Privacy Statement

Last updated: November 1, 2024

Parties and Roles

PrivacyDocs is a suite of services (the 'Services') offered by BISOT Advies V.O.F., a company registered in The Netherlands, registration number 91533937 (the 'Provider').

The Services consist of the Website, the Document Management Service, and the Consultancy Service. The Website and the Document Management Service are delivered through the website PrivacyDocs.eu where they are made available to individuals. The Services are solely offered to businesses and organizations, referred to as the 'Clients', and not to consumers.

Some individuals enter into a contract with the Provider on behalf of their organizations, pay for the Services, and act as administrators of their space at the Services (the 'Administrators').

The Provider acts as a controller when promoting and selling the Services, and as a processor when providing the Services.

Processing as a Controller

The following processing is performed by the Provider acting as a controller:

Operating the PrivacyDocs.eu website

Operating the PrivacyDocs.eu website and serving content that does not require user authentication.

  • Purpose: Operate the PrivacyDocs.eu website.
  • Categories of personal data: IP addresses, browser details, HTTP requests, website access history.
  • Categories of data subjects: Any individual browsing the website.
  • Data sharing: The data is shared with the processors listed in the 'Processors' section of the DPA.
  • Retention: 3 months.
  • Legal basis: Legitimate interest to promote the PrivacyDocs service, and legitimate interest in security.
  • Rights provided to the individuals: Right to be informed.

    • Placing Cookies

    No cookies are placed by the PrivacyDocs.eu website. Accordingly, no cookie consent message is displayed.

    Processing Payments

    Processing subscriptions and payments for providing the Service.

  • Purpose: Provide the Services.
  • Categories of personal data: Contact details (name, email address), payment details (credit card details), IP addresses.
  • Categories of data subjects: Administrators.
  • Data sharing: The data is shared with the processors listed in the 'Processors' section of the DPA.
  • Retention: 7 years.
  • Legal basis: Legitimate interest to provide the Service, legal obligation to keep financial records.
  • Rights provided to the individuals: Right to be informed.

    • Processing as a Processor

    More on this:

    You control

    When providing the Services, the Client acts as a controller, and the Provider acts as a processor, subject to the Data Processing Agreement.

    This processing includes creating an account with the Service for specific individuals, and performing all authenticated interactions with the Service.

    Security of Processing

    The Provider implements appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include data encryption in transit and at rest, access controls for both the Client and within the Provider, and other measures.

    Data Transfers

    The personal data may be transferred outside the European Economic Area (EEA). We ensure that appropriate safeguards are in place to protect the data, such as standard contractual clauses or other legal mechanisms.

    Automated Decision-Making

    We do not engage in automated decision-making, including profiling, that produces legal effects concerning individuals or similarly significantly affects them.

    Data Subject Rights

    Individuals have the right to access, rectify, erase, restrict processing, data portability, and object to processing of their personal data. To exercise these rights, please contact us using the contact information provided below.

    Updates to the Privacy Statement

    We may update this privacy statement from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this privacy statement periodically to stay informed about how we are protecting your information.

    Regulator and Complaints

    If you have any concerns about our use of your personal data, you have the right to lodge a complaint with the relevant supervisory authority. In The Netherlands, this is the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

    Link to contact details of the Dutch Data Protection Authority

    Contact

    For any questions or concerns regarding this Privacy Statement or the Provider's data protection practices, please contact us, BISOT Advies V.O.F. via email at info@privacydocs.eu.

    Language

    This document is available in multiple languages. In case of any discrepancies in understanding, the English version shall prevail.