail or letter with your name, address and telephone number. We will respond to your request within one week.

We ask you to identify yourself, on the basis of a valid proof of identity. In this way we can check whether we provide the personal data to the right person.

Excessive requests regarding the provision of information may be rejected by us. Excessive requests occur when, for example, you approach us more than average and necessary with requests for information.