Privacy Statement – Nexi Consulting BV
We focus on personal and organisation development. The right to privacy and protection of your personal life is an important part of this. It goes without saying that we respect your rights and that we carefully process and protect your personal data. In this Privacy Statement we inform you about how we process your personal data.
This Privacy Statement applies to you when you visit our website (www.nexiconsulting.com, hereinafter referred to as ‘the Website’), when you contact us with a question or request, when you participate in a workshop, coaching session or program we offer.
Nexi Consulting BV (hereinafter: Nexi Consulting, we, us) is the data controller. We have our registered office at Daniel Stalpertstraat 12hs, 1072XE in Amsterdam. You can reach us via email@example.com
What personal data do we process?
Personal data we process when you apply for or participate in a training, workshop, coaching session, or other program
When you enquire about a training, (personal or team) coaching session, workshop or event (hereinafter jointly ‘Program’) via our Website, e-mail or otherwise, we ask you for your name, e-mail, phone number and invoicing details (company name, contact person, address, postal code, city, country). In addition, we may ask you other relevant information to shape or tailor our programs. Depending on the nature of the Program, we will ask you to provide additional information such as, professional background, what other programs you have attended or any other details that we should be aware of.
Upon registration for a Program, we may process personal information prior and during the Program. This may include test results, completed questionnaires, photo/video materials, where relevant and other information you provide to us.
After the Program we may ask you to give your feedback about the Program. This information may be provided anonymous.
Personal data you provide when contacting us
You can contact us by phone or e-mail. In addition, you may contact us via the Website. We process the personal data you provide to us, such as your email address and/or phone number, your name, the content of your request and any other information you provide us.
Personal data we process through the Website
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
For what purposes do we process your personal data?
Offering our services
We process your personal data to offer you our services and to meet your requests. We will process your personal data in order to let you participate in a Program and execute the agreement that we have with you. We may use your personal data you provide us to tailor our Programs. We can also process your personal data to improve our services, for example by requesting feedback.
We process your personal data in order to contact you and answer your questions and to be able to meet your requests. We may also process your personal data to make a complaint or claim.
If you have participated in a Program or if you have indicated that you wish to receive marketing communications from us, we may send you promotional e-mails time to time. This may include our newsletters and invitations to future Programs. You can opt-out of any future marketing messages from us at any time.
Meeting with legal obligations
We may process your personal data because this is necessary to meet with applicable laws and regulations such as tax laws. In addition, we may process personal data to enforce our terms and conditions.
What is the legal ground for processing your personal data?
We only process your personal data when a legal ground applies as set forth in the General Data Protection Regulation (GDPR).
- We may process your personal data because we will enter or have entered into an agreement with you. This is the case when you register for and/or attend a Program.
- Legal obligation. We can also process your personal data because it is necessary to comply with a legal obligation that applies to us. We are for example obliged to keep our administration up to date and to secure our systems.
- Legitimate interest. We may also process personal data because we have a legitimate business interest in doing so. This is the case, for example, when we respond to your questions and requests, if we want to improve our services and when we wish to bring our services to your attention. We value your privacy and we always take your interests into account prior to the processing of your personal data based on the ground of a legitimate business interest.
- In some cases, we ask for your informed consent to process your personal data. For example, if you have not attended a Program before, we may ask your consent for direct marketing messages. Also, we may ask your consent when we would process information that qualify as sensitive personal data, such as medical information. If you have given consent, you can at any time revoke such consent and we will not further process your personal data.
Do we share your personal data with third parties?
We can share your personal data with parties that perform services on our behalf and act as a data processor. This is for example the case for our hosting provider and the third party involved in sending our newsletters and other direct marketing e-mails. Prior to involving a data processor, we enter into a data processing agreement with this third party.
We can transfer certain types of personal data to third parties who qualify as (co) data controllers. This is the case, for example, when we collaborate with other organizations to organize a Program, such as external trainers or owners of the tools we may use as part of our programs. We recommend reading their terms and privacy statement.
Finally, we may share your personal data with our (potential) successors and with competent authorities to the extent required by law.
Will your data be transferred to other countries?
In principle, we process your personal data only within the European Economic Area (EEA). We can make use of (e-mail) service providers, hosting parties or cooperation partners that may be located outside the EEA. Where personal data is being transferred to countries outside the EEA where the level of protection is not as strict as we are used to within the EER we will take additional measures to legitimize the transfer and protect your personal data such as entering into a data transfer agreement based on the Standard Contractual Clauses approved by the European Commission.
Is your personal data safe?
We have taken various appropriate technical and organizational security measures to protect the personal data from loss or unlawful processing. We protect our systems and applications in accordance with the applicable standards for information security.
We ensure that only authorized employees have access to your personal data. Our employees are aware of the confidential nature of your personal data and are bound by a confidentiality obligation.
How long do we store your personal data?
We do not retain your personal data longer than necessary for the purposes as described in this Privacy Statement. The retention period we use depends on the data processing activity and whether there are any specific statutory retention obligations.
We keep your personal data as long as we have a (contractual) relationship with you. If we no longer have a (contractual) relationship with you, we will store your personal data up to two years after the relationship has ended, unless a legal retention obligation applies. For example, we are obliged to keep certain (billing) data for at least 7 years for the tax authorities.
What are your rights?
The GDPR grants every data subject rights in relation to their personal data. You have the right to inspect and rectify or delete personal data that relates to you. You may also object against the (further) use of your personal data or ask us to limit the processing of your personal data. In certain cases, you may request us to pass your personal data on to a new service provider.
When you exercise your rights, you can send your request to us via firstname.lastname@example.org Please clearly indicate the nature of your request and to which types of personal data your request relates. We may ask you for additional information to verify your identity. Please note that your GDPR rights are not absolute. We will timely respond to your requests and inform you whether or not (and to what extent) we can meet your request.
If you have complaints about how we process your personal data, please contact us via email@example.com We will help to find a solution. Should we not find a solution, you can contact the Dutch Data Protection Authority.
We may adjust this Privacy Statement from time to time. On our Website we will publish the latest version of this Privacy Statement stating the date of the last update. When we substantially modify this Privacy Statement, and this significantly affects the rights and freedoms of individuals, we strive to inform the concerned individuals directly about this.