In effect since 26 March 2018 - Last revision date: 15 June 2020
For EclecticIQ B.V. and/or its group member companies ("EclecticIQ", “Controller”) it is an essential goal to ensure that we protect the information entrusted to us by you, our customers and the users of our EclecticIQ websites or services. At EclecticIQ we are committed to upholding the highest privacy and data protection standards. This is critical for the maintenance of your privacy and for the professional standards to which EclecticIQ is holding itself. We also believe it is important to be transparent when it comes to our information handling and we are committed to fulfilling the requirements under the General Data Protection Regulation ("Algemene Verordening Gegevensbescherming") (hereafter referred to as "GDPR") and for you to be able to exercise your rights thereunder.
What kind of data may we collect?
We collect data from you or about you when you use our website, products, and services or in other interactions. The specific data we collect about you depends on what you use and how you use it. We may collect:
- Contact details such as name, address, telephone number and email;
- Information about date of birth, age and gender;
- Employment information about you at your company such as job title, position including preferences and interests in professional context;
- Feedback, comments or questions about EclecticIQ, or concerning our programs and services;
- Photos or video of you recorded at our premises;
- Content you have uploaded such as photos and video;
- Unique user information such as login ID, IP address, username, password and security question;
- Financial information;
- Website traffic information as provided by your web browser such as browser type, language and the address of the website from which you arrived and other traffic information such as IP address;
- Clickstream behavior such as which links you click and when;
- We may obtain personal data about you from other sources, such as public registers or other publicly available information.
- Sensitive personal data (GDPR art.9)
- Professional information such as job titles, previous roles, and professional experience and qualifications;
- Where you provide the information to us, information concerning your interests both business and personal;
- Details regarding your attendance at our events, or an event where we met you;
- Details of your visits to our website including, but not limited to, traffic data, location data, and web logs;
How do we collect your data?
You directly provide us with most of the data we collect. We collect data and process data when you:
- when you register online or place an order for any of our products or services;
- when you voluntarily complete a customer survey or provide feedback on any of our message boards or via email;
- when you use or view our website via your browser’s cookies;
- when you provide us with information in relation to your attendance at any of our hosted events;
- when you provide information to us by filling in forms on this web site;
- when you contact us, for example, to enquire about our services or apply for a job;
Our Company may also receive your data indirectly from the following sources:
- through our provision of services to you, or the organization you represent;
- when we collect publicly available information about you or your business (including through electronic data sources); and
- when we collect your personal data from our clients, consultants, suppliers and other advisers;
How will we use your data?
We may process your personal data for the following purposes:
- To respond to any queries that you may have;
- For marketing and business development activities, such as newsletters, invitations or registration for our events and other marketing communications that may be of interest to you;
- For you to obtain a particular service, product and/or resource offered by us on our website;
- To handle your job application;
- To optimize your use of the website or services in order to have an experience which is truly tailored to you based on your personal data;
- For the performance of a contractual relationship with you;
- To comply with the legal obligations we are subject to in the Netherlands or in other jurisdictions. Some of these legal obligations are related to the processing of so-called special categories of personal data;
- In the context of prevention and mitigation of cyber incidents and threats.
- Other legitimate interest
We will process your personal data based upon one or more of the following legal grounds:
- Performance of a contract;
- Compliance with a legal obligation; and/or
- Legitimate interest.
- Your consent;
How do we store your data?
We collect and process personal information about: (i) website visitors; (ii) customers, suppliers, business partners (and their directors, officers, employees, managers, affiliates and agents); (iii) employees, contractors and staff (and applicants / candidates); (iv) other visitors and people we connect with for professional or social reasons.
For example, for the purpose of sending you newsletters, your e-mail address will be retained as long as you are subscribed to our newsletter. If you do not wish to receive our newsletter anymore you can simply unsubscribe. If you applied for a job via our website, your submitted personal data is automatically deleted after 120 days or sooner upon request.
We may share your personal data with among others the following third parties and their successors.
- EclecticIQ group member companies such as EclecticIQ North America, Inc.
- EclecticIQ agents, partners (including but not limited to distributors and resellers) and vendors;
- Suppliers, processors and/or service providers, as well as our legal representatives and our auditors;
- In the context of attracting investments, a merger, takeover, divestment or other corporate strategic reasons, personal data can be (occasionally) shared with third parties.
And only upon its request and provided the request has been submitted on legitimate grounds:
- Local, European and International supervisory authorities;
- Any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person.
List of our subprocessors relevant to your data processing can be provided upon request.
Data security and data transfers
We take data security extremely seriously and are continuously looking for ways to keep enhancing our data security standards. For instance, we use Secure Sockets Layer (SSL) technology connections whenever processing sensitive data and our third party API tokens come equipped with high level encryption.
EclecticIQ would like to send you information about products and services of ours that we think you might be interested in and you might like, as well as those of our partners.
If you have agreed or have subscribed to receiving our marketing materials, you may always opt out at a later date. You have the right at any time to stop us from contacting you for marketing purposes or giving your data to other members of our company group.
What are your data protection rights?
As a Data Subject you might have certain rights under GDPR. These are:
- The right to be informed; This means anyone processing your personal data must make clear what they are processing, why, and who else the data may be passed to.
- The right of access; this is your right to see what data is held about you by a Data Controller.
- The right to rectification; the right to have your data corrected or amended if what is held is incorrect in some way.
- The right to erasure; under certain circumstances you can ask for your personal data to be deleted. This is also called ‘the Right to be Forgotten’. This would apply if the personal data is no longer required for the purposes it was collected for, or your consent for the processing of that data has been withdrawn, or the personal data has been unlawfully processed.
- The right to restrict processing; this gives the Data Subject the right to ask for a temporary halt to processing of personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
- The right to data portability; a Data Subject has the right to ask for any data supplied directly to the Data Controller by him or her, to be provided in a structured, commonly used, and machine-readable format.
- The right to object; the Data Subject has the right to object to further processing of their data which is inconsistent with the primary purpose for which it was collected, including profiling, automation, and direct marketing.
- Rights in relation to automated decision making and profiling; Data Subjects have the right not to be subject to a decision based solely on automated processing.
How to contact us?
Personal Data of Children
EclecticIQ does not direct any of its pages, products or services to children, as defined under applicable law, and we do not knowingly collect personal data from children. We are committed to protecting the privacy needs of children and we encourage parents to monitor their children’s online activities and interests.
If you become aware that your child has provided us with their personal data without your consent, please contact us at [email protected] and we will delete his/her data from our files.