This privacy statement contains information about us, explains personal data and the processing of personal data and for what purposes we process your personal information. It explains your rights, what we do to ensure your personal data are safe and how long they are stored. This privacy statement applies where personal data about you is processed by us, i.e. when you visit our website (www.jaato.com) or register for a training.
Information about us
Stichting Beheer JAA Training Organisation
2132 HB Hoofddorp
Phone number: +31235679790
Chamber of Commerce number: 41225767
Personal data are data that provide information about you that directly or indirectly identify you. I.e. your name, email address, telephone number, social security number, photo, etc.
Processing personal data
Processing personal data according to the General Data Protection Regulation (GDPR) is: collection, use, organisation, storage, consultation, adaptation or alteration, retrieval, recording, disclosure by forwarding, dissemination or otherwise making available, combining, blocking, erasure or destruction of your personal data.
We process your personal data for the following purposes: so that we can contact you, for the implementation of an agreement with you, so that we can inform you of changes to our services or products, so that we can deliver our products or services to you, to send newsletters if you gave permission, for general or targeted offers, for your account on our website, to post reviews. We only process personal data that are necessary for these purposes.
We also process your personal information to fulfil legal obligations, improve our services, to investigate complaints and to prevent fraud. We will never sell your personal information to third parties. We don't draw up profiles of you and we don't take automated decisions that can have sgnificant consequences for you. In order to take care of your personal data, we conclude a processing agreement with companies if those companies process your data in our assignment.
Personal data that we process
In order to carry out the purposes, we process the following personal data:
- First and last name,
- Phone number,
- E-mail address,
- Date of birth,
- Birth place,
- Civil service number,
- IP address,
- Bank account number,
- Company name,
- Exam results,
- Followed trainings,
Who we share Personal Data with
We may share personal data with third parties only to the extent necessary to perform their functions.
That can be business partners, suppliers, agents and/or sub-contractors for the performance of any agreement we enter into with you. They may assist us in providing the services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, updating and analysing data, providing IT and other support services or in other tasks, from time to time. We may have to disclose or share your personal data in order to comply with any legal obligation.
In the case of transfers of personal data to third parties that are located in a country that is not subject to an adequacy decision by the European Commission, we will only transfer your personal data to third parties provided that there are contractual arrangements with them to ensure that processing of personal data is consistent with the obligations set out in the GDPR.
Personal data are personal and should remain personal. We find it just as important as you that your personal data do not go public or are processed unlawfully. We have policies and procedures that aim to ensure that all our staff, contractors and others that we work with and who process any personal data held by us or on our behalf, are aware of and abide by their duties under the GDPR. We therefore implemented appropriate technical and organisational measures to safely handle your personal data.
To secure your personal data we use security software such as a virus scanner and firewall, passwords for electronic systems, a secure internet connection, backups and encryption. All premises and data centres used by us for IT infrastructure are secured by access control systems and only a limited number of staff members and, on occasion, reputable and trusted third party IT suppliers that are subject to appropriate data protection and confidential obligations, have supervised physical or remote access to our IT infrastructure and systems.
Storage personal data
We do not store your personal data longer than is strictly necessary for carrying out the purposes. If there are legal requirements applicable to the storage, the personal data are no longer stored than required by law. We will delete personal data that are no longer required in an appropriate and secure manner.
You also have rights
Wish to know which personal data we processed? Send an email to email@example.com with a request for access to your data. You will receive a response to the request within four weeks.
Are your personal data incorrect, incomplete, irrelevant for the purposes for which they are processed or otherwise in breach of the GDPR or other legislation? Send an email to firstname.lastname@example.org with a request for correction of your personal data. Correction also means addition, deletion or even blocking of your personal data. You also have the right to object to the processing of your personal data, the right to have less data processed, the right to withdraw permission and you have given and the right to data portability.
Send your request to email@example.com. Or contact us by phone: +31235679790. You will receive a response to the request within four weeks. If your request is not satisfactory handled, you can always submit a complaint to the Dutch Data Protection Authority.
We review our policies and procedures regularly and we reserve the right to amend the terms of this Privacy Statement from time to time at our absolute discretion. Any amended Privacy Statement will be posted on our website and you are encouraged to visit our website from time to time to ensure that you are aware of our latest policies in relation to the protection of your personal data.