Privacy Statement LegionellaDossier
1. Introduction
Welcome to LegionellaDossier! We understand the importance of handling your personal data with care when we vSmart B.V., trading under the name LegionellaDossier (LegionellaDossier or we) process it while browsing our website (https://legionelladossier.com) and providing our services which includes the provision of the mobile application and platform. In this privacy statement, we will set out in general terms how we process your personal data. In this context, personal data means any data that directly or indirectly identifies a natural person. Should it be necessary to inform you specifically of any issues, we will do so with reference to this privacy statement.
2. Controller
We are responsible for the processing activities described in this privacy statement. Indeed, for these activities, we determine the purposes and means of processing. We always process personal data in accordance with applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR)
3. Categories of persons
We process the personal data of the following categories of individuals:
- Customers - persons who are (potential) customers and persons employed by
(potential) customers. - Users – persons who are using our app and/or platform.
- Website visitors - individuals who visit the website.
- Third parties - persons whose personal data appears in our files; other persons with
whom we have contact.
4. Minors
In general, we do not provide our services to persons under 18 years of age and do not knowingly process personal data of these minors. If we become aware that we have (inadvertently) processed the personal data of minors, we will take appropriate measures, such as requesting permission from parents or guardians or deleting the data immediately.
5. Categories of personal data
5.1. Customers
From customers we process - as far as reasonably necessary for providing the services - the
following data:
- 5.1.1. Contact details: name, address, gender, e-mail address, signature, job title,
title, telephone number, Chamber of Commerce number, VAT number, bank account number, unique identification number (case number) and nationality. - 5.1.2. Details of the services: information about the services.
- 5.1.3. Invoicing data: data for the purpose of calculating and recording fees, income and/or expenses, collecting and making payments and collecting claims.
- 5.1.4. Other data: data whose processing is required by applicable laws or regulations or data that customers provide us with on their own initiative, such as the field of business and expertise.
5.2. Users
From users we process - as far as reasonably necessary for providing the services - the
following data:
- 5.2.1. Account credentials: name, user-name and e-mail address.
- 5.2.2. Account data: All data that is relevant account data that is relevant for using our services such as relevant tasks, the organisation, e-mail address, job title and telephone number.
- 5.2.3. Account diagnostic data: automatically generated data for diagnostic purposes such as unique identifier, IP-address, session length, operating system version, configuration of the app and/or platform, time and date of use of app and/or platform
- 5.2.4. Account analytical data: automatically generated data for analytical purposes
5.3. Website visitors
From website visitors we process - as far as reasonably necessary for providing the services -
the following data:
- 5.3.1. Communication data: data from the equipment used to visit the website, such as the IP address and the software used.
- 5.3.2. Technical data: data for the purpose of identifying and communicating with website visitors or data recorded to keep track of our website visitor statistics.
5.4. Third parties
From third parties, we process - as far as reasonably necessary for providing the services and
increase user engagement - the following data:
- 5.4.1. Contact details: name, address, gender, e-mail address, job title, title, telephone number, Chamber of Commerce number, VAT number, bank account number, unique identification number, and nationality.
- 5.4.2. Other data: data that we receive from customers or third parties or collect from a public source, data whose processing is required by applicable laws or regulations, or data that third parties provide to us on their own initiative.
6. Obtaining personal data
We may obtain your personal data in three ways.
6.1. From you or your employer
We use data that you or your employer actively provide to us. For example, when you contact us to obtain information about our services.
6.2. Automatically obtained
We obtain some information about you in an automated way. For example, when you visit our website, we automatically obtain information about you via cookies.
6.3. Third-party sources
We also obtain information about you from third parties. For example, we may request information about you or your company from public sources, such as the Chamber of Commerce Trade Register.
7. Lawful basis and purposes
There are six possible lawful bases to process your personal data provided for in the GDPR:
7.1. Performance of a contract. If it is necessary for the performance of a contract with you, we may process your personal data for this purpose.
7.2. Legal obligation. If it is necessary to comply with a legal obligation, we may process your personal data for this purpose.
7.3. Legitimate interest. If it is necessary to process personal data about you for our or other legitimate interests, and those interests outweigh your interests or fundamental rights, we may process your personal data.
7.4. Vital interest. If it is necessary to process personal data about you to protect your vital interest, we may process your personal data.
7.5. Public interest. If it is necessary to process personal data about you for the performance of a task carried out in the public interest, we may process your personal data.
7.6. Consent. In principle, if the aforementioned bases do not apply, we may only process your data if you have given us your consent.
Of the six possible lawful bases, we generally process your personal data on four bases (i.e.
performance of a contract, legal obligation, legitimate interest and consent).
Customer - If you are a customer of ours, we may process your personal data for the following
purposes:
| Purpose | Basis |
|---|---|
| Performance of a contract to provide services. | Performance of a contract |
| Calculating and recording income and/or expenses, collecting and / or making payments. | Performance of a contract Legitimate interest |
| Improving our products and services | Legitimate interest |
| Enforcing our rights and risk management. | Legitimate interest |
| Complying with our legal and regulatory obligations. | Legal obligation |
Users - If you are a user, we may process your personal data for the following purposes:
| Purpose | Basis |
|---|---|
| Authorization and authentication | Performance of a contract Legitimate interest |
| Resolving issues, errors and bugs | Performance of a contract Legitimate interest |
Website visitor - If you are a website visitor, we may process your personal data for the following purposes:
| Purpose | Basis |
|---|---|
| Keeping our website functioning. | Legitimate interest |
| Marketing activities such as sending newsletters and invitations to events. | Consent |
| Offering relevant information. | Legitimate interest Consent |
| Complying with our legal and regulatory obligations. | Legal obligation |
8. Sharing of personal data
We will only share your personal data with trusted third parties if they need this personal data to provide their services. We will ensure that your data is only used in a manner similar to, or for a purpose similar to, the purpose for which it was collected, and only in accordance with this privacy statement and any legal obligations.
We may share your personal data with the following parties:
8.1. Persons working for us, either directly or indirectly, and involved in the processing.
8.2. Persons working for any of our suppliers (incl. subcontractors or service providers) involved in the processing, such as hosting and payment providers.
8.3. Persons working for the customer who has engaged our services.
8.4. Persons working for competent authorities, if required by law, such as supervisory authorities, enforcement agencies and courts.
9. Security
We use various appropriate technical and organisational measures to ensure data security, including protection against a breach of security leading to the accidental or unlawful destruction, loss, alteration or unauthorised disclosure of, or access to, such data. In doing so, we take into account the state of the art, implementation costs, the nature, scope, context and purposes of the processing, as well as the risks the processing poses to you. The persons working for us are, of course, bound by confidentiality and must comply with our instructions aimed at protecting your personal data.
10. Cookies on our website
Cookies are small text files placed on your computer, laptop, tablet, smartphone or other internet-enabled device. These cookies can be stored and read through your web browser. After a cookie is placed, your device can be recognised as long as you use the same web browser and as long as the cookie is not deleted. This makes it possible, for example, to click back to the previously visited web page. Cookies can also be used to analyse browsing behaviour. Besides cookies, similar techniques may also be used, such as web beacons (also called "tags"), HTML5 Local Storage and Local Shared Objects (LSOs, also called "flash cookies"), and embedded scripts (also called "Javascripts").
We have a cookie banner on our website informing you about our cookies and allowing you to select your cookies preferences.
10.1. Functional cookies
Functional cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
10.2. Preference cookies
Preference cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.
10.3. Statistics cookies
Statistics cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
10.4. Marketing
Marketing cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
11. Transfer to countries outside the EEA
We may transfer your personal data to parties processing your personal data outside the European Economic Area (EEA). Transfer of your personal data to a country outside the EEA can be legitimised primarily on the basis of a so-called adequacy decision. This is a decision in which the European Commission declares that, for example, a certain country provides a comparable level of data protection to the GDPR. If and to the extent we share personal data with parties in countries outside the EEA to which no adequacy decision applies, we will only transfer your personal data if the recipient provides appropriate safeguards and you have enforceable rights and effective remedies.
12. Storage of personal data
In principle, we do not store your personal data for longer than necessary to fulfil the purposes
described in this privacy statement. However, we may need to keep your personal data for longer because it is necessary to comply with a legal obligation. For example, we need to keep certain personal data for a period of at least 7 years after the end of a fiscal year.
13. Privacy rights
In certain cases, you have the right to view and change the personal data that we have collected from you. You have, in certain cases, also the right to object to the processing of your personal data and you can also ask us to limit the processing of your personal data, delete your data or transfer your data to another party. In order to exercise any of your privacy rights as to personal data controlled by us, please send a request to us and indicate that it concerns a personal data request. Exercising the above privacy rights is in principle free of charge and can be done by e-mail, post or telephone using the contact details provided below. We will provide you with information on the action taken on your request without undue delay and, in principle, within one month of receiving the request. If the exercise of a privacy right is clearly unfounded or excessive, in particular due to its repetitive nature, we will charge you a reasonable fee or refuse to comply with the request. We may also ask you for certain additional information to help us confirm your identity before complying with such a request.
14. Right to make a complaint
You have the right to make a complaint with a supervisory authority at any time. We refer you to this webpage for an overview of the supervisory authorities and their contact details. In the Netherlands, this is the Personal Data Authority. We prefer to deal with your complaint ourselves first before referring you to the supervisory authority. Therefore, please contact us, in particular if you have a complaint about the way we handle your personal data, so that we can try to resolve the issue.
15. Contact details
vSmart B.V.
Kaap de Goede Hooplaan 7
3526 AR, Utrecht
privacy@legionelladossier.nl
+31 85 902 4600
Chamber of Commerce no.: 57957851
16. Other
If we refer to websites, whether or not via hyperlinks from other parties, we are not responsible for the content of those websites or the services of those parties, or how they process your personal data. Please note that we may make changes to this privacy notice from time to time. Where appropriate, we will notify you of such updates. The current version is always available on our website https://legionelladossier.com.
Version: May 2024