We are ready for the GDPR
The last two year we have been busy implementing the General Data Protection Regulation (GDPR) regulations for our organization. When spring arrived in 2018, The Netherlands was confronted with an overload of messages regarding the GDPR. We share the thought that privacy is extremely important! Despite the fact that we are no Google or Facebook when it comes to processing data, GDPR also applies to our company. We are aware that we also generate and process data.
A brief explanation on why the GDPR was created
The GDPR applies for all Member States of the EU and EEA as of the 25th of May 2018. It replaces the former regulations around privacy. Every organization that processes personal data:
- is obliged to follow this regulation in detail;
- needs to ensure that everything is done according to the law;
- needs to document the procedures;
- needs to provide information about (information) security measures;
- and needs to come to agreement with third parties (if applicable) with regards to your personal data.
And so does Ebicus; Due to the GDPR we now know how to guarantee your rights with regards to privacy.
Ebicus as a Controller
We process data from contact persons, employees and visitors of our website. To be able to comply with the GDPR, we aim to be as transparent as possible. Therefore our focus has been on providing insight into the data that we have (collected). With this we enable our contacts and our employees to understand why, what, when and how their personal details are processed, also giving them the ability to request insights into their data.
As a Controller, we document our activities in a register in which we describe why, how and when we process personal data. This is done under the supervision of an internally assigned Data Protection Officer.
How do we put that in practice?
We have decided to put the principles of ‘privacy by design’ and ‘privacy by default’ as standard in all of our processes. Meaning when we design new functions, we ensure minimal collection and optimal protection of data and privacy settings for each user as a standard at the highest level. We want to keep the places where we collect data as simple as possible, without fuss.
Because we use tools such as Google Analytics and Social Media plugins on our website, cookies are placed on our website to enable the related processing of information. For example, Google Analytics provides information about the time visitors spend on our website or link the specific pages that are visited to a country of origin of the visit. The use of Oracle Eloqua, the marketing automation platform we use, also contributes to this. To give you an example, we draw up anonymous profiles of visitors to map certain behavior, such as clicks from an email to our website(s).
For that reason, we have made various changes to the website in your benefit. For example, we have managed to reduce the number of plugins, which means we have limited the number of third parties we share information with. Also we have provided all our web forms with a checkbox in which you can decide to agree with our privacy conditions. The new explanatory text provides you clear information on what you are agreeing to.
In addition, we apply a strict internal policy. Information security is something we take very seriously; Due to GDPR we were able to sharpen our procedures even further. For example, we have made adjustments to our internal application procedure in order to make sure that resumes will not remain in our possession any longer then they need to. We only collect information that we really need to get a good picture of an applicant.
In order to provide insights to Ebicus customers and visitors of our website with personal data we gather about them, we have compiled a well-organized register. In order for you to request insights into your personal data and/or change personal details, we will grant your request within the set terms of four weeks. The standard rules of the Authority for Personal Data apply that are formulated on their website.
When it comes to collecting your data we strive to make it as clear as possible what information we gather about you. In case you have any questions, our Data Protection Officer is more than happy to provide you with more information. You can get in contact through the contact form at the bottom of this page.
Questions regarding your privacy?
Security and privacy go hand in hand with our daily way of working and it is a principle that we must hold dear.