Privacy Statement Certa
Introduction
Certa Advocaten B.V. (“Certa”) values your privacy and therefore provides information in this declaration on what happens to your personal data. This Privacy Statement sets out which categories of personal data are collected, the purposes for which the personal data are used and the categories of recipients to which the personal data are provided.
Information about Certa
Certa has its registered office in Amsterdam at Keizersgracht 620 (1017 ER) and is listed under registration number 34342484 in the Commercial Register of the Chamber of Commerce. Certa can be reached on working days from 08.00 to 18.00 on telephone number 020 – 521 6699 and via e-mail address [email protected]. Our data protection officer is Chantal Heruer.
Data Protection Policy
Certa employees are bound by a data protection policy.
Processing of personal data
Certa processes your personal data for handling your e-mail. The reason for this processing is that it is necessary for the legitimate interests of Certa and you. Specifically, this interest consists of Certa’s and your interest in being able to process your questions, complaints or comments. These personal data will be kept as long as necessary for the complete answering and processing of the e-mail and in any case no longer than six months. Afterwards your personal data will be removed. Your personal data will not be passed on to third parties for commercial purposes.
Processing for other business processes
Verifying identity of clients and client research Prevention of Money Laundering and Terrorist Financing applies
On the basis of the Ordinance on the Legal Profession, Certa is obligated to identify its clients. Certa identifies a legal entity on the basis of an extract from the Commercial Register of the Chamber of Commerce. A natural person is verified by checking the client’s proof of identity. Client data that we are legally required to collect include name, date of birth and a copy of passport. We retain this data for a period of five years from the time the relationship ends or up to five years after a transaction is executed. If the Law on the Prevention of Money Laundering and Terrorist Financing applies to our services, Certa conducts a customer due diligence. The processing of personal data, including making a copy of the identification document, is necessary for the performance of a legal duty incumbent on Certa.
This will usually involve advice, for example on a real estate transaction or the establishment of legal structures.
Execution of assignment
Certa collects and processes personal data from our business partners, such as clients and suppliers. The personal data that we collect from our clients includes names, e-mail addresses, telephone numbers, and office addresses. We process this data to be able to carry out our work, but also to occasionally send our clients a newsletter, to inform them about developments at Certa, or to invite them to an event or seminar. We keep this data for as long as we need it to execute the agreement with the relation. Certa stores client data in accordance with the Dutch Bar Association’s instructions on “Archiving at the law firm”.
To the extent necessary, Certa employees have access to personal data. All Certa employees have a duty of confidentiality.
Retention of records in accordance with fiscal safekeeping obligation
Certa stores its administrative data for seven years, in accordance with the fiscal safekeeping obligation. It is possible that Certa will need to keep your personal data for this purpose. In this case, the processing is necessary to fulfill this legal obligation.
Retention of case-related documents
Certa will retain case-related documents for a minimum of five years and a maximum of twenty years. This retention period is included in the “Archive at the Law Firm” instruction from the Netherlands Bar Association.
Sending documents
Certa sends documents containing personal data, if this is necessary for the execution of our contract of engagement. Examples include legal opinions or drafts of litigation documents. Our e-mails are sent by servers that support STARTTLS, DMARC, DKIM and SPF. This allows for a secure connection to be established with your receiving server.
Event Evaluation Form
After our events, we will send you an evaluation form. We use your answers to improve the next event.
On the evaluation form you can enter the following personal data:
– First name;
– Last name;
– Address;
– E-mail address; and
– Phone number.
Filling in the personal data is not mandatory. If you do fill in this personal data, it is possible for us to contact you about a specific subject. By filling in your personal data you give us permission to do so. Your consent can be withdrawn at any time. Certa will delete the evaluation forms as soon as possible, but no later than six months after the event.
Potential clients
Certa may collect personal data about potential clients. This is done using public sources. Certa does not store more data than strictly necessary for the provision of its services. Personal data will be stored for a maximum of one year.
Retention of personal data of applicants
Certa stores personal data of job applicants provided by them. The personal data that is processed is necessary for the applicant to be able to complete the application process. The data of applicants that we save are the name, contact details, cover letter and resume. This data processing is necessary for the legitimate interest of Certa and of the applicant. This interest consists of being able to complete the application process. Personal data will be kept for a maximum of four weeks after receipt, following the final interview. Based on the applicant’s consent, Certa may keep this personal data longer.
Retention period
This privacy statement indicates the retention period for personal data. If an explicit retention period is not included, Certa will retain the personal data for no longer than is necessary for the purposes for which they were collected and processed.
Cookies
Our website www.certa.nl uses functional and analytical cookies. Functional cookies are cookies that are necessary for the website to function. Certa also uses analytical cookies (Google Analytics) that measure the quality and functionality of the website. These cookies do not collect personal data, but only anonymized statistical information. Our website has a cookie notification. When the visitor does not accept this, the Google Analytics code will not be loaded.
Security
Certa has taken appropriate technical and organizational measures to ensure a risk-adjusted security level.
For the website this means, among other things, that personal data are sent to us encrypted, using an HTTPS connection. The technical security of Certa’s computer systems has been designed in consultation with a specialized IT company. Certa has also taken various organizational measures. These are included in the data protection policy.
Processors and other third parties
Personal data may be processed by processors and subprocessors on behalf of Certa. The processors and sub-processors act under the responsibility of Certa and may not carry out their own processing of the personal data. Your personal data will not be provided to other parties except as described in this Privacy Statement. Your personal data will also be disclosed to other parties when Certa is obligated to do so by law or court order. In relation to its customers, Certa is responsible for the information it collects. This means that Certa is not required to enter into a so-called data processing agreement with its customers.
Your privacy rights
Under the General Data Protection Regulation, you have privacy rights. You have the right to request access to, correction of, or deletion of your personal data. You also have the right to request Certa to restrict the processing of personal data. You have the right, under certain circumstances, to the portability of data and to objection. You can find more information about when it is possible to exercise your right on the website of the Authority for the Protection of Personal Data. If you wish to exercise one or more of these rights, please contact Certa using the contact options indicated.
Contact
To exercise the above rights, or in case of questions, remarks or concerns regarding the handling of personal data by Certa, please send an e-mail to [email protected]. We will try to respond within five working days.
Certa Advocaten B.V.
Keizersgracht 620
1017ER Amsterdam
Phone number: +31 (0)20 521 6699
Website: www.certa.nl
Chamber of Commerce: 34342484
VAT number: 8208.79.368.B01
Changes
We may change this privacy statement. If we make any significant changes, we will post them on www.certa.nl along with the amended privacy statement. The current version of the privacy statement was last amended on March 22, 2022.