Privacy notice

Introduction
Personal data
When do we collect personal data?
What personal data is collected?
Legal grounds for processing
Processing purposes
Cookies
Recipients of personal data
Rights related to personal data
Data security
Transferring personal data
Duration of data storage
Contact information
Final provisions

1. Introduction
ENTIS B.V. and its subsidiaries (hereafter referred to as ‘ENTIS B.V.’ or ‘we’) relies on open and transparent interaction, even where data protection is concerned. We abide by applicable data protection legislation, such as the General Data Protection Regulation (‘GDPR’) and the Dutch GDPR Implementation Act (Uitvoeringswet AVG) (together referred to as the ‘Data Protection Legislation’), and make every effort to handle personal data with care. This data privacy statement serves to provide you with information about how we handle personal data. In principle Entis B.V. is the only one of our entities that collects and processes personal data and that qualifies as the data controller under the Data Protection Legislation.

2. Personal data
‘‘Personal data’ is information with which you can be directly or indirectly identified. Personal data include your name, address, place of residence, date of birth, telephone number and e-mail address. But also business data and contact data relating to our customers, insurance details, (bank) account numbers, citizen service number, log-in or password details and Internet Protocol (IP) addresses are personal data.

In this data privacy statement, when we use the term ‘processing’, we mean any handling of personal data. This includes, for example:

collecting;
storing;
managing;
using;
transmitting;
publishing; or
deleting personal data.

We only ask for personal information where it is necessary in order to provide our own services and handle transactions enacted with ENTIS B.V., and where it allows us to offer our customers and partners better services.

3. When do we collect personal data?
We collect your personal data whenever we have contact with you, which can be both online as well as via routine personal contact.

For example, we collect personal information in the following circumstances:

you are (a representative of) our business partner (partner, customer, supplier, external advisor or other third party with whom we liaise);
you apply for a place as an intern, apprentice or employee;
you visit our online services;
you communicate with us via phone, email or any other communication channel, on special occasions, events, workshops, general meetings, etc.; or from third parties such as from your employer, the company you represent, external advisers, headhunters and recruitment agencies, etc.

4. What personal data is collected?
The personal data collected varies as much as the circumstances under which we collect data, for example:

name and first name;
gender;
date of birth and age;
address;
phone number;
e-mail address;
marketing data such as requirements, wishes, preferences;
business contact details;
bank details and other financial information;
title, position, job description;
resumé, cover letter, work history, credentials, assessments, and other information you provide to us in the context of your application;
information from external sources and public registers (e.g. the chamber of commerce, search engines, social media, news articles);
signatures;
usage data and other data collected via cookies on our website (see paragraph ‎5 below).

ENTIS B.V. avoids the processing of personal data that is of an especially sensitive nature, and therefore especially worthy of protection, as much as possible – e.g. concerning your political opinion, your religious and philosophical beliefs, your union affiliation, or your health. We would like to draw your attention to the fact that personal information you provide on a voluntary basis (such as submitting a CV to apply for a position) may be saved in the context of your application process for a position within our company.

5. Legal grounds for processing
We process your personal data based on one of the following legal grounds:

if the processing is necessary for the performance and execution of a contract to which you are party (or in order to take the necessary steps prior to entering into a contract with you);
if the processing is necessary to comply with our legal obligations (including our obligations under applicable tax laws, our legal administration obligations and to cooperate with supervisory authorities);
if the processing is necessary for the purposes of the legitimate (business) interests pursued by us; or
if the processing is based on your consent. If any kind of processing is based on your consent, we hereby inform you that you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

6. Processing purposes
We process your personal data for the following purposes on the following legal grounds:

Processing purpose	Legal ground
To concxlude or execute an agreement with you, for instance when you apply for a job or internship with Entis B.V.	1 and 3
To comply with any legal obligation applicable to us	2
To conclude or execute an agreement with the company you represent	3
To identify you	1, 2 or 3
To communicate with you, for example, when you contact us	3
For invoicing and financial administration purposes	1, 2 or 3
For client administration purposes	3
For the purposes of business continuity	3
For improving our services and products, for instance by requesting your feedback	3 or 4
For marketing purposes, to inform you of new or similar products or services and to run and coordinate promotional events	3 or 4
To conduct research and analysis and to improve our services, products, website and the quality thereof	3 or 4
To administer our website and to prevent or detect fraud, or abuses and to protect our assets, business, and personnel	3
To subscribe to newsletters	4
To comply with a(n) (binding) order or request of a competent authority or court of law	2 or 3
In the context of a business transaction	3
To determine, exercise or defend our legal rights or position.	3
Usage and cookies data	3 or 4

7. Cookies

To adapt our website to user requests and make your surfing experience as convenient as possible, we use ‘cookies’. A cookie is a small text file that is copied from a website to your hard drive. Cookies do not cause any damage to your computer or contain any viruses. The cookies we use do not store any personal data.

The use of cookies that collect and process your personal data– if applied by ENTIS B.V. – requires your express permission. By default, no cookies will be placed on your device when visiting our website, unless you expressly consent thereto.

You can opt against the use of cookies at any time by deleting the cookies set by ENTIS B.V.’s online services. This can be done by deleting the cookies or surf history via the settings in your internet browser. If you opt against the use of cookies, this prevents your settings and preferences from being stored, which means that these will have to be entered again each time. Likewise, data related to your behaviour can only be collected to a limited extent or not at all.

We make use of the services of various service providers and partners (third parties), whereby your data will also be processed by these companies where necessary. We require our third party providers to handle the personal data they receive according to ENTIS B.V.’s data privacy statement. In particular, we use the services of Google Inc. on our websites.

We use Google Analytics, a web analysis service of Google Inc., as a tracking system. More information about Google Analytics can be found at https://support.google.com/analytics

Information about Google’s data protection guidelines can be found at https://www.google.com/intl/en/policies/privacy/.

Our site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Our website refers to Linked In. More information about this can be found https://www.linkedin.com/legal/privacy-policy.

Our online services and content may also include links to third-party websites. ENTIS B.V. does not make any guarantees or provide any warranty regarding these websites. It is expected that the owners and operators of these third-party websites may collect, use or share personal data under other circumstances than ENTIS B.V.

For further information, we recommend consulting their hosts or referring to their data protection guidelines.

8. Recipients of personal data

In the context of the purposes as described above, we may share your personal data with third parties:

In the context of the purposes as described above, we may share your personal data with third parties:
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of insurers or a government authority such as data protection authorities.
We may engage third parties to process the personal data on our behalf (for example providers of certain IT applications, software developers, cloud providers, data brokers, direct marketing professionals that we use in the context of our activities).
We may share certain personal data with your employer or business contacts, with individuals or organizations who have a direct (contractual) relationship with us, or other relevant private organizations.
We may also transfer personal data in the event of the sale or transfer of all or any part of our business with external advisors, auditors, (potential buyers), government authorities, if this is required in the context of that transaction.

We ensure that, if applicable, appropriate measures are taken when we disclose your personal data to third parties. For example, if necessary, we will conclude a data processing agreement (in which restrictions on the use of your personal data and obligations regarding the security of your personal data is included).

9. Rights related to personal data
Under the Data Protection Legislation, under certain circumstances, you have the following rights:

the right of access and information regarding your personal data;
the right to rectification of your personal data;
the right of erasure (i.e. the right to be forgotten);
the right to object to the processing of your personal data;
the right to request restriction of the processing of your personal data;
the right to receive your personal data in a structured, commonly used and machine-readable format and to (have) transmit(ted) your personal data to another organization;
the right to lodge a complaint with the competent data protection authority such as the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

You can assert your data protection rights at any time by contacting us at data.protection@entis.ai.

10. Data security
We take appropriate technical and organizational measures to protect data from unauthorized processing.

11. Transferring personal data

In the context of the purposes as described above, we may share your personal data with third parties:
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or are complying with legal obligations, a court order, or the instructions of insurers or a government authority such as data protection authorities.
We may engage third parties to process the personal data on our behalf (for example providers of certain IT applications, software developers, cloud providers, data brokers, direct marketing professionals that we use in the context of our activities or for our website).
We may share certain personal data with your employer or business contacts, with individuals or organisations who have a direct (contractual) relationship with us, or other relevant private organisations.
We may also transfer personal data in the event of the sale or transfer of all or any part of our business with external advisors, auditors, (potential buyers), government authorities, if this is required in the context of that transaction.

In principle, we do not transfer personal data to any recipients located outside of the European Economic Area. However, in some cases such transfer may be necessary and since countries outside the European Economic Area may offer a lower level of data protection than countries within the European Economic Area, in the event that we would transfer your personal data outside the European Economic Area, we will do so based on appropriate safeguards, such as (i) an adequacy decision from the European Commission, (ii) the standard contractual clauses as drafted and adopted by the European Commission, or (iii) another valid transfer mechanism pursuant to the GDPR. For more information on international transfers, or to receive a copy of the relevant safeguards applied by us, you can contact us.

12. Duration of data storage
Data will be kept as long as is necessary to provide our services or as obliged by law. In general we will adhere to the relevant statutes of limitation (verjaringstermijn), which is in principle 5 years, or other guiding retention periods, such as 4 weeks after the application procedure has ended with regard to applicant’s data, unless we have obtained the applicant’s consent for retaining the data for a longer period, to a maximum of 1 year. You may contact us for more information regarding the applicable retention periods.

13. Contact information
Our contact information in relation to data protection is as follows:

ENTIS BV
Data protection
Papendorpseweg 100,
3528 BJ, Utrecht
The Netherlands

You can also send e-mails related to data protection to the following address:
data.protection@entis.ai

14. Final provisions

ENTIS B.V. expressly reserves the right to modify this data privacy statement and will inform you of any material changes thereto. The most recent version will be available on our website.

Utrecht, 31/07/2023

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.