Privacy Statement
INTRODUCTION
1.1. Dutch Empire Security provides security services to a multitude of customers in various industries and customer segments. In the course of its business, Dutch Empire Security sometimes collects, stores and provides or otherwise processes personal data.
1.2. We, at Dutch Empire Security, are committed to ensuring the privacy and security of personal data in accordance with applicable data protection legislation. This Privacy Statement provides you with general information on how Dutch Empire Security handles personal data. The Privacy Statement also describes your rights and how to exercise them against Dutch Empire Security.
1.3. This Privacy Statement may be amended from time to time.
1.4. If you have any other questions or requests regarding the processing of your personal data, please contact our Data Protection Officer;
Dutch Empire Security B.V.,
Attn: Data Protection Officer,
Ludolf de Jonghstraat 41R,
3043 JD Rotterdam
- GENERAL DATA PROTECTION PRINCIPLES WE OBSERVE
2.1. Dutch Empire Security respects and values the privacy and protection of your personal data. ‘Personal data’ means any information relating to an identified or identifiable natural person (the “data subject”).
2.2. In the course of our activities, Dutch Empire Security shall at all times endeavour to ensure that personal data:
- are processed lawfully, properly and transparently (‘lawfulness, propriety and transparency’);
- are collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes (‘purpose limitation’);
- adequate, relevant and limited to what is necessary in view of the purposes for which they are processed (‘minimum data processing’);
- are accurate and, where necessary, rectified or updated (‘accuracy’);
- are kept in a form which does not allow data subjects to be identified for longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’)
- processed in a way that ensures their appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by taking appropriate technical or organisational measures (‘integrity and confidentiality’).
2.3. Your personal data will only be processed for specified legitimate purposes (see Article 5 below, ‘Processing purposes: why do we process your personal data’) and if legitimate on a valid legal basis (see Article 6 below, ‘Legal basis for processing your personal data’).
- WHAT CATEGORIES OF DATA DO WE PROCESS?
3.1. Dutch Empire Security may need to collect or otherwise process the following personal data:
- your name;
- your address, email, telephone number or other contact details;
- information about the use you make of our services.
3.2. If you apply for a vacancy with Dutch Empire Security, you may also be asked to provide us with the following information:
- CV, cover letter and references;
- date of birth and/or identification number;
- your photograph.
3.3. Depending on the service you are interested in, we may process the following personal data:
- bank details;
- insurance, financial, credit or bankruptcy history;
- personal characteristics (such as gender, date and place of birth);
- government and other official identification numbers, subject to applicable laws and regulations (such as Citizen Service Number (BSN), tax number or other identification number issued by the government, financial data and account information (such as account number, credit history, credit data and other financial data);
- information that enables us to provide our services;
- marketing preferences, marketing activities and customer feedback;
- online activity data (such as data about your use of the Dutch Empire Security website);
- HOW DO WE COLLECT YOUR PERSONAL DATA?
4.1. In providing our products or services to you, we may collect or receive your data through various channels:
- via written forms;
- via dutchempiresecurity.co.uk online forms;
- via Dutch Empire Security campaign websites, online forms;
- via telephone contact;
- in person-to-person contacts;
4.2. We may receive your personal data directly from you, from another entity of B.J, Empire B.V., from a business partner or from publicly available data. Dutch Empire Security will only provide or receive personal data from third parties in accordance with applicable data protection legislation. For more information on this, please refer to article 7 ‘To whom may we disclose your personal data?’.
- PROCESSING PURPOSES: WHY DO WE PROCESS YOUR PERSONAL DATA?
5.1. The collection and processing of the above types of personal data is necessary for us to achieve specified legitimate purposes in carrying out our business activities. In particular, we process your personal data for the following purposes:
- provision of our security services;
- improvement of our services;
- customer administration, for example to respond to customer requests or queries, customer satisfaction surveys or handling complaints about a particular service;
- for administration and management of staff and intermediaries;
- for managing commercial relationships with third parties;
- for administrative purposes within Dutch Empire Security;
- for backup or archiving purposes;
- in relation to our legal duties towards the government or in the context of legal proceedings;
- for statistical or market research purposes;
- for (direct) marketing purposes;
- to combat fraud and breaches by customers;
- for dispute resolution;
- for the protection of society, own sector or organisation;
- for account management
5.2. Dutch Empire Security endeavours not to (further) process your personal data in a manner incompatible with the above purposes.
- LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
6.1. Dutch Empire Security aims to process your personal data lawfully, i.e. on the valid legal basis, as set out below.
6.2. In particular, your personal data shall be processed if necessary for the performance of the contract between you and us, or to take measures at your request prior to the conclusion of a contract.
6.3. Your personal data may be processed on the basis of your consent. In this case, we will always ensure that we have your free, specific, informed and unambiguous consent.
6.4. Your personal data will be processed on the basis of the legitimate interests pursued by us for, for example, administrative purposes, or for research or development purposes. For example, when processing your personal data for communication with you, improving the quality of our services, providing marketing information to you (incl. direct marketing), for personnel and payroll administration, the development and implementation of HR strategies and the management of our business operations and IT infrastructure. Depending on the specific processing, Dutch Empire Security's legitimate interests will generally include (i) the pursuit of our business activities and commercial purposes; (ii) the protection of our businesses, employees and customers; (iii) the improvement or further development of our products and/or services and our business activities in general; (iv) compliance with legal and regulatory obligations, standards, guidelines and codes of conduct and/or (v) maintaining and improving our market position.
6.5. Your personal data may be processed because it is necessary to comply with a legal obligation under which we operate.
6.6. Your personal data will be processed because it is necessary to protect someone's vital interests (e.g. in the event of accidents or incidents) or because it is necessary for the performance of a task carried out in the public interest or in the exercise of public authority vested in us.
- TO WHOM MAY WE DISCLOSE YOUR DATA?
7.1. Dutch Empire Security may disclose your personal data to another entity within B.J. Empire B.V., representatives or other intermediaries to achieve any of the above purposes (see Article 5 above, ‘Processing purposes: why do we process your personal data’).
7.2. Other recipients of your personal data may also be service providers or business partners of ours, such as:
- IT service providers;
- marketing service providers;
- insurance companies;
- business partners;
- claims managers;
- analytics consultants;
- data storage companies;
- other services subcontracted to third parties, which assist us in carrying out our business activities;
- research and development organisations;
- if Dutch Empire Security sells a business unit, Dutch Empire Security may provide your personal data to a potential purchaser of that business unit;
- if Dutch Empire Security or a substantial part of Dutch Empire Security's assets are acquired by a third party, your personal data may be provided to this third party.
7.3. In certain specific cases, we may also provide your personal data to the government, government agencies, statutory bodies, regulators and enforcement agencies, when we are compelled to do so.
7.4. Dutch Empire Security will only provide your personal data to parties that provide sufficient safeguards to protect your data and fulfil your rights as a data subject (see Article 10 below, ‘What are your rights as a data subject?’).
- HOW LONG DO WE KEEP YOUR PERSONAL DATA?
8.1. Dutch Empire Security undertakes to comply with the storage limitation principle. In that context, we will not store your personal data for longer than necessary for the performance of our contract and/or the achievement of any of the purposes mentioned above (see Article 5 above, ‘Processing purposes: why do we process your personal data’). Dutch Empire Security may also be required by law to store your personal data for a minimum period to comply with legal requirements.
8.2. We will regularly check whether personal data that no longer serves a purpose can be deleted or otherwise anonymised.
- WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?
9.1. Dutch Empire Security will use its best efforts to respect and fulfil your rights as a data subject, as listed below.
9.2. Your rights as a data subject consist of:
- The right to access: you may request access to your personal data at any time. Upon request, we will provide you with a copy of the personal data we process about you. For further copies, we will charge a reasonable fee based on administrative costs. If you make your request electronically, and do not request any other arrangement, the information will be provided in a commonly used electronic form.
- The right to rectification: you have the right to request the rectification or completion of inaccurate or incomplete personal data relating to you.
- The right to oblivion: you may request us to delete (part of) your personal data in the following situations:
when the processing was based on your consent and you have decided to withdraw this consent; when your data are no longer necessary to achieve the purposes for which they were collected or otherwise processed; when you have objected to the processing of your data for direct marketing purposes; when you have objected to the processing of your data (see ‘right to object’ below) and after verification, it appears that your rights, freedoms or personal interests outweigh our legitimate interests; when your personal data have been processed unlawfully (e.g. because your consent was not validly obtained);when your personal data must be deleted to comply with a legal obligation incumbent on Securitas.
- Right to object: you may object at any time to the processing of all or part of your personal data if it is used for direct marketing purposes. You may also object to the processing of your personal data if such processing is based on our legitimate interests. In the latter case, we will no longer process your personal data unless we have compelling legitimate grounds to do so anyway or because such processing is necessary for the establishment, exercise or substantiation of a legal claim.
- Right to restrict processing: you may in any case request us to restrict the processing of your personal data in the following situations:
when you contest the accuracy of your data; when the processing is found to be unlawful; when we no longer need your personal data for the purposes of processing; or pending the answer to the question whether our legitimate interests outweigh yours in the context of an objection.
If you exercise your right to restrict processing, we will be allowed to process your data with your consent, except for its storage.
- Right to data portability: upon request, you have the right in certain cases to obtain your personal data in a structured, common and machine-readable form, in order to transfer it to another entity. If technically possible, you may request us to transfer your personal data directly to this other entity. Your right to portability should not affect the rights and freedoms of others.
- Right to withdraw your consent: if processing is based on your consent, you are free to withdraw your consent at any time.
9.3. If you contact us to exercise the above rights, please attach a copy of your identity card or passport so that we can verify that this request is indeed from you.
9.4. In case of issues relating to your personal data or other privacy concerns, you may also lodge a complaint with the Personal Data Authority.
- HOW DO WE ENSURE THE PROTECTION OF YOUR PERSONAL DATA?
10.1. Dutch Empire Security is strongly committed to protecting your data. We, at Dutch Empire Security, take all administrative, technical and organisational measures to ensure the protection and confidentiality of your personal data and to protect your personal data from access, loss, misuse, disclosure, alteration or destruction, whether accidental or unlawful.
10.2. Prior to disclosing your personal data to a third party / processor, we will always ensure that such third party / processor provides an adequate level of security.
The most recent version of this Privacy Statement can be found at www.dutchempiresecurity.nl/privacy.
Dutch Empire Security Privacy Statement 2022