PriGroup –¬†Joint Privacy Policy

General

PriGroup BV values great importance to your privacy. We strive to provide high-quality services, with reliability being one of the most important priorities. Much attention was paid to privacy measures and data minimization when designing our services and products. PriOffice BV is a subsidiary of PriGroup BV.

PriGroup BV

This privacy statement applies to PriGroup BV and to all subsidiaries of PriGroup BV and their trade names.

The subsidiaries of PriGroup BV are, with accordance to the GDPR, joints controller for the processing of your personal data. The (administrative) processing of your personal data takes place in the PriPortal (www.priportal.eu). The personal data is stored with our hosting provider. We have a data processing agreement with them in which it was agreed to guarantee the security of personal data. We have set certain requirements for the security that they meet. Due to the joint administrative processing of the personal data in the PriPortal, mutual data exchange takes place between the subsidiaries of PriGroup BV.

PriGroup BV and its subsidiaries do not share data with third parties. For example, it is not possible that we leave personal and / or address details of an Account Holder to someone who requests this by telephone, in writing or digitally. Your personal information is only visible to screened staff members associated with PriGroup BV. An exception to this is when we are legally obliged to do so.

Applicability

This privacy statement applies to the use of the websites and the services provided by the companies within the PriGroup BV (including the PriPortal). The effective date for the validity of these conditions is 25-05-2018, with the publication of a new version the validity of all previous versions expires. This privacy statement describes what information about you is collected by us, what this information is used for and with whom and under what conditions this information may be shared with third parties.

We also explain to you how we store your data and how we protect your data against misuse and what rights you have with regards to the personal data you provide to us. If you have any questions about our privacy statement, please contact our contact person for privacy matters, you will find the contact details at the end of the privacy statement.

About the data processing

We process various personal data to be able to deliver the service to the customers. We do not process more personal data than is necessary for the performance of the service and then for the laws and regulations that apply to the service.

General

A number of processes are uniform for all companies under PriGroup BV. These are described below. Further in this privacy statement more is explained about the specific processing of the separate companies. You will then find an overview of the personal data that is processed, by which company, for what purpose and with whom it is shared.

Newsletter

The newsletters are sent via Mailjet. For this we use the name and e-mail address that is known to you as an Account Holder. You can unsubscribe from the newsletter at any time. You can do this by clicking on “unsubscribe” or “sign out” at the bottom of the e-mails.

It is also possible to subscribe to the newsletter as a non-customer, for example when you want to use a discount or when you want to stay informed. Even then it is possible to unsubscribe at any time by clicking on “unsubscribe” or “sign out” at the bottom of the e-mails. As a non-customer your data will be used for nothing else than for the newsletter.

Contact form

If you use the contact form on one of the websites, the data entered will only be used to answer the question and to contact you. They will not be stored any longer.

Security

PriGoup BV and its subsidiaries, due to the nature of the services and the trust that they must be able to place in their services, take great care in technical and organizational forms of security of your data. For example, good, transparent agreements have been made with the parties that have access to data in the field of confidentiality, retention period and cooperation. In addition, the data is stored encrypted and there are various policy documents for employees to guarantee the security of the information.

Cooperation with tax and criminal investigations

In appropriate cases, PriGroup BV or its subsidiaries may be held to share your information in connection with fiscal or criminal investigation by the government on the basis of a legal obligation. In such a case, we are forced to share your information. We will inform you of this, if possible within the possibilities that the law offers us.

Deletion of data

As an Account Holder you can delete your account yourself. At the time of deletion all personal data will be deleted unless there is a legal provision that prohibits this (Wwft and tax retention obligation).

PriPost BV

The following processing applies when you purchase services from PriPost BV.

Name and address data (residence data)

This is understood to mean:

  • Name and address data
  • E-mail address(es)
  • Telephone number(s)
  • IP-address

For a non natural person application also:

  • Company details
  • Extract from Chamber of Commerce (KvK)
  • UBO statement

Insofar as this has not yet been done by purchasing another service from one of the subsidiaries under the PriGroup BV, we need this data for the identification of and communication with the Account Holder and for the processing of mail. In addition, PriPost BV grants domicile to its customers in accordance with the provisions of the Wwft (Law on the prevention of money laundering and terrorist financing). In order to comply with the statutory audit obligation, in the case of an application from a non-natural person, PriPost BV needs a statement from the Chamber of Commerce and a UBO (Ultimate Beneficial Owner) to assess whether we as PriPost BV may do business with this account holder. For access to the online customer portal, the IP address is added to a whitelist for security reasons.

PriPost BV is not responsible for personal data that may be found in the post of the Account Holder. After all, PriPost BV processes the mail and not the (personal) data that may be mentioned in this mail. This processing therefore does not fall under the definition of “Processing” as described in the GDPR.

However, there may be cases where PriPost BV is the processor of personal data that is stated in the Account Holder’s mail. This is the case when the Account Holder chooses the scan service, where personal data may be stored in a PDF. This way of storage also falls under the definition of processing according to GDPR. However, PriPost BV does not in any way extract data from the scans of the Account Holder.

The Account Holder therefore determines how his mail is processed and can also change this. It is therefore not possible for PriPost BV to enter into an individual Processor Agreement with every customer who chooses the scan service. For that reason, a clause has been included in the General Terms and Conditions that describes that when the Account Holder chooses the scan service, the General Data Processing Agreement will automatically take effect.

You can find the General Data Processing Agreement in the following link:
https://www.pripost.eu/download/General-Data-Processing-Agreement-PriPost.pdf

Copy of identification document

As stated, PriPost BV has a legal obligation according to the Wwft to check the identity of its customers. We do this on the basis of a copy ID, among other things, where we then check this for authenticity at the parties (stolen, missing, invalid, withdrawn, etc.). After this check and the copying of the required data, the copy is permanently deleted. We have entered into a processing agreement with the parties to guarantee the security of the personal data.

It is also possible for a customer to come to our office for identification. In this case we do not need a copy and we will only take over the required data.

The required data:

  • Type of document
  • Full name
  • Date of birth
  • Issuance date
  • Issuing authority
  • Document number
  • Nationality

The Wwft obliges PriPost BV to keep the following data for 5 years after termination of the service:

  • Full name
  • Address and residence place
  • Company details
  • Extract from Chamber of Commerce (KvK)
  • UBO statement
  • Type of document
  • Date of birth
  • Issuance date
  • Issuing authority
  • Document number
  • Nationality

After this, there is no reason to retain this data and will therefore be deleted, unless they are required for other services of PriGroup BV or one of its subsidiaries.

The status of the Postbox will (if necessary) be changed to STANDBY as we need the processing of personal data for the purposes for which the data were provided.

PriOffice BV

The following processing applies when you purchase services from PriOffice BV (formerly Beesiks Office Space).

NAW data (residence data)

This is understood to mean:

  • Name and address data
  • E-mail address(es)
  • Telephone number(s)
  • IP-address

For a non natural person application also:

  • Company details
  • Extract from Chamber of Commerce (KvK)
  • UBO statement

Insofar as this has not yet been done by purchasing another service from one of the subsidiaries under the PriGroup BV, we need this data for the identification of and communication with the Account Holder. n addition, PriOffice BV provides domicile to its customers in accordance with the provisions of the Wwft (Law on the prevention of money laundering and financing of terrorism). In order to comply with the statutory audit obligation, in the case of an application from a non-natural person, PriOffice BV requires a recent extract from the Chamber of Commerce and a UBO (Ultimate Beneficial Owner) to assess whether we as PriOffice BV may do business with this account holder. For access to the online customer portal, the IP address is added to a whitelist for security reasons.

Copy of identification document

The copy ID is processed in the same way as described under PriPost BV.

Your rights

On the basis of the applicable Dutch and European legislation, you as a data subject have certain rights with regards to the personal data processed by or on behalf of us. We explain below what these rights are and how you can invoke these rights.

You have the right to submit a complaint to the Personal Data Authority at any time if you suspect that we are using your personal data in the wrong way.

Right of Access

You always have the right to view the data that we (let) process and that relates to your person or that can be traceable to that. You can request that by our contact person for privacy matters. You will receive a respond to your request within 30 days. If your request is granted, we will send you a copy of all data with an overview of the processors who have this data in their possession to the e-mail address known to us.

Right of Rectification

You always have the right to adjust the data that we (let) process that relate to your person or that can be traceable to that. As you are responsible for the integrity of the personal data, you must report the adjustment via the appropriate form. After processing the adjustment you will receive a confirmation of the adjustment sent to e-mail address known to us.

Right to Restriction of Processing

You always have the right to limit the data that we (let) process that relate to or can be traceable to your person. You can request that by our contact person for privacy matters. You will receive a respond to your request within 30 days. If your request is granted, we will send you a confirmation to e-mail address known to us that the information until you remove the restriction will no longer be processed.

Right to Data Portability

You always have the right to have the data that we (let) process that relate to your person or that can be traceable to that data, carried out by another party . You can request that by our contact person for privacy matters. You will receive a respond to your request within 30 days. If your request is granted, we will send you to the email address known to us copies of all data about you that we have processed or that we let process on our behalf by other processors or third parties.

Right to Erasure (‘Right to be Forgotten’)

The right to delete data is the right to remove data when there is no longer any good reason to process the data any longer.

In the case of PriGroup BV or the subsidiaries, we are limited in complying with the right to change data. You can only invoke this right if you terminate the agreement or if it has already been terminated. It is not possible earlier, because we still need the personal data for the purposes for which the data were provided.

We will keep the following data for a further 7 years after the cancellation period in relation to the tax legislation:

– Invoices

Right to Object and other rights

You have the right to object to the processing of your personal data by or on behalf of PriGroup BV or one of its subsidiaries. If you object, we will immediately cease the data processing pending the handling of your objection. If your objection is well-founded, we will make copies of data that we process or have let process available to you and then permanently stop processing. A consequence of this is that the service can no longer be continued.

You also have the right not to be subject to automated individual decision-making or profiling (direct marketing). PriGroup BV and its subsidiaries do not process your data in such a way that this law applies. If you believe that this is the case, please contact our contact person for privacy matters.

Adjustments in the privacy statement

PriGroup BV reserves the right to change the privacy statement at any time. On this page you can always find the newest version of it. If the new privacy statement has consequences for the way in which we process already collected data with regards to you, we will inform you of this by e-mail.

Contact information

PriGroup BV

Head Office: Keurenplein 41, 1069CD Amsterdam

Administration: Gravin Juliana van Stolberglaan 31, 2263AB Leidschendam

T +31 (0)70-2210460

E privacy@prigroup.eu

Version 1.1 (last change 13-07-2019)