Privacy Policy
This Privacy Policy was last updated on: 4 March 2024
We are NuaData. We respect your privacy and private life, but sometimes we need your Personal Data. We consider Personal Data to be any information relating to an identified or identifiable person, in conformity with the General Data Protection Regulation (the GDPR).
This policy explains which Personal Data we use and why (the Privacy Policy). Furthermore, you will read how we process, store and protect your Personal Data. Finally, we outline what rights you have when we process your Personal Data.
This Privacy Policy applies to our Website https://nuadata.com (the Website), our online application (the App) and the services or products we provide (the Services). We process your Personal Data in accordance with the GDPR and all other relevant legislation and regulations in the field of protection of Personal Data, like Dutch Telecommunications Act (Telecommunicatiewet) regarding the use of cookies (the Relevant Legislation).
Are you under the age of 16?
If you are younger than 16 years old, you need permission from your parents or legal guardian to use our Website, App and Services.
Processing of Personal Data
In order to provide you with our Website, App and Services, we process your Personal Data.
How do we receive your Personal Data?
Personal data we receive from you:
We receive Personal Data directly from you when you authenticate to our services or communicate with us through our website, email, chat, application, support portal or phone.
Who is the controller of your Personal Data?
We are the controller of your Personal Data within the meaning of the Relevant Legislation. At the end of this Policy, you can find our contact details.
What Personal Data do we process, for which specified purpose(s), and on which legal basis?
We need some of your Personal Data in order for you to use our Website, Apps and Services.
We are allowed to process your Personal Data, because we comply with the Relevant Legislation. We lawfully process your Personal Data because we:
- Have legal bases for processing your Personal Data;
- Inform you about the processing; and
- Only process data for specific purposes, and no more than is necessary for that.
In the table below you will read (1) which Personal Data we process (2) for which purpose(s) and (3) on which legal basis.
We shall only use your Personal Data for the following purposes or for compatible purposes. By doing so, we will not use your Personal Data in an unexpected manner.
(Personal) Data | Purpose(s) | Legal basis |
Contact Data:
|
We use these Data:
|
We process these Data on the basis of:
|
Payment Data:
|
We use these Data:
|
We process these Data on the basis of:
|
Partner and/or supplier Data:
|
We use these Data:
|
We process these Data on the basis of:
|
Content Data related to the Services:
|
We use these Data:
|
We process these Data on the basis of:
|
Legitimate interest
To invoke the legitimate interest basis, we balance our interests against your interests, fundamental rights and freedoms. In this way, we assess whether our interest, in processing the Personal Data, outweighs your privacy interest. These Personal Data are valuable to us because this data can be used to assess the usage, performance, and security of our services.
Based on careful consideration of the interests and risks involved, we have concluded that your privacy interest does not outweigh our interest. Therefore, we believe we can invoke our legitimate interest in processing these Personal Data.
However, this assessment is subjective. Do you disagree with the processing of your Personal Data based on our legitimate interest? If so, you can always object to this. We will then reassess, and possibly discontinue the processing of your Personal Data.
Are you obliged to share your Personal Data with us?
In some cases, the processing of your Personal Data is necessary. This is relevant, for example, when we have to process your Personal Data in order to oblige to a contract with you or to provide a service to you. Without your Personal Data, we cannot provide our Service to you.
How do we secure your Personal Data?
We make every effort to protect your Personal Data from loss, destruction, use, alteration or dissemination of your Personal Data by unauthorized persons. We ensure that those who have nothing to do with your Personal Data cannot access it. We do this through the following measures:
- Encryption (encoding) of digital files containing Personal Data
- Secure network connections with Transport Layer Security (TLS), Secure Socket Layer (SSL), or a comparable technology
- Security of Personal Data in accordance with the ISO 27001 standard
- The access to the Personal Data is strictly limited to the employees on a ‘need to know’ basis
- The access to the Personal Data is secured by two-step authentication
- The access to the Personal Data is secured by confidentiality agreements (NDA's)
- We constantly check our security measures for effectiveness, and if necessary adjust our process. That way, your Personal Data is always protected and accessible in the event of a failure.
How long do we store your Personal Data?
We shall not store your Personal Data longer than the period in which we need them for the aforementioned purposes. We delete the Personal Data after we no longer need them for the purpose we process them for. The following is a list of the categories of Personal Data and the (functionally defined) retention periods:
Category of Personal Data | Retention period |
Contact Data | We retain your contact information for as long as necessary to provide our Services. |
Payment Data | We retain your payment data for as long as necessary to meet our financial and tax requirements and obligations. |
Partner and/or supplier Data | We retain partner or supplier data for as long as it is needed to provide our Services. |
Content data related to our Services | We retain content data for as long as necessary to provide you with our Services in an integral and continuous manner. |
With whom do we share your Personal Data?
Processors
We may share your Personal Data with data ‘processors’ within the meaning of the Relevant Legislation. We conclude a Data processing agreement with these parties, which entails that they shall process your Data carefully and that they shall only receive the Personal Data they need to provide their service. These parties shall only use your Personal Data in accordance with our instructions and not for their own purposes. We only share your Personal Data with the following categories of processors:
Category | Processor(s) |
Cloud Platforms |
|
IT Management |
|
Customer & Contract Management |
|
Support & Operations |
|
Finance & Project Management |
|
Human Resource Management |
|
These processors perform the hosting of platform services and software services to support our business processes.
If we have a legal obligation to share your Personal Data, we will do so. This is the case, for example, if a public authority legally requires us to share your Personal Data.
Cookies
A cookie is a small text file that can be sent via the server of a website to the browser. The browser saves this file to your computer. Your computer is tagged with a unique number, which enables our site to recognize that computer in the future.
We use cookies to improve the user experience on our Website. Moreover, cookies ensure that the Website works faster, that you can visit our Website safely and that we can track and solve errors on our Website.
You can always delete or disable cookies yourself via the browser settings. No more cookies will be stored when you visit our Website. However, please note that without cookies, our Website may not function as well as it should. For more information you can read our cookie statement: https://nuadata.com/cookies.
Other provisions
Transfer
We also process your Personal Data outside the European Economic Area (EEA). We only do so if a country provides an adequate level of protection for your Personal Data.
We shall never transfer your Personal Data to other countries or to other parties than those mentioned above without your permission.
Websites of third parties
Our website and our App may contain links to other websites. We are not responsible for the content or the privacy protection on these websites. Therefore, we advise you to always read the privacy policy of those websites.
Your rights
You have the following rights:
- The right of access
You can request access to your Personal Data; - The right to rectification
You can request us to correct, limit or delete your Personal Data. In the event of fraud, non-payment or other wrongful acts, we can store some of your Personal Data in a register or on a blacklist; - The right to data portability
You can request a copy of your Personal Data. We can provide this copy to third parties at your request, so you do not have to do so yourself; - The right to object
You can object to the processing of your Personal Data; - The right to file a complaint
You can file a complaint at the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you are of the opinion that we wrongfully process your data; - The right to withdraw consent
You can always withdraw your permission to process your Personal Data. From the moment of your withdrawal, we cannot process your Personal Data anymore.
Modifications to the Privacy Policy
We may modify this Privacy Policy. If we substantially modify the Privacy Policy, we shall place a notification on our Website and in our App together with the new Privacy Policy. We shall notify registered users in case of a substantial modification. If you are not a registered user, we advise you to consult the Website and this Policy regularly.
Contact
In the event that you wish to exercise these rights, or in the event of other questions or remarks regarding our Privacy Policy, you can contact us via the following contact details.
NuaData B.V.
Amstelplein 54
1096 BC Amsterdam
The Netherlands
KvK 91912490
+31 20 8880 8880
privacy@nuadata.com