Damsté advocaten – notarissen processes various personal data in its varying legal services. When processing personal data, we act as controller within the meaning of the General Data Protection Regulation, or GDPR. We handle your personal data carefully. We will inform you how we do that in this statement.
Introduction
In this privacy statement, you can read, among other things, what personal data we collect from you, why we do this and how long your personal data will be stored. You can also read how we secure personal data, what rights you have as a data subject, how you can contact us and what cookies we use.
Our services
Our firm only processes your personal data on the basis of the following principles:
- to implement an agreement with you;
- to comply with legal duties and obligations;
- because we have a legitimate interest in doing so; or
- because you have given your consent for this.
Your data is not processed for other purposes than stated in this privacy statement without your consent.
Processing of personal data
What data we process depends on the agreed service and the purpose of the processing of the relevant personal data. We process the following data, among other things: your name and address details, telephone number, email address, bank account number, gender, date of birth and place of birth.
We can also process data of the other party or of third parties that are provided to us by clients or other third parties.
If you apply to Damsté advocaten – notarissen, we can also process personal data from your CV, motivation letter or certificates. Most of the personal data we process about you will be acquired from you, but it may also be obtained from public registers. In principle, we do not process special personal data within the meaning of the GDPR and we do not process citizen service numbers (‘BSN’). We only process citizen service numbers if there is a legal basis to do so.
Purpose of data processing
Damsté advocaten – notarissen processes your personal data for the following purposes:
- to perform our legal services, including in any case providing advice, support, assistance in proceedings;
- to exchange information;
- to be able to communicate with you;
- to analyse, improve, secure and/or maintain our website(s) and internal and external technical systems;
- to conduct market research and compose management information in order to coordinate our business and other strategy and services with this;
- to handle your application or registration for a recruitment event;
- to recruit and select highly qualified staff;
- to maintain a register to check whether a new client who has registered has failed to comply with his payment or other obligations vis-à-vis our firm in the past;
- to offer services, and/or other (targeted) offers and advertisements;
- to maintain contact with our business clients;
- to comply with our legal obligations.
Notarial activities
A civil-law notary is legally obliged to process certain personal data when drawing up a notarial deed. The civil-law notary is obliged, for example, to include certain personal data in a deed, to retain signed deeds in perpetuity, to maintain errors in personal data in deeds and to check personal data.
Transfer of your personal data
Our firm only shares your personal data with others (third parties) if we are obliged to do so by law (such as the Land Registry Office, the Tax and Customs Administration, the Chamber of Commerce, etc.), this is necessary for the performance of the work (for example a third party that performs work for the benefit of the assignment) or if you have given us permission to do so. All of this takes place within the framework of this privacy statement. If personal data is transferred to a third party, this third party is responsible for complying with the statutory obligations surrounding privacy if designated as controller. Our firm will, of course, conclude processing agreements with third parties who act as a controller within the meaning of the GDPR.
Our firm does not store personal data outside the EU.
Retaining your personal data
Our firm does not retain your personal data for longer than necessary for the purpose or purposes for which it is processed. For example, there are statutory obligations to retain your personal data (such as the obligation to retain for tax purposes, the Civil-law Notaries Act, the Public Records Act or the Money Laundering and Terrorist Financing (Prevention) Act) or if it is necessary to retain your personal data to implement agreements (for example in the case of limitation periods). In addition, there may be a legitimate interest for retaining your personal data for a longer period of time.
We retain the personal data of, for example, job applicants for no more than 4 weeks after the application procedure has ended, while notarial deeds are retained in perpetuity.
If you have given us permission to do so, we may retain your personal data for longer than necessary for the purpose for which it is processed.
Cookies
Damsté advocaten – notarissen uses functional and analytics cookie on its website www.damste.nl. A cookie is a small text file that is stored in the browser of your computer, tablet or smartphone when you first visit this website. These ensure that the website works properly and that your preferential settings are remembered, for example. These cookies are also used to optimise the website and make it work properly. On your first visit to our website, you will be informed of these cookies and we will ask your permission to place them.
Overview of cookies
Google Analytics
Type: Analytics
Objective: With Google Analytics, we measure how visitors have found us and how our website is used, for example which pages are visited and how long a visit lasted. It also enables us to discover errors in the site.
Retention period: maximum of two years
For more information on Google Analytics, click this link: (https://support.google.com/analytics#topic=3544906)
It is possible to download and install ‘Google Analytics Opt-out Browser add-on’ for your browser and use this to prevent us from using Google Analytics. You can do this via the following link: (http://support.google.com/analytics/answer/181881?hl=nl&ref_topic=2919631)
You can set up your browser in such a way that you will not receive new cookies during your next visit to this website. The way in which you can do so varies per browser; please consult the help function of your browser for this. This will also tell you how to delete any cookies placed previously.
Security of your personal data
We take appropriate technical and organisational measures to protect your personal data against any form of misuse, loss, unauthorised access, undesired disclosure and unauthorised alteration. Our employees are bound to maintain confidentiality and must follow our instructions regarding the security of your personal data.
If you have the impression that your personal data is not sufficiently protected or if you have seen any signs of misuse or other circumstances, please contact us.
Your rights in respect of your personal data
The GDPR assigns the following rights in respect of the processing of your personal data:
Right of access by the data subject
You have the right to be given a definite answer about whether we process your personal data and, if so, you can demand access to this personal data.
Right to rectification and deletion
If the data we process from you are incorrect, you can request rectification of your data. You also have the right to request the deletion of your personal data.
Right to restriction of processing
If you wish to restrict the processing of personal data by our firm (pending a requested rectification of your personal data or an objection to processing made by you, or because you do not in fact wish your data to be erased despite the fact that the processing is unlawful), you may submit a request to that effect.
Right to withdrawal of consent
If you wish to withdraw your consent on the basis of which we process your personal data, you can submit a request for this purpose.
Right to data portability
If you wish to have your personal data transferred to another organisation, in a structured, standard and machine-readable form, you can submit a request for this purpose.
Right to object
If we process your personal data, you can object to this.
We will handle your request(s)/objection(s) as prescribed by the GDPR. We do not have to comply with your request or honour your objection in all cases. This may be the case, for example, if the processing of your personal data is necessary to comply with a legal obligation. You can submit your request or objection to us by post or by email. Before we can grant your request, we must first establish your identity based on a valid identity document.
We will respond to your request in writing (which includes by e-mail) as soon as possible, within no more than four weeks. If we do not honour your request, we will inform you of our reason for doing so.
Complaints
If you have any complaints regarding the processing of your personal data by our firm, we would like to receive these at privacy-compliance@damste.nl. You also have the right to submit a complaint to the supervisory authority, the Dutch Data Protection Authority. To do so, please visit the website www.autoriteitpersoonsgegevens.nl.
Contact details
Firm name: Damsté advocaten – notarissen
Address: Hengelosestraat 571
Postcode / City: 7521 AG Enschede
Privacy Officers: I.K.M. Hoffmann / A. ten Vergert
Email address: privacy-compliance@damste.nl
Amendments to privacy statement
The date of this privacy statement is 10 October 2018. It is possible that our privacy statement will be expanded or amended in the near future. We can amend this privacy statement unilaterally. If the privacy statement is amended substantially, this will be communicated on this page in a transparent manner.