One2One regards the protection of personal data as a very important part of our business operations and services. Protecting this data is the basis of our reliability as a supplier and a business partner. By personal data we mean, in this case, any information about an identified and/or identifiable natural person.
In this privacy statement you can read which of your personal data One2One4B B.V. (One2One) and the companies affiliated with or connected to us collect. We collect this information because we have an agreement with you or are in contact with you about our services and products.
This statement provides information on the following:
- why we process personal data
- how long we keep personal data
- how you can view and make changes to your personal data we hold
- how we protect your personal data.
Our privacy promises
Our privacy promises can be summarized as follows:
- Purpose and limitation: One2One only processes personal data for specific, explicit, legitimate purposes.
- Basis: In each case, One2One only processes personal data on the basis of one of the legal grounds.
- Minimising data collection: One2One takes measures to keep the amount of personal data we process to a bare minimum.
- Transparency: One2One provides stakeholders, such as clients, prospects, employees, applicants, seconded workers, and suppliers, clear insight into how One2One uses their personal data.
- Security: One2One takes security very seriously. In every choice we make, we include measures to see that privacy is protected as well as possible.
Personal data protection
One2One does its utmost to ensure your personal data is handled with care at all times. Furthermore, we do all within our power to prevent the loss and/or any unlawful use or processing of such data. We do this through the implementation of appropriate technical and organizational measures, including some of the latest innovations in the area of security. Where we need to share your personal data with third parties in order to perform our duties, we conclude data processing agreements for this purpose.
If, despite our best efforts, a security and/or data breach occurs, we will act in accordance with the company procedure we have drawn up for this purpose. In such a case, we will of course do everything we can to minimize the consequences of the breach.
If the breach poses a risk to privacy, we will report this to the Dutch Data Protection Authority. When desirable, and in any case when required by law, we will also inform the data subjects about the breach.
Under the General Data Protection Regulation (GDPR), you have the following rights with regard to the processing of your personal data:
- The right of access; You have the right to obtain a copy of your personal data processed by One2One.
- The right to rectification; You have the right to have Centric rectify and/or complete your personal data.
- The right to erasure/“be forgotten”; You have the right to have Centric erase your personal data.
- The right to data portability; You have the right to have Centric transfer your personal data to a third party.
- The right to restrict processing; You have the right of restriction of processing of your personal data by One2One.
- Rights in relation to automated decision making and profiling; You have the right to have decisions made about you made by a person (unlike with automated decision making).
- The right to object; You have the right to object to One2One regarding the processing of your personal data.
How to exercise you rights
One2One takes the privacy of your personal data very seriously and has, accordingly, appointed a privacy officer who can answer any question you may have concerning privacy rights. You can contact us via firstname.lastname@example.org.
The right to lodge a complaint with a supervisory authority
One2One handles your data as transparently and carefully as possible. If you do have a complaint about the processing of your data, we ask that you first contact us by sending an email to email@example.com. We will then do our utmost to resolve your complaint. In the unlikely event that you do not agree with the measure taken, you can contact the Dutch Data Protection Authority.