Privacy policy

1. Introduction

In this privacy statement we will explain what information we process from you if we have, want to have or have had a business relationship with you. We will also tell you why and for how long we process your data and what your rights are with regard to each processing. In addition, we will also provide information about the parties we work with and about our security policy.

We believe it is important that our services are reliable and transparent. We therefore treat your personal data with discretion and care and ensure that any processing of your data complies with the applicable laws and regulations.

2. Responsible party for processing personal data

The Responsible Party is:
Name: BLACKBEAR B.V.
Address: Beechavenue 30
Postal code: 1119 PV
City: Schiphol-Rijk
Phone: 085 060 08 75
E-mail: privacy@blackbear.global

3. Privacy Manager

We have appointed a Privacy Manager. This is not a ‘data protection officer’ as referred to in Article 37 of the GDPR. However, it is someone who ensures that your data is processed in accordance with the law. The activities of the Privacy Manager include monitoring and dealing with questions and complaints.

The contact details of our Privacy Manager are:

Stefan Hoogenboom, privacy@blackbear.global, 085 060 08 77.

4. The personal data we process

Depending on your relationship with our organization and the purpose for which we process data, we note (always some of) the following data:

a. First name and surname
b. Gender
c. Date of birth
d. Place of birth
e. Address details
f. Telephone number
g. E-mail address
h. Job details
i. Data on education, courses, test scores and work experience
j. Reviews
k. Bank account number and other payment information
l. Information about your activities on our website
m. LinkedIn profile
n. Data on competences and skills
o. IP Address
p. (Geo-)location data
q. Screen recordings

As well as in specific cases the following special and/or sensitive personal data:

a. Citizen Service Number (burgerservicenummer)
b. Data from people under 16 years of age
c. Copy of identification
d. Passport photograph/profile photograph

5. For what purpose and on what basis we process personal data

We process your personal data for the following purposes:

a. Keeping financial records
b. Processing and execution of order
c. Organizing (customer) events
d. Sending newsletters or mailing
e. Administration of applicants (vacancies)
f. Performing a visitor registration
g. Website visitor monitoring
h. Marketing and/or retargeting
i. Data analysis
j. Service optimization

The processing grounds are those referred to in Article 6 and/or Article 9 of the GDPR (consent, agreement or legitimate interest).

6. Automated decision-making

We do not make decisions on the basis of automated processing on matters that may have (significant) consequences for individuals. These decisions are made by computer programs or systems, without a human being (for example, one of our employees) being involved.

7. How long we retain personal data

In general, we will not retain your data any longer than necessary for the purposes for which we have collected your data. The retention period may vary from case to case. For example, we may need to retain a number of documents for a minimum period of time for tax or administrative purposes. In such cases, we will only retain data that is necessary to comply with our legal obligations. After the legal retention period, we will delete or anonymize your data.

8. Sharing personal data with third parties

We do not share your personal data with third parties, unless this is done in the context of executing an agreement with you and in order to comply with any legal obligation. To the extent that these third parties are to be regarded as processors, we have entered into a processing agreement with these third parties in which, among other things, security, confidentiality and your rights are arranged. We remain responsible for these processing operations.

We engage third parties in the manner and on the grounds described above for the following categories of processing:

a. Processing and execution of order
b. Keeping a financial administration
c. Organizing (customer) events
d. Sending newsletters or mailing
e. Administration of applicants (vacancies)
f. Performing a visitor registration
g. Website visit monitoring

Your data may in some cases be shared with recipients in countries outside the EEA. The main rule is that this is only allowed if a country provides an adequate level of protection. If there is no adequate level of protection in a country outside the EEA, we will provide appropriate safeguards to ensure that your data is protected to the best of our ability. An example of this is the use of model contracts approved by the European Commission.

9. Cookies, or similar techniques, that we use

We use cookies on our website. This is a small text file that is stored in the browser of your computer, tablet or smartphone the first time you visit our website.

We use the following cookies:

a. Cookies with a purely technical functionality. These ensure that the website works properly and that, for example, your preferred settings are remembered. These cookies are also used to make the website work properly and to optimize it.

b. Cookies that keep track of your surfing behaviour so that we can offer customized content and advertisements. When you visited our website, we already informed you about these cookies and asked permission to place them.

c. Cookies placed by third parties. These are, for example, advertisers and/or social media companies.

You can unsubscribe from cookies by setting your internet browser in such a way that it no longer stored cookies. In addition, you can also delete all information previously stored via your browser settings.

10. Your rights (inspection, modification, deletion etc.)

Your rights with regard to the processing of your data are explained below.

a) Right of inspection
You have the right to access your own data. This includes the questions on what the purpose of processing is, to which parties the data is provided and what the retention periods are.

b) Right to rectification
You can ask us to rectify your data immediately. You also have the right to complete incomplete data, for example by sending an email to the email address as set out in Article 3.

c) ‘Right to be forgotten’

You have the ‘right to be forgotten.’ Upon request, we will erase your data without unreasonable delay. However, we may not always delete all of your data. Sometimes the processing is still necessary, for example, to comply with legal obligations or to make, exercise or substantiate claims.

d) Right to restriction of processing

In principle, you have the right to have the processing of your data restricted, for example if you believe that your data is incorrect or unnecessary.

e) Notification of rectification, erasure or restriction
Unless it is impossible or involves a disproportionate effort, we will notify the recipients of your data of any rectification, deletion or restriction of the processing.

f) Right to data portability
You have the right to transfer data. This means that you can make a request to receive your data. You can then save this data for personal reuse. You only have this right in relation to data that you have provided us yourself and if the processing is based on consent or an agreement to which you are a party.

g) Withdrawal of consent
If the data processing is based on consent, you have the right to revoke that consent at any time. However, the processing of your data for the period prior to withdrawal remains lawful.

h) Right to object
In principle, you have the right to object to the processing of your data. After your objection we will in principle stop the processing of your data.

i) Complaint to the Dutch Data Protection Authority or to the court

If you are of the opinion that the processing of your data violates the law you can contact our Privacy Manager, but you also have the right to lodge a complaint with the Personal Data Authority (AP) or go to court.

j) Restrictions on your rights

Sometimes we may restrict your rights, for example in the context of the prevention, investigation, detection and prosecution of criminal offences, such as fraud.
Any request can be addressed to our Privacy Manager. To make sure that a request has been made by you, we ask you to enclose a copy of your ID with the request. In this copy, make your MRZ (machine readable zone, the strip with the numbers at the bottom of the passport), passport number and citizen service number (burgerservicenummer) black. This is to protect your privacy.

11. How we secure personal data

We take the protection of your data seriously and take appropriate measure to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. If you have the impression that your information is not properly secured or there are indications of misuse, please contact our privacy manager.

12. Amendments

We may amend this statement if developments give cause to do so, for example in the case of new forms of processing. The most current privacy statement can be found on our website. We recommend that you consult this privacy and cookie statement regularly so that you are kept informed of the changes.

October 12, 2020