Privacy Policy & Disclaimer

Privacy Policy

This document has been automatically translated for NEG-ITSolutions B.V., a company registered in Nieuwegein with Chamber of Commerce number 70518793, trading under the names NEG-ITSolutions B.V., ICTlifecycle, MacRetour, PcRetour, Digital and Logistics Services, IT Group Managed Services, IT Group, IT Group Professional Services, IT Group Hardware Services, IT Group Cloud Services (hereinafter: NEG-ITSolutions). NEG-ITSolutions is part of the Circular IT group and is therefore bound by the 'Privacy Policy Circular IT group,' as described below.

Privacy Policy Circular IT group

Introduction and scope

This is the Privacy Policy of Circular IT Holding B.V., with Circular IT Holding B.V. a private company with limited liability incorporated under the laws of The Netherlands, having its registered seat in Zoetermeer and its principal place of business in (2718 TB) at Radonstraat 300, The Netherlands, registered in the Trade Register of the Chambers of Commerce in The Netherlands, under number 86301853 and/or any of its affiliates (Circular IT group) and the organisations directly associated with it.

This Privacy Policy applies to all persons who have contact with Circular IT group, except for its employees. More specifically, this means that this Privacy Policy applies to:

  • clients, visitors, job applicants, principals, contractors (including self-employed persons without employees and suppliers, to the extent the latter are natural persons) and other contacts of Circular IT group;

  • visitors to the website of Circular IT group or a domain name associated with this domain name.

All of these persons are referred to collectively hereinafter by ‘you’ and ‘your’. The words ‘we’, ‘us’, and ‘our’ refer to Circular IT group. With regard to the processing of your Personal Data, Circular IT group qualifies as Controller. Chapter 1 defines several terms. Those terms are capitalised in the Privacy Policy.

It is important to us that your Personal Data are handled with all due care. Needless to say, we comply with all statutory rules, including the General Data Protection Regulation (‘GDPR’) and exercise due care to adequately secure your Personal Data.

We ask you to review this Privacy Policy carefully. For the sake of readability, we have divided the general portion of the Privacy Policy into chapters. You will find a table of contents below.

This Privacy Policy was most recently amended on, and has applied since, August 2023.

Contents

  1. DEFINITIONS

  2. THE PERSONAL DATA PERTAINING TO YOU WHICH WE CAN PROCESS

  3. WHY DO WE PROCESS YOUR PERSONAL DATA?

  4. GROUNDS ON WHICH WE PROCESS PERSONAL DATA

  5. SHARING PERSONAL DATA WITH THIRD PARTIES

  6. SHARING PERSONAL DATA OUTSIDE THE EUROPEAN ECONOMIC AREA

  7. SECURITY

  8. YOUR RIGHTS

  9. COOKIES AND SIMILAR APPLICATIONS

  10. RETENTION PERIODS

  11. CONTACT DETAILS / QUESTIONS / COMPLAINTS / COMMENTS

  12. AMENDMENTS

1. DEFINITIONS

Data subject: person whom the Personal Data being processed regard. In other words: the person whose personal information is being processed.

Third Parties: natural or legal persons which are not Data Subjects or part of Circular IT group, such as: natural or legal persons with which Circular IT group shares Personal Data pursuant to a contract. These Third Parties might be processors or co-Controllers.

Personal Data: all data that related to an identified or an identifiable person. In other words: all information that identifies or can be used to identify the Data Subject.

Processing: everything that can be done with Personal Data, such as collection, recording, storage, alteration, retrieval, use, dissemination, or destruction.

Controller: party who processes a Data Subject’s data for a particular purpose. In this Privacy Policy, the Controller is Circular IT group.

2. THE PERSONAL DATA PERTAINING TO YOU WHICH WE CAN PROCESS

Below, we explain which of your Personal Data Circular IT group can process.

Data you have provided yourself, such as:

  • your contact details (name, address, city/town of residence, email address, telephone number);

  • your gender and date of birth;

  • data collected from you in a telephone conversation;

  • data collected from an email from you;

  • login details;

  • payment details;

  • data from your CV or about your employment history.

Data we have received via our websites, newsletters and emails:

  • information about the device you used to visit our website;

  • your surfing behaviour on the website, such as: which data/which of our web pages you have viewed; how you navigate the website; whether you open a newsletter or email and which parts of it you click on; the dates and times of your visit to the website;

  • the operating system you are using;

  • your browser type and IP address;

  • your Internet provider;

  • the Internet address of the website to which the link is made;

  • the geolocation;

  • the data you downloaded from the website.

Data we have received from other sources, such as via:

  • video images (in the locations which we have posted signs referring to the presence of security cameras); 

  • data available from public sources and apparently published by you, such as those on social media and commercial websites; 

  • data obtained from the Trade Register of the Chamber of Commerce and the Land Register.

3. WHY DO WE PROCESS PERSONAL DATA?

We use your Personal Data for the following purposed:

  • to verify your identity;

  • to improve our services (and the safety of those services), including by conducting checks;

  • to process your orders, to inform you about the status of your order and to ensure that your orders are handled as easily and as smoothly as possible;

  • to personalize the website for you and to be able to recommend you the products which you might find interesting;

  • to place product reviews on our websites;

  • if you react to any sale discount, to be able to process such sale discount and to measure the response to our marketing campaigns;

  • to inform you about news and developments at Circular IT group;

  • to enable us to evaluate, study, and develop our services;

  • to contact you for newsletters, if you have signed up for them;

  • for internal quality purposes;

  • to manage, secure, adjust, and improve our websites;

  • for marketing/commercial purposes;

  • for recruitment and selection;

  • to comply with a statutory obligation imposed on Circular IT group;

  • to be able to contact you and respond to any questions you have submitted;

  • to deal with your requests for information and to settle complaints;

  • to prevent theft, misuse, vandalism, or other criminal conduct;

  • for educational purposes;

  • to enable us to conduct satisfaction surveys.

4. GROUNDS ON WHICH WE PROCESS PERSONAL DATA

In order for us to use Personal Data, we must have a ground to do so based on the GDPR. We use the following grounds:

  • you have given Circular IT group your express consent;

  • the use is necessary to performing or entering into a contract with you;

  • the use is necessary to comply with a statutory obligation;

  • in emergency situations: the use is necessary to protect your vital interests or those of another person;

  • we have a legitimate interest in the use, unless this interest is outweighed by your interest, or a Third Party’s interest, in privacy.

If Circular IT group processes your personal data on the basis of your consent, Circular IT group will ask you for it separately. You may withdraw your consent at any time. Circular IT group draws your attention to the fact that the withdrawal of your consent does not affect the lawfulness of the processing of your personal data prior to the withdrawal of your consent.

Circular IT group can invoke the following legitimate interests:

  • the protection of your safety;

  • the protection of the safety of our clients and/or others, as well as the security of the buildings and property of Circular IT group;

  • quality and training;

  • the advancement of IT management and the improvement of security;

  • the analysis and improvement of the services and content of our websites;

  • the supply, improvement, adjustment, support, research, and analysis of our services;

  • the advancement of the quality and security of our services;

  • communication with you and other contacts of Circular IT group;

  • the prevention and combating of fraud, unauthorised use, and violations of our general terms and conditions and policy rules or other harmful or illegal activities.

5. SHARING PERSONAL DATA WITH THIRD PARTIES

We share your Personal Data with Third Parties only if this is necessary because those Third Parties perform work at the instruction of Circular IT group and then only for the purposes described in this Privacy Policy. If a Third Party is engaged, Circular IT group will ensure that this Third Party maintains the same level of security and confidentiality as we do.

Circular IT group may engage contractors from the following categories:

  • IT-management;

  • website management;

  • website hosting;

  • email communication.

Circular IT group remains responsible for the processing of your Personal Data. Circular IT group enters into contracts with Third Parties to ensure that your Personal Data are properly secured.

Circular IT group may, as the result of a merger, acquisition, or sale, of all or part of its organisation, share your Personal Data with a Third Party, such as a potential buyer or seller. Naturally, we will inform you of this via a clearly visible notification on our website.

6. SHARING PERSONAL DATA OUTSIDE THE EUROPEAN ECONOMIC AREA

It may sometimes be necessary to transfer your Personal Data to Third Parties established outside the European Economic Area (‘EEA’). In accordance with the GDPR, Circular IT group will only transfer your Personal Data to countries outside the EEA if:

  1. the European Commission has decided that the third country offers an adequate level of protection; or

  2. appropriate safeguards are offered, you have enforceable rights, and you have effective legal remedies; or

  3. the transfer is necessary for the performance of your contract with Circular IT group; or

  4. you have expressly consented to the transfer after being informed of the risks that such transfer entails; or

  5. the transfer is necessary for important reasons of public interest; or

  6. the transfer is occasional and required by the compelling interests of Circular IT group and Circular IT group has implemented appropriate safeguards and has informed the Dutch Data Protection Authority of these.

In situations in which Circular IT group transfers your Personal Data outside the EEA, we take measures to ensure that your Personal Data remain adequately protected.

7. SECURITY

Circular IT group takes the protection and security of your Personal Data very seriously and takes continuous measures to afford your Personal Data optimum protection against unlawful use. We have taken the following measures, among other things:

  • access to the Personal Data is restricted to authorised persons, whereby this number is kept as low as possible;

  • all employees of Circular IT group have signed a confidentiality agreement, whereby they undertake to observe complete confidentiality with regard to all information (including Personal Data);

  • the electronic transmission of Personal Data always takes place via a secure connection;

  • the website is secured via https;

  • we ensure that your Personal Data are only shared with Third Parties if we have agreed appropriate security measures with these Third Parties .

In addition, Circular IT group ensures that all of its user settings, programs and services are designed from the very beginning of development to maximise your privacy protection. With regard to the provision of information and services, Circular IT group applies the ‘opt-in’ rule by default: information or services are only provided if you have expressly consented to this. This can be done, for example, by ticking a box on the website.

8. YOUR RIGHTS

If any of your Personal Data are processed, you have a number of rights, which are set out below. You may exercise these rights by submitting your request in writing to Circular IT group or by sending an email to [email protected]. Circular IT group verifies your identity before your request can be met.

Circular IT group will respond to your request as soon as possible, but at the latest within one month. In principle, your requests will be processed electronically, unless this is not possible or you request otherwise. Circular IT group will not charge you for the processing of the aforementioned requests, unless your requests are excessive.

  1. Access to Personal Data
    You can ask us at any time to indicate which (categories of) your Personal Data Circular IT group processes, for which purposes, from which source the data come, and which retention periods are applied.

  2. Changing Personal Data
    In addition, you can contact us at any time to complete or correct your Personal Data. In the unlikely event that Circular IT group has processed and/or provided incorrect Personal Data about you, Circular IT group will rectify this immediately. If Circular IT group has changed your Personal Data, Circular IT group will notify you accordingly.

  3. Minimising the processing of your Personal Data
    If you do not agree with the content of the Personal Data about you stored by Circular IT group, you can submit a request to temporarily minimise the processing of your Personal Data.

  4. Withdrawing consent
    You can also withdraw the consent you have given for the processing of your Personal Data. Upon receipt of your letter or email, Circular IT group will immediately cease processing of your Personal Data for which you have given your consent. However, the withdrawal of your consent will not affect the processing operations that have already taken place.

  5. Right to transfer Personal Data (right to data portability)
    You can retrieve the Personal Data about you stored by Circular IT group in a structured, commonly used and machine-readable format. After receiving your Personal Data, you are free to transfer this information.

  6. Right to be forgotten
    If you no longer wish to make use of Circular IT group ‘s services, you may submit a request for the deletion of all your Personal Data.

  7. Right to object
    You have the right to object to the processing of your personal data which Circular IT group bases on the grounds ‘legitimate interest of Circular IT group or a Third Party’ or ‘performance of a task carried out in the public interest’. If Circular IT group bases itself on these grounds, Circular IT group will weigh its interests against your privacy. The right to object entitles you to require Circular IT group to repeat this weighing of interests.

  8. Right to lodge a complaint / pursue a judicial remedy
    We make efforts to join you in working to find a fair solution if you have a complaint or problem relating to our use of your Personal Data. However, if your position is that we cannot assist you with your complaint or problem, you also have the option of lodging a complaint with the Dutch Data Protection Authority or instituting judicial proceedings. You will find the contact details of the Dutch Data Protection Authority (Nederlandse Autoriteit Persoonsgegevens) by clicking here.

9. COOKIES AND SIMILAR APPLICATIONS

Circular IT group uses cookies and similar applications on its website. Cookies are small pieces of information that are stored on your computer. We use cookies to provide services and ensure that our services function properly. This enables Circular IT group to see how its visitors use the website. In this way, Circular IT group can customise its website according to user preferences. On a subsequent visit to Circular IT group’s website, these small pieces will be recognised.

More information about the cookie policy can be found on in the cookie policy on the website(s) of Circular IT group.

10. RETENTION PERIODS

Circular IT group does not retain personal data for longer than is necessary for the purpose of the processing. Circular IT group retains your Personal Data as long we consider this necessary to be able to provide you with services, to enable you to use our website, to comply with applicable laws, to resolve disputes with parties, and for other purposes that enable us to conduct our commercial activities.

Circular IT group in any case retains your Personal Data during the period in which you are party to a contract with Circular IT group. Some Personal Data are subject to statutory retention periods. Circular IT group fully complies with these retention periods.

Circular IT group retains video images from security cameras for a maximum of four (4) weeks, unless these must be retained longer in connection with an incident.

11. CONTACT DETAILS / QUESTIONS / COMPLAINTS / COMMENTS

We have appointed a privacy officer whose duties include supervising the proper handling of your Personal Data. If you have any questions, remarks or complaints about the protection of your Personal Data by Circular IT group, you can of course contact the privacy officer. The contact details are:

Radonstraat 300, 2718 TB Zoetermeer, The Netherlands
079 762 0200
[email protected]

We truest that you ensure that your Personal Data are complete, correct, and up to date. Please inform us immediately of any changes or errors in your Personal Data by contacting the privacy officer.

12. AMENDMENTS

It may happen that our Privacy Policy will need to be amended. The most recent version is always available on our website.