Privacy

The importance of data protection

ENPERAS sets great store by ensuring that the data that it processes are granted the correct level of protection, especially personal data. ENPERAS would like to use this privacy statement to strategically lay down the ways in which data are protected, the responsibilities that are assigned in this regard, and the priorities that ENPERAS has determined concerning data protection.

Scope of this privacy policy

This privacy statement applies to the entire lifespan of information within ENPERAS websites, from obtaining information to final deletion of information within the organisation.

Additional guidelines or procedures can be established for specific areas or processes (for instance research or questionnaires) within ENPERAS that provide a detailed explanation of the measures that are being taken in order to achieve the desired level of data protection.

As ICT suppliers play an important role in setting up the ICT environment for processing data, the privacy statement also stipulates the policy principles for this.

Which personal data do we collect?

We collect various types of personal data:

  • Personal data that you provide us with via web forms: for example, your name, email address, and telephone number when you use our contact form;
  • Personal data that we obtain as a result of you using the websites:
    • Log file information: we keep the following data in server logs, amongst other data:
      • IP address;
      • Browser information;
      • The external web page from which you visited us;
      • The pages that you have visited on our websites;
      • The time at which the pages were visited and how long they were visited for.
    • Device details: we can keep track of which device you use to visit our websites;
    • Cookies: we use cookies to identify our visitors and we need to do so in order to obtain visitor statistics. For more information regarding cookies, please refer to our cookie policy.

What do we use the personal data for?

We use the personal data that we collect in order to provide the correct service and to maintain, protect and improve it. Your personal data are only retained for as long as this is required to fulfill the objective for which we have collected these. When your personal data is no longer needed, we will remove it.

We can use your personal data to inform you and communicate with you:

  • Primarily to give feedback when you have submitted a question via the contact form;
  • When issuing our newsletters and magazines if you have subscribed to these.

We only share your personal data:

  • With your consent: we only share your personal data with companies other than ENPERAS providing that you have consented to this. Be aware that when you click on a social media button, the privacy policy of this provider applies;
  • For legal reasons: it may be the case that we need to share your personal data in order to comply with a statutory obligation;
  • With parties that process personal data for us: these parties may only process personal data by order of ENPERAS. Processing of this type is laid down in a processing agreement concluded between ENPERAS and this party.

What do we do to protect your personal data?

In particular, ENPERAS takes all reasonable measures to ensure that the data of website users and the personal data that they make available are protected against:

  • loss: data are no longer available;
  • leaks: data falling into the wrong hands;
  • errors: data are not correct; for example, obsolete or incomplete;
  • not accessible: data are not accessible when required;
  • wrongful access: viewed by persons who are not authorized to do so;
  • the inability to establish who viewed, amended, or deleted the data;
  • processing that is not in line with legislation, guidelines, and standards.

Your rights

You can ask us (free of charge):

  • Which data we have about you;
  • What the aim is of specific processing;
  • Who processes your personal data.

You have the right (free of charge):

  • To have a copy of your personal data that we process for a particular purpose;
  • To submit a request that your data be deleted;
  • To ask us to no longer process your personal data (if you have a valid and legal reason for this).

ENPERAS will never process personal data relating to political or religious preferences or beliefs, race, or any other data relating to your health or sexuality.

Protocols

For some of our projects, we will collaborate with various governments, institutions and occasionally exchange data. In order to provide full transparency in these matters we are often required to draft a protocol which details this exchange. These documents are available here on our website:

ENPERAS - AAPD Access the document (in Dutch)

CaPaKey-data which concerns buildings, their details, and their unique ID-codes are transferred to aid the federal AAPD agency with their legal task of calculating the cadastral income.

Contact information

If you have any further questions regarding the processing of personal data. If you would like to submit a request to amend, view, delete or report a databreach of your data. Please fill out the privacy contact form. We kindly request proof of identity and we will process your request within 30 days of receipt of your email.

Policy principle for data protection

ENPERAS, both in its role as a controller and processor:

  • Is transparent regarding the personal data that it processes and the processing purpose, both to those involved, the clients and the supervisors. The communication is honest, easily accessible, and comprehensible. The transparency principle also applies when personal data are being exchanged.
     
  • Only processes the data that is relevant to the execution of its tasks. Each task where personal data are processed is justifiable. This is also evaluated in the event of a new processing purpose if necessary based on a data protection impact assessment.
     
  • Only processes the personal data that are strictly necessary to carry out its activities. As a result, identifying factors that form part of the personal data will be kept to a minimum.
     
  • Assesses the integrity of personal data during the entire processing cycle.
     
  • Do not store data for longer than is necessary. The necessity is checked against statutory obligations and the rights and freedoms of those affected.
     
  • Prevents infringements that ensue as a result of processing personal data. Information security, data protection by design and privacy-friendly standard settings are useful resources here. If an infringement occurs, reporting is carried out in this regard in line with relevant legislation in this area.
     
  • Is able to implement all of the valid rights of anyone affected, such as the right to access, copy and even delete data.
     
  • Actively checks that the rights and freedoms of the person affected are safeguarded when processing personal data for a particular purpose.
     
  • Processes data in line with the rights and freedoms that apply in the European Economic Area and checks that these apply when data is exchanged outside the EEA.
     
  • Can demonstrate that it complies with all policy objectives, in accordance with the statutory provisions. This accountability is monitored by means of internal supervision and control and can be achieved in accordance with the legally applicable principles.

This policy applies across ENPERAS:

  • The head office and ENPERAS's other registered offices;
  • All ENPERAS employees, and external parties who work within ENPERAS on a fixed or non-fixed contract;
  • All company resources and information processing systems that ENPERAS manages and systems that external employees manage for the purpose of information processing for ENPERAS such as databases, information irrespective of the carrier, networks, data centers, etc.;
  • All processing activities, both as a controller and processor.