Last updated: 26 April 2023

Innovations and changing regulations ensure that this Privacy Policy is subject to change. An up-to-date version of the Privacy Policy is always available at this location, therefore it is advisable to keep an eye on this webpage.

Definitions

Organizationmeans Unexus B.V., a company registered under number 74840266 of Dutch chamber of Commerce
GDPRmeans General Data Protection Regulation.
Responsible PersonMeans Information Security Officer at Unexus
Register of Systemsmeans a register of all systems or contexts in which personal data is processed by the Organization.

1. Data protection principles

The Organization is committed to processing data in accordance with its responsibilities under the GDPR.

GDPR requires that personal data shall be:

1.1 processed lawfully, fairly and in a transparent manner in relation to individuals;

1.2 collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;

1.3 adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;

1.4 accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;

1.5 kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and Organizational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and

1.6 processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or Organizational measures.”

2. General provisions

2.1 This policy applies to all personal data processed by the Organization.

2.2 The Responsible Person shall take responsibility for the Organization’s ongoing compliance with this policy.

2.3 This policy shall be reviewed at least annually.

3. Lawful, fair and transparent processing

3.1 To ensure its processing of data is lawful, fair and transparent, the Organization shall maintain a Register of Systems.

3.2 The Register of Systems shall be reviewed at least annually.

3.3 Individuals have the right to access their personal data and any such requests made to the Organization shall be dealt with in a timely manner.

4. Lawful purposes

4.1 All data processed by the Organization must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task or legitimate interests.

4.2 The Organization shall note the appropriate lawful basis in the Register of Systems.

4.3 Where consent is relied upon as a lawful basis for processing data, evidence of opt-in  consent shall be kept with the personal data.

4.4 Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available and systems should be in place to ensure such revocation is reflected accurately in the Organization’s systems. 

5. Data minimization

The Organization shall ensure that personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

6. Accuracy

6.1 The Organization shall take reasonable steps to ensure personal data is accurate.

6.2 Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data is kept up to date.

Organization is legally obliged to keep certain customer data for a certain period of time for the purpose of investigation. Organization must cooperate with claims from the Justice department or other governmental authorities of personal data, but also of other information that we process and store during our normal business operations. This concerns, for example, data about your systems, data usage and your made calls. If the retention period has expired, stored information will be destroyed or made anonymous.

8. Required for our service

Organization provides its services itself, but sometimes uses third parties to support them. In such a case, we need to share the required information with these third parties. When Organization shares data, the recipient is obliged to adhere to the Organization conditions.

Organization will only use your personal data if it is provided with consent by you. Organization may use this information solely to improve Organization products or to provide customized services or technologies to you and will not disclose this information to others in a form that personally identifies you.

10. What information do we collect?

10.1 Personal & User Data

When you purchase a service from Organization, or when you contact us, Organization processes your personal data. Personal data is data that can be traced back to a person. The word “process” has a very broad meaning. It contains every action with regard to personal data, including the collection, storage, modification, consultation and use, provision, merge, protection, erasure or destruction of data.

You’ll find a list of examples of personal data we collect below:

  • First and last name
  • Address
  • Phone number
  • E-mail address
  • Other personal data that you provide us actively, for example through creating a profile, corresponding with us or telephoning us
  • Location data
  • Activity data on our website
  • Internet browser and device type
  • Bank account number (if applicable)

10.2 Purpose of collecting personal & user data

Organization collects personal and user data for the following purposes:

  • To call or e-mail you if necessary, to perform our services.
  • To inform you about changes in our services or products.
  • To offer you the possibility to create an account.
  • To deliver goods and services to you.
  • To take care of payments and orders.
  • To send out our newsletters.
  • Organization analyses your user behavior on the websites to make further improvements to the user experience. We also improve our products and services based on your preferences.
  • Organization is legally obliged to keep certain customer data for a certain period of time for the purpose of investigation. Organization must cooperate with claims from the Justice department or other governmental authorities of personal data, but also of other information that we process and store during our normal business operations.

10.3 Tracking & Cookies

If you visit us via one of our (affiliated) websites, a “cookie” will be placed. These cookies are designed to remember your settings and preferences in order to improve the user experience. In addition, Google places “analytical cookies” to gain insight into the use of our website. If desired, it is possible to set your browser to disable these cookies.

10.4 Retention periods

Organization does not retain your data any longer than strictly necessary to realise the purposes of why we collect the data. Therefore Organization uses the following retention periods:

Personal dataPurposeRetention period
First and last nameTo call you back, or to contact you through e-mail or postUndetermined period of time
Phone numberTo call you in case you request us toUndetermined period of time
E-mail AddressTo reply to your outreach to us, to answer you on a question or (if you’ve given your permission) to send newsletters to youUndetermined period of time
Data about activity on the websiteTo analyze for website optimization50 months

11. What do we use the information for?

Organization primarily uses the aforementioned data to deliver and improve the services that you purchase. For example; delivering a service at the requested address or setting up a telephone call.

11.1 Sharing personal data with third parties

Organization provides its services itself, but sometimes uses third parties to accomplish these services. In such a case, it is necessary that we share data with these third parties. When Organization shares data, the recipient is obliged to comply with the conditions of Organization.

11.2 Cookies and other techniques we use
Organization uses functional, analytical and tracking cookies. A cookie is a small text file which is documented and saved during the first visit to our website. It is saved in the browser of your computer, tablet or smartphone.

Organization uses cookies with a purely technical or analytical functionality. These cookies furthermore ensure that the website works properly. In addition, we place cookies that perform your surfing behavior on created content.

You can opt out of cookies by setting your internet browser so that it no longer stores cookies. In addition, you can also delete all information that has previously been stored via the settings of your browser.

The following cookies are used on this website:

CookienaamBronFunctionExpiration
_gaGoogleRegisters a unique ID that is used to generate statistical data on how the visitor uses the website.Session
_gatGoogleTo speed up data collection processes in statistics.Session
_gidGoogleRegisters a unique ID that is used to generate statistical data on how the visitor uses the website.Session
Cppro-ftOrganizationKeeps track of special fonts on the website for internal analysis. The cookie does not register any visitor data.1 year
Cppro-ft-style-tempOrganizationKeeps track of special fonts on the website for internal analysis. The cookie does not register any visitor data.1 day
Cp-pro-page-viewsOrganizationCollects data relates to the user’s visits to the website.Session
Cp-pro-session-limitOrganizationCollects data on user behavior and interaction in order to optimize the website.Session
_clckOrganizationCollects data on the user’s navigation and behavior on the website. This is used to compile statistical reports and heatmaps for the website owner.1 year
_clskOrganizationRegisters statistical data on users’ behaviour on the website. Used for internal analytics by the website operator.1 day
c.gifMicrosoft ClarityCollects data on the user’s navigation and behavior on the website. This is used to compile statistical reports and heatmaps for the website owner.Session
CLIDMicrosoft ClarityCollects data on the user’s navigation and behavior on the website. This is used to compile statistical reports and heatmaps for the website owner.1 year
ANONCHKMicrosoft ClarityRegisters data on visitors from multiple visits and on multiple websites. This information is used to measure the efficiency of advertisement on websites.1 day
MUIDMicrosoft Clarity & BingUsed widely by Microsoft as a unique user ID1 year
SMMicrosoft ClarityRegisteres a unique ID to identify device during staySession
_cltkMicrosoft ClarityRegisters statistical data on users’ behaviour on the website. Used for internal analytics by the website operator.Session
SRM_BBing.comTracks the user’s interaction with the website’s search -bar-function . This data can be used to present the user with relevant products or services.1 jaar
MRBing.comUsed to track visitors on multiple websites, in order to present relevant advertisement based on the visitor’s preferences.7 days

In case you want to alter your cookie settings: Manage cookie settings.

11.3 Statistical research
Organization always strives to provide you with the highest quality of websites and applications. This makes it necessary for Organization to analyze statistics on a regular basis. We can use the outcome for adaptations on our websites and/or applications.

We can use your data for this statistical research. Only designated employees of Organization have access to this data. Results of the research are always aggregated to ensure results are not traceable to a person.

12. Your rights

As an individual, you have several rights with regards to your personal data. These include:

Your rightExplanation
The right to accessYou have the right to access any data that we have processed or are processing that pertains to you or can be traced back to you.
The right to rectificationIf you believe that any information we hold about you is inaccurate or incomplete, you have the right to request that we correct or complete it.
The right to erasureYou have the right to request that we erase your personal data under certain conditions.
The right to restrict processingYou have the right to request that we restrict the processing of your personal data under certain conditions.
The right to object processingYou have the right to object to our processing of your personal data under certain conditions.
The right to data portabilityYou have the right to request that we transfer any data we have collected about you to another organization or directly to you under conditions that we agreed upon in our contract.

Do you want access to the data that Organization processes about you? Please contact support@unexus.nl. It’s possible to request for access, modification, export and/or deletion. We have one month to respond to your request for information.

13. Access to, correction or deletion of your personal data

If you have any questions or remarks about your personal data you can contact us. Please send your message to us by emailing us at support@unexus.nl. We will answer your question as soon as possible.

13.1 How do you get access to your personal data?
 If you want to view your stored personal data, you can submit a request to us to provide this personal data to you. This means that you can request to see which personal data of you has been registered and for what purposes that data is used. You can submit this request by email. Our email address is: support@unexus.nl.

13.2 How can you correct your personal data?
 You can submit a request for a change or complete removal of your data by email through support@unexus.nl

13.3 Right of objection
 You can object to the processing of your personal data by Organization if your personal data is used for purposes other than those necessary for the execution of an agreement, or those necessary for the fulfilment of a legal obligation. You can submit your objection by email. Our email address is: support@unexus.nl.

14. How we secure your personal data

Organization takes the protection of your data seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. If you feel that your data is not properly secured or there are indications of misuse, please contact us at support@unexus.nl.

We take security seriously:

  1. The Organization shall ensure that personal data is stored securely using modern software that is kept-up-to-date. 
  2. Access to personal data shall be limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.
  3. When personal data is deleted this should be done safely such that the data is irrecoverable.
  4. Appropriate back-up and disaster recovery solutions shall be in place.

Organization has taken the following measures to protect your personal data:

  • Organization applies TLS (formerly SSL). We send your data via a secure internet connection. You can see this by the address bar ‘https’ and the padlock in the address bar.
  • Servers and devices of our employees are equipped with the latest updates and security software, such as a firewall. All Organization employees who have access to personal data are trained in the careful handling of your data. DKIM and SPF are internet standards that we use to prevent you from receiving e-mails on our behalf that contain viruses, are spam or are intended to obtain personal (login) data.
  • DNSSEC is an extra security (additional to DNS) for converting a domain name (#company_website) to the associated IP address (server name); it is provided with a digital signature. You can have that signature checked automatically. By doing this we prevent you from being redirected to a false IP address.
  • Organization is ISO 27001 certified. The ISO 27001 standard specifies strict requirements for establishing, implementing, executing, monitoring, assessing, maintaining and improving a documented Information Security Management System (ISMS). The ISMS for ISO 27001 is not a static system, but is constantly evolving. The certificate is obtained after an independent audit. Annual internal and external checks ensure that Organization continues to meet the security requirements.

15. Breach

In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, the Organization shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the Autoriteit Persoonsgegevens

Questions?

In case you have any questions about this Privacy Statement, please contact us.