How and why does Cornerpoint B.V. collect personal data?
Cornerpoint B.V. collects personal data in the performance of its activities. In most cases, this involves data it requests from the data subject or which the data subject provides on his or her own initiative. For example, an initial telephone conversation between Cornerpoint B.V.and a (potential) customer or the situation where a (potential) customer sends an email to Cornerpoint B.V.
Cornerpoint B.V. processes personal data with the utmost care. Transparency is an essential part of that care. Cornerpoint B.V. considers it important that third parties and data subjects have insight into the way in which it uses personal data and the underlying reasons. This is why it has drawn up this statement. If you have any questions or comments after reading this statement, please contact Cornerpoint B.V. Obviously, this also applies if you wish to exercise one of the rights described below or if you have a complaint. The email address can be found at the bottom of this statement.
Who exactly is Cornerpoint B.V?
Cornerpoint B.V. is regarded as the controller of the personal data. It is registered with the Chamber of Commerce under number 24376862, with its registered office at Baanhoek 182b in Sliedrecht, can be contacted on telephone number +31 184 493 100 and by email at firstname.lastname@example.org.
Does Cornerpoint B.V. have a Data Protection Officer?
Cornerpoint B.V. has not appointed a Data Protection Officer. It has, however, appointed an employee who is the first point of contact with respect to privacy and personal data. It is Mr. Roy Fransen. The full address is given at the bottom of this statement.
Which personal data does Cornerpoint B.V. process and why?
Cornerpoint B.V. processes different types of personal data, for different reasons. The data it processes are Identification Data (name, email address, contact person, telephone number, Chamber of Commerce number), Location data (postal and/or business address), and Financial data (bank account number, payment details). The first main objective of this processing is to conclude an agreement with the customer. To do this, Cornerpoint B.V. and the customer must be able to communicate with each other. Consider, for example, identifying the customer's wishes and preparing an offer. The second main objective is to implement the agreement that has been concluded. Consider, for example, regular consultations regarding the progress or... The third main objective is to facilitate invoicing of the activities and/or the provision of services, as well as payment (and collection if necessary). The final main objective is to inform the customer about developments that may be relevant to him or her.
Is Cornerpoint B.V. allowed to process that data?
Cornerpoint B.V. processes personal data if this is necessary for concluding or performing an agreement with a customer and/or a supplier. This is the case, for example, when a quotation is requested, when an order is placed, or when Cornerpoint B.V. places an order. Furthermore, Cornerpoint B.V. processes personal data if its own interests justify this. This will be the case if it is reasonably impossible for Cornerpoint B.V. to perform its activities without processing such data. Finally, in some cases Cornerpoint B.V. (also) requests permission to use the data. Therefore, the legal bases for processing are:
- Processing is necessary for the performance of an agreement to which the data subject is a party, or is carried out at the request of the data subject for the conclusion of an agreement.
- Processing is necessary for the representation of the legitimate interests of Cornerpoint B.V.(or a third party)
- The data subject has given his or her consent to the processing
With respect to category (ii), in all cases it concerns processing operations that are necessary for Cornerpoint B.V.to realise its services. It simply cannot carry out its activities, it cannot communicate, it cannot ... etc. without using the customer's personal data. Therefore, it has a legitimate interest in those processing operations. Cornerpoint B.V. believes that this interest should take precedence when weighed against the interest of the data subject. The reason for this is twofold. Firstly, the fact that Cornerpoint B.V. knows from experience that such processing operations do not normally give rise to objections. Cornerpoint B.V. therefore takes that as its starting point. Secondly, the fact that Cornerpoint B.V. does not retain the data for longer than necessary. Nevertheless, in order to respect the rights of the data subject to the extent possible, Cornerpoint B.V. only makes use of the data that is necessary to achieve the purpose.
With regard to category (iii), given consent may be withdrawn at any time without stating reasons.
Does that personal data also end up with others?
In some cases, Cornerpoint B.V. will share personal data with parties it collaborates with. These are so-called "processors". Cornerpoint B.V. has concluded agreements with those processors. These serve to ensure that those processors (just like Cornerpoint B.V.) handle the data with care. For example, the agreement obliges the processor to ensure adequate security, to treat the data confidentially, and to destroy the data.
Cornerpoint B.V. does not intend to share personal data with parties other than processors. It anticipates that, at most, information will be shared with (another) employee of the customer or with parties who have a direct relationship with the customer in a few cases.
Will the personal data remain in Europe?
Within this context, reference is made to the European Economic Area (EEA). It consists of the EU countries, plus Norway, Liechtenstein, and Iceland. All countries that are not included are considered to be 'third countries'. Cornerpoint B.V. does not transfer any personal data to third countries. In principle, therefore, personal data remains in Europe. If, in an exceptional case, there is a transfer to a 'third country', this will only be a country in respect of which it has been expressly established at European level that an adequate level of personal data security is guaranteed there.
How long will the data be retained?
Cornerpoint B.V. retains the data it collects for different periods of time, depending on the category of data and the manner in which it has been collected. The exact periods are included in the register of processing operations that Cornerpoint B.V. has set up.
Cornerpoint B.V. has in the first instance based the applicable periods on the statutory (minimum) periods. Consider the legal obligation to retain accounting information. Furthermore, Cornerpoint B.V. has also sought to follow the retention periods included in the PDPA Exemption Decree, where possible. For example, the customer's contact data are subject to a retention period of a maximum of one year after the termination of the relationship between the parties. Finally, in determining the retention periods, Cornerpoint B.V. has been guided by its interests and those of its customers. For example, it may be important for both parties that documents containing (further) arrangements are kept for longer than two years. If such documents (e.g. email correspondence) contain personal data, this will also be retained.
With respect to the data collected via the cookies on the website, the retention periods as set out in the Cookie Statement (see elsewhere on this website) shall apply.
What rights do I have?
According to the law, you are a 'data subject', and data subjects have a number of specifically defined legal rights. You can submit a request with Cornerpoint B.V. to access, receive or modify your personal data or have it deleted. You may also object to the (further) processing of your data. If Cornerpoint B.V. processes your personal data on the basis of your consent, you may withdraw that consent at any time. For all these matters and other questions, please contact
Mr. Rob Jongeneel
Baanhoek 182b, Sliedrecht
+31 184 493 100
Cornerpoint B.V. will respond to your message within one month.
If you believe that Cornerpoint B.V. is acting in violation of applicable laws and regulations regarding personal data, you may lodge a complaint with the Dutch Data Protection Authority (Postbus 93374, 2509 AJ DEN HAAG).
Does Cornerpoint B.V. have an automated decision-making process?
There is no automated decision-making at Cornerpoint B.V.
What else do I need to know?
- To protect your personal data, Cornerpoint B.V. has taken appropriate technical and organisational measures. A description thereof is also included in the register of processing operations. Cornerpoint B.V. periodically assesses whether these measures are still adequate.
- It will be necessary to amend this statement from time to time. Cornerpoint B.V. has the right to do so. We recommend you check this statement for any changes from time to time.
Version 1.0, date 14-06-2018