This privacy statement sets out which personal data HAI*QPM B.V. (“HAI”) collects from you through our interaction with you and through our services and products, in which way this takes place, the role of cookies, for which we use the personal data, how long we store personal data, how you can view and change the personal data stored by us and how your personal data is protected by us.
Our company details are:
NL-3331 LR Zwijndrecht
P.O. Box 192
NL-3330 AD Zwijndrecht
T: +31(0)78 613 56 66
Chamber of Commerce number: 24449227
Applicability of General Data Protection Regulation (GDPR)
When processing data, the General Data Protection Regulation (GDPR) may apply. We refer to it further as the GDPR. The GDPR applies in the case of the fully or partially automated processing of personal data, but also to the manual processing of personal data included in a file or intended for recording therein.
To determine whether the GDPR applies, the following questions are important:
- Is data processed?
- Is this data personal data?
- Is this data processed automatically fully or partially, or is it included in a file or intended to be included in a file?
- Is the data processing within the scope of the GDPR?
How do we obtain personal data?
Personal data is shared with us by employees, customers, prospects, suppliers or if you have contact with us.
Users of our websites, e-mails, films and videos and other digital communication channels share certain personal data directly with us.
Personal data is collected from visits to our website hai.nl, by entering or leaving personal data on one of our websites, by filling in personal details or leaving them behind at one of our branches or with employees or by registering to use our services.
Personal data that have been placed, published or shared, respectively, on a forum on or linked to one of the websites operated by us, have not been collected, stored or processed by us or on our behalf or initiative, respectively. We are neither a controller or a processor pursuant to the applicable laws and regulations, including GDPR, for placing, publishing or sharing, respectively, of these personal data and in no event will HAI and/or its associated companies be responsible or liable for any damage, costs or any equitable relief hereunder in relation to placing, publishing or sharing, respectively, of these personal data.
We also collect personal data, for example if you register for events and activities (in writing or on our websites), consent (opt-in) for marketing or recruitment activities or are willing to be added to our customer database.
We obtain another part of the data by recording how you handle our products, for example by using technologies such as cookies and receiving error reports or usage data from software on your device.
We also obtain personal data by entering into agreements or through other business activities. These may be commercial project agreements for products or services, employment contracts, detavast agreements, contracts for hiring in freelancers or temporary workers, subscriptions or licenses.
Which websites are hosted by HAI?
HAI.nl – corporate and commercial website
Which personal data is processed by us?
We collect the following personal data:
- name and address
- date of birth and place
- phone number
- e-mail address
- IP address
- bank account number
- identity card details (passport photo and citizen service number (BSN))
Processing targets: for what purposes do we process personal data?
HAI uses the data that is processed for:
- business management
- delivery of products and services
- improvement of products and services
- offering events
HAI works for contractors and supplies professionals to hirers. The legal requirement for such cases is that the contractor or the hirer obtains certain data from the identity card of the professional, including the BSN.
In addition, as an employer HAI is legally required under Article 28 of the Wage Tax Act to include a copy or scan of the identity documents of its personnel in the payroll administration.
A copy or scan of the identity card is made when an employee starts work at HAI. This means that we can prove later that our employees have properly identified themselves and that they were in the Netherlands legally. The copies of the IDs processed by HAI are also used for inspections on the work floor, for example by the SZW Inspectorate.
Delivery and improvement of HAI products and services
We collect (personal) data that we receive via websites in order to be able to work effectively and to inform and provide our customers with the best possible information about our products and services.
Furthermore, personal data may also be used for communication with customers and users, for example for providing information about user accounts, security updates and product information.
Recruitment for HAI
We use personal data for recruitment for HAI and its partners. We may provide this personal data to these companies.
Prior to an event, we ask visitors for permission to take photos, or make video or sound recordings. These recordings are kept (up to a maximum of 3 years) and may also be used for the internal/external communication purposes of HAI, using online and offline resources, both for commercial purposes and recruitment. Visitors and participants in such events can also announce prior to the event that they do not wish to appear recognizable on photos, video or sound recordings of the event. They then receive a coloured sticker that they can affix to their clothing. When processing the material we take their objections into account.
HAI websites and cookies
Cookies enable us to:
1) store the preferences and settings of HAI website visitors
2) make it possible for HAI website visitors to register for a specific purpose
3) offer advertising and marketing based on specific interests
4) achieve sound security (identification, fraud prevention, internal controls and operational safety)
5) analyse how our websites and online services perform. Our apps also use other IDs for similar purposes, such as the advertising ID in Windows.
There are exceptions to the permission requirement. For example, if the cookies are technically necessary for the website to function correctly. Examples include certain analytical cookies, which provide better insight into how our website functions. The Telecommunications Act was amended on 11 March 2015. The provider of a website no longer needs permission to use analytical cookies, provided that these cookies are only used to count visitors. If analytical cookies are not used to treat people differently, they hardly affect the privacy of website visitors. In that case permission from website users is no longer necessary.
The Dutch Personal Data Protection Act also applies to tracking cookies (in combination with other data collected on the website visit).
HAI uses tracking cookies on the website hai.nl. The website user is asked to give explicit permission for this purpose.
How do we store personal data?
Personal data is stored by HAI, among others, in the following databases:
- ACT CRM
This list of the most important databases is based on an inventory on the date on which this privacy statement was formulated and may be subject to change.
With whom can your personal data be shared?
Personal data is shared with:
- HAI partners
- customers, for whom HAI fulfils service and/or management functions
- Google and LinkedIn
- clients, suppliers or subcontractors, government agencies and other business relations.
Basis for providing personal data
The provision of personal data is based on:
- a legitimate interest
- legal obligation and/or
- implementing the agreement in accordance with the aforementioned objectives
HAI deems the following means of communication as permission:
- handing over a business card at an event;
- request for information;
- quotation request;
- execution of an assignment;
- permission for use of data by email.
Rights of data subjects
HAI undertakes to:
- remove, correct, supplement or protect the personal data of data subjects on request, unless a legal (storage) obligation conflicts with this
- provide evidence that personal data of data subjects has been removed or corrected
- enable data subjects to exercise other rights under the applicable legislation.
Sharing personal data outside the Netherlands
If personal data is shared outside the Netherlands, we will only do so if and insofar as this is legally permitted. This means, for example, that processors of our personal data outside the European Union are asked to draw up so-called “Standard/Model Contractual Clauses”.
Obviously, we ask our data processors to store the personal data that is processed on our behalf on servers that are located within the European Union.
How do we protect your personal data?
HAI does everything necessary to protect your personal data.
In addition to technical protection, people are also important. HAI also invests significantly in raising employee awareness in the area of information security and data privacy.