Privacy statement

Knowledge, expertise and trust are important pillars of the service of PNO Consultants B.V. and the other group companies affiliated to the PNO-group, which mainly operate under the names PNO Consultants, CiaoTech, PNO Participation and PNO Innovation. We are committed to giving you clarity on how we handle your personal data. In this Privacy Statement we inform you about our approach to handling and processing of personal data.

1. Contact details

PNO Consultants B.V. (PNO Consultants) is the controller and is located at the Laan van Zuid Hoorn 15, 2289 DC in Rijswijk. By telephone you can reach us on +31 (0) 88-838 13 81, by e-mail at gdpr@pnoconsultants.com.

2. Who is this Privacy Statement applicable to?

This Privacy Statement applies to all persons whose PNO Consultants processes personal data, with the exception of persons working at PNO Consultants. Personal data are all data that contains information about persons with which those persons are identifiable.

This Privacy Statement applies to:

This Privacy Statement does not apply to employees, temporary workers, temporary workers, student trainees and applicants.

3. Which personal data do we process?

PNO Consultants respects your personal data and ensures that the personal information provided to us or otherwise obtained is treated confidentially. Personal data is all information about a person. Data that indirectly says something about someone is also personal data.

By processing personal data we mean: collecting, recording, organising, storing, updating, modifying, retrieving, consulting, using, providing by means of forwarding, distribution or any other form of posting, bringing together, linking together, and to protect, erase or destroy your personal data.

We process personal data that you have provided to us, personal data generated during your visit to our website and reading newsletters and personal data that we have derived from other sources, such as business social media platforms and business cards.

Personal information provided by you:

Personal data obtained through or generated by our website, electronic newsletters, commercial e-mails or related technologies:

See our cookie statement https://www.pnoconsultants.com/cookie-policy

Personal data obtained from other sources:

Our website may contain hyperlinks to websites of other parties and social media buttons. We are not responsible for the content of those websites or the services of relevant social media platforms. Nor is PNO Consultants responsible for the privacy policy and the use of cookies on those websites and social media platforms.

4. What are we using your personal data for?

We use your personal data for different purposes. We put them for you in a row:

If you hand over an assignment to a consultant, at least your contact details are requested. Other personal data may also be necessary for the handling of the assignment, depending on the nature of the assignment. Furthermore, the data is used for invoicing the services provided.

Your contact details are kept in EU relationship management systems and can be used for sending newsletters, updates, invitations to events and seminars and sending information that you have requested from us.

We find it important to approach you with information that is relevant to you. To make this possible, we combine and analyze the personal data available with us. On that basis we determine which information and channels are relevant and which moments are most suitable for providing information or establishing contact. In marketing campaigns we do not process any special personal data and also no confidential data. If we would like to create a personal, individual customer profile, we will ask for your prior permission. If you would like to withdraw this consent later, this is always possible.

We analyse the following data:

5. Security level

We protect personal data, taking into account the state of the art, using appropriate technical and administrative security measures to minimize the risk of loss, misuse, unauthorized access, disclosure and modification. You can think of security software such as a virus scanner and firewalls, a secure internet connection, encryption of data and physical and administrative access controls to data and servers.

6. Storage of personal data

We do not store your personal data for longer than is strictly necessary for the execution of the purposes. If legal regulations apply to the storage, the personal data will not be kept longer than prescribed by law.

7. Legal basis of the processing

We process personal data on the basis of one of the following legal grounds:

A controller may only process personal data if this can be based on one of the limitative enumerated legal grounds in the General Data Protection Regulation (GDPR). The four legal grounds on which PNO Consultants relies are:

8. Processors

We may use service providers (processors) for the processing of your personal data that only process personal data in our order. We conclude a processor agreement with these processors that meets the requirements set by the General Data Protection Regulation (GDPR).

For example, we work with service providers that offer SaaS solutions (software as a service) or provide hosting services. Furthermore, there are ICT service providers who offer us support in keeping our systems safe and stable. We also use third-party services for sending newsletters and commercial e-mails. These are examples of parties that can be designated as processors as referred to in the General Data Protection Regulation (GDPR).

9. Share personal data with third parties

We protect personal data, taking into account the state of the art, using appropriate technical and administrative security measures to minimize the risk of loss, misuse, unauthorized access, disclosure and modification. You can think of security software such as a virus scanner and firewalls, a secure internet connection, encryption of data and physical and administrative access controls to data and servers.

We never sell your personal data to third parties and do not make automated decisions that could have significant consequences for you.

10. Transfer outside the (European Economic Area) EEA

Under the General Data Protection Regulation (GDPR), personal data may only be passed on to parties outside the EEA if an appropriate level is guaranteed for the protection of the personal data or if a specific deviation applies.

We may pass on personal data to a party outside the EEA if this is necessary for the execution of the contract for the provision of innovation or financing consultancy services.

11. Privacy rights of data subjects

You can send a request for inspection, correction, restriction, resistance, transferability of data, deletion of your personal data

or withdrawal of previously given permission via the contact details below. You will receive further notice from us within four weeks of receipt of your request.

In order to ensure that we provide the relevant personal information to the right person on the basis of your request, we can ask you to provide a copy of a valid passport, driver’s license or identity card for verification purposes. PNO Consultants will only process requests that relate to your own personal data.
For all these questions, please contact us on +31 (0) 88-838 13 81, by e-mail at gdpr@pnoconsultants.com.

12. Complaints

If you have complaints about how we handle your personal data, you can contact us by sending an email to gdpr@pnoconsultants.com or by calling +31 (0) 88-838 13 81. We are happy to help you with finding a solution within a period of four weeks after receiving your request. If that does not work, you can always contact the Dutch Data Protection Authority.

13. Changes

Developments are fast and as a result, there may also be some changes in the personal data we request from you and the way in which we use your personal data. Regulations can also change. In that case, we will adjust this Privacy Statement. We therefore invite you to regularly check the Privacy Statement so that you are kept informed. In the event of major changes, we will also make you aware of this via our website.

Rijswijk, The Netherlands, June  8, 2018