We will handle your personal data in a careful, secure and confidential manner, while adhering to the GDPR rules in all of your data processing. This privacy statement explains how we do this.
This privacy statement applies to the personal data we receive from you or a third party within the context of our service provision or our business operations. We will also collect personal data from you when you visit our website or use our platforms.
We will exclusively use your personal data for the purposes listed in this privacy statement. Exceptions to the further processing of personal data outside of the explicit scope of this policy may only deviate so far that the purposes for further processing are in line with the original purposes for processing. The legality of the processing of personal data will be of utmost importance at all stages.
Definitions
Clients Definition: a client is an individual (or multiple individuals) who represents a company Settly has a contractual agreement with.
Users Definition: a user is an individual who registers and visits our user web platform and mobile application.
Website visitors
Suppliers Definition: a supplier is an individual (or multiple individuals) who represent a company Settly has a partnership contractual agreement with.
We process your personal data on our platforms for the following purposes for:
Users- to create an account for you
- to provide you with the required services
- to respond to your questions, comments or complaints
- to connect you with others within the Settly community
- to show your attendance to events
- to optimize the exposure of information in your Settly environment (content)
- to send you relevant information
- to inform you of our services and events via mailings and newsletters
- to improve our service provision and develop and market new services
- to exercise our rights resulting from the agreement
- to resolve a (potential) conflict, and in order to be able to protect our rights or those of third parties, including (other) clients
- to provide you with the required services
- to respond to your questions, comments or complaints
- to send you relevant information and to inform you of our services and events via mailings and newsletters
- to invoice you for our services
- to improve our service provision and develop and market new services
- to exercise our rights resulting from the agreement
- to resolve a (potential) conflict, and in order to be able to protect our rights or those of third parties, including (other) clients
- Suppliers/other business contacts
- to be able to request information on your service provision/products or to be able to respond to the information sent by you
- to be able to give you an assignment
- to comply with your request
- to be able to pay your invoices
- to be able to exercise our rights resulting from the agreement
- to invoice you for our services
- to be able to resolve a (potential) conflict, and in order to be able to protect our rights or those of third parties, including (other) clients
For the processing of data with our clients we have a DPA in place.
Users
Registration
In order to use our services, it is necessary to activate your account on our
website or app. To create an account, you are required to validate or provide the
following mandatory contact information such as:
- full name,
- email address,
- nationality, family status,
- country of residence,
- password.
Profile Information
You may provide additional information about yourself on your account ( e.g.
international experience, date of birth, professional background, gender, interests,
profile picture, et cetera). Providing additional information beyond what is
required at registration is entirely optional and on a voluntary basis. Providing
such information may improve the use of the services we offer.
Service provision
To be able to provide our services, we will need to process further personal data
you provide:
- relocation application form data,
- tax return form data,
- your official documents that are necessary for your relocation,
- official documents that are necessary for your relocation of your partner and family members,
- official documents that are necessary for your relocation of your pet(s),
- bank account number,
- financial data that is necessary for providing the service, including but not limited to expense data, receipts , etc.,
and any other data that might be necessary for the purposes of the service provision as agreed in the contract.
Sensitive personal data
We may process sensitive personal data within the context of our service provision.
Sensitive personal data includes data that is particularly sensitive in view of its
nature, such as data that reveals race or ethnic origin, political views, religious
or philosophical beliefs, union membership, genetic data, biometrical data, data
concerning health, data with regard to someone’s sexual behaviour or orientation and
criminal record data.
We only process sensitive data if you have given us your explicit consent to do so by sharing this data with us.
Clients
We process the names and contact details (email, telephone number, (business) address) of contact-persons and other relevant persons within your company.
Suppliers/other business contacts
We process the names and contact details (email, telephone number, (business) address) of contact-persons and other relevant persons within your company.
Website visitors
Cookies Like most websites, we use cookies. In the course of visiting our website, you will be subject to the usage of “cookies”.
A cookie is a simple, small file that is sent with pages of this website and stored on the hard disk of your computer by your browser.
Use of permanent cookies We can use a session cookie to monitor which website sections you have viewed during a particular session. This enables us to gear our service towards the surfing behaviour of our visitors in the best possible way. These cookies will be removed automatically once you close your web browser.
Use of session cookies We can use a session cookie to monitor which website sections you have viewed during a particular session. This enables us to gear our service towards the surfing behaviour of our visitors in the best possible way. These cookies will be removed automatically once you close your web browser.
We use Google Analytics as our analytics provider to track visits on our website. For Google Analytics we have ensured that all data is anonymised accordingly to adhere to the Dutch data protection laws.
Depending on the specific processing operations, we use the following legal grounds for processing your personal data:
Agreement
If you have entered into an agreement with us, we require certain data from you,
including your name, contact details, data required for invoicing and information
required to be able to supply the service.
Legitimate interests
In certain cases we have legitimate interests in the processing of your personal
data.
For example, we would like to keep you informed of any news items and relevant products and services. To do so, we might contact you via an email. Also, we might request your feedback in order to be able to improve our service provision. Furthermore, we could possibly process your personal data through third parties, including process servers in cases this is needed to provide full services. These third parties will all comply with EU GDPR policies and laws.
You are entitled to object to the processing of your personal data as specified above. Please contact us if you wish to object. When you request us to cease the data processing, you may no longer be able to have full access to our services.
Permission
In some cases, to ensure your consent and legitimacy of processing, we will ask for
your permission before we process your data. You are entitled to withdraw your
permission at all times.
We will ensure the personal data we have received from you is adequately secured by implementing technical and organisational measures that are in line with applicable legal requirements and guidelines.
We will not store your personal data longer than is necessary for the purpose of data processing and within the legally agreed term. We use the following retention periods, unless there are other (legal) reasons to store the data for a longer period of time:
Client/User/Supplier data: we will not store your data for more than two years after the termination of the agreement between us..
Administrative data: financial records will be stored for seven years.
Financial data: any data required for invoicing will not be stored for longer than two years from the date on which the invoice was paid.
We will process your personal data in the European Union/EEA.
Processing in locations outside of the EEA may only happen if there are appropriate safeguards of protection for the processing of personal data. Where required, these appropriate safeguards may include the use of standard contractual clauses approved by the European Commission.
We may deploy third parties – sub-processors – in order to be able to supply our services, such as IT service providers, software suppliers, et cetera who process personal data on behalf of us and who are commissioned by us. We will ensure an appropriate level of protection is in place for your personal data and conclude a processor’s agreement with each processor, in which we lay down the obligations of both parties..
Required by the execution of contract (provision of services)
Processing shall be lawful only if and to the extent that at least one of the following applies: processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Sub-processors: service providers who assist us in making analyses, including Mailchimp, Mandrill, Pusher, Firebase
Professional advisors such as lawyers and accountants
Governments or (regulatory) bodies
Postal, e-mail or courier services
Please note: this list is not exhaustive and there may be other examples where we share your personal data with other parties in order to optimise our service provision.
This privacy statement could be amended in the event of changes to our service provision or changes to privacy laws. We will always announce any changes on our website. We will personally inform you of any changes that apply to you, for example by sending you an email.
You have a number of rights under privacy legislation (this includes the GDPR). These rights are specified in articles 12 – 23 of the GDPR and UK GDPR and in related legislation. In any case, you have the following rights with regard to your personal data:
- The right to request access to your personal data
- The right to request the correction of your personal data if it is not correct (rectification)
- The right to request removal of your personal data
- The right to request the restriction of the processing of your personal data
If we process your personal data based on our legitimate interests: the right to object to the (further) processing of your personal data (resistance)
If we process your data on the basis of your permission or on the basis of an agreement we have concluded with you: the right to request transfer of personal data (data portability)
If you wish to exercise one or more of the rights specified above, you can contact us via privacy@getsettly.nl
Do you disagree with a decision made by us regarding privacy, you will be able to use one or both of the following options:
- You can contact us: we will try to find a solution together with you.
- You can submit a complaint: you have the right to submit a complaint to the Dutch Data Protection Authority: Dutch Data Protection Authority
The responsibility for the processing of personal data lies with:
Settly BV - privacy@getsettly.nl