We attach great importance to your privacy. For the purpose of our services, we process personal data. In this privacy statement, we inform you how we handle your data and what rights you have. The personal data you provide to us will be handled carefully and secured in accordance with the General Data Protection Regulation (hereinafter: AVG).
Who is responsible for your personal data?
Maandag® is responsible for data processing (Processor within the meaning of the AVG). When we talk about Maandag®, we are referring to the legal entity Maandag® Holding B.V. and all companies under it. At the bottom of this statement you will find the contact details of Maandag®.
From whom do we collect data?
We collect personal data from our website visitors, (potential) candidates, professionals, freelancers, our employees and employees of our suppliers, subcontractors, (potential) clients and other interested parties.
Technical information and cookies
When you visit a Maandag® website, we use various types of cookies and web statistics. In our cookie policy, you can read more about what data we collect and how to block the various cookies.
When do we process your personal data?
We collect your data from the moment you register on our website or when you apply for mediation in any other way, for example by sending us your CV or any other of our services. We may also collect your details if you have posted them on public resources such as LinkedIn or a job board, so that we can contact you to find out whether you are interested in working with us. In addition, we process your data when you are a contact of our (potential) business relation.
Why do we collect personal data?
We process personal data necessary for our services. We collect personal data:
to search for suitable candidates;
to be able to mediate between candidates, professionals, freelancers and (potential) clients;
to offer services to new clients;
to conclude employment contracts and/or assignment agreements with clients and with employees, professionals and/or self-employed persons, and to execute those agreements;
to perform the underlying personnel and payroll administration and to exchange legally required data with third parties;
in case of illness to be able to supervise recovery and reintegration;
where necessary, to provide for personal development, whether or not through additional training and education;
to support Maandag®'s business operations;
to provide management information for quality control (including audits, certification and auditing), management, policy development, operational safety and improvement of Maandag®'s business processes;
to inform interested parties of interesting services provided by Maandag® (including the Maandag® Academy).
If we would like to use your data for a completely different purpose, we will of course first ask your permission.
What data do we collect from you?
As mentioned, we process personal data that are necessary for our services. In addition, additional data may be required to better tailor the mediation to your wishes and/or to meet specific requests from our clients.
When registering for mediation, we therefore record a limited set of data which you can supplement on a voluntary basis. Later, when you start working for a client of Maandag®, we will ask you for the necessary additional data. We only record special personal data where necessary to comply with legal obligations and/or where otherwise permitted by or under the law. You are personally responsible for the accuracy of the data you provide to us.
Upon registration, we record or may record the following data:
name, name and address details, gender, date of birth, e-mail address, telephone number, availability, CV, education and skills, diplomas, certificates, work history, motivation letter, mobility, (salary) grading, references from previous employers, assessment report, (job application) interview notes and progress report of applications/mediation.
When entering into an employment contract, we additionally record the following data:
nationality, BSN number, copy ID proof, visas, work permits, marital status, partner name, emergency contact details, bank account number, salary (stubs), certificate of good conduct, confidentiality declarations, BIG registration, ancillary positions, benefits, subsidies, premium discounts, wage garnishments, lease car, absence registration and other data related to a personnel, salary and absence registration.
When entering into an assignment contract, we process the following data:
company name, Chamber of Commerce extract, bank account number, expiry date of ID certificate and document number, VAT number and certificate of good conduct.
From our (potential) business relations we process:
name, (business) contact details and position.
On what legal grounds do we process your data?
We process your data because we need it to enter into or perform the agreement with you, because we are legally obliged to do so, because you have given your consent or because we (or a third party) have a legitimate interest in doing so (which is in accordance with the purposes for which we process personal data).
With which parties do we share your data?
We may share (your) personal data with other Maandag® entities, our (potential) clients, subcontractors providing services or carrying out assignments on our behalf, suppliers, government agencies and other business relations. And in all other cases in which we may be obliged to do so by, for example, a court order or judgment. If this is the case, this naturally only concerns relevant data.
Will my data be transferred to parties outside the EEA?
We do not actively transfer your data to external parties located outside the EEA. All personal data is stored within the EEA. However, we do use a number of applications whose technical support is located outside the EEA. To the extent that such technical support could reveal personal data, the data is protected as we only contract with parties using standard contractual clauses (SCCs).
How long do we keep your data?
We do not keep your personal data for longer than necessary. We use the following retention periods as appropriate:
If you register with us or we approach you to register with us and you agree, we will keep your personal data for a maximum of 2 years after our last contact.
If we consult your personal data through external sources (such as LinkedIn and job boards), we will contact you within a maximum of 30 days if you are interested in our services.
If you work or have worked for us, we keep your data for a maximum of 2, 5 or 7 years depending on whether and if so which legal retention period applies, unless we have a legitimate interest to keep certain data longer.
If you are a contact person of our business relation, we will keep your data for as long as you work at our business relation, or for as long as there is a legal retention obligation on it.
After expiry of the aforementioned retention period, after withdrawal of your consent or in response to a successful deletion request, we will delete your personal data from our systems.
What rights do you have in relation to your personal data?
You have the right:
to withdraw your consent to the processing of your personal data;
to inspect the personal data we process about you;
to have incorrect personal data corrected/corrected;
to have your personal data deleted and/or restricted (in cases determined by law);
to object to the processing of personal data;
to data transfer of your personal data;
to lodge a complaint with the Personal Data Authority in The Hague.
We do not use automated decision-making based solely on automated processing including profiling. To exercise your rights, please contact our Data Protection Officer (hereinafter DPO) at dpo@maandag.com. In some cases we may refuse your request, for example if you ask us to delete your data, but we need it for tax reasons or as evidence in complaints. If this is the case, you will hear from us as soon as possible.
Security
We make every effort to optimally secure your personal data against unauthorised use. We do this by means of physical, administrative, organisational and technical measures, but also by applying access control, firewalls, secure servers and encryption of certain types of data. We have also agreed with processors and external parties who process personal data on our behalf that they must provide optimal security for personal data.
Report data incident
If you suspect that there has been a (possible) breach of personal data security, please report this immediately via dpo@maandag.com.
Changes
If necessary, we may amend this privacy statement. The most up-to-date statement can be found here. It was last updated on 25 May 2018.
Questions, comments or complaints?
For questions, comments or complaints about the way we handle your personal data or about this privacy statement, please contact us by post or email using the contact details below.
Maandag® Holding B.V., Transformatorweg 94 1014 AK Amsterdam, the Netherlands, +31 (0)88-6227000 dpo@maandag.com