Agreements on International RBC Privacy Statement
This Privacy Statement was last amended on 27 February 2020.
Thank you for your interest in Agreements on International RBC (International Responsible Business Conduct). In this privacy statement, we inform you about the processing and protection of your personal data by International RBC. International RBC is part of the Social and Economic Council of the Netherlands (hereafter referred to as the SER). The SER is the administrator of the website https://www.imvoconvenanten.nl/en. In the SER privacy statement, we inform you about the processing and protection of your personal data by the SER. If you have any questions or would like more information about the processing of personal data by International RBC or the SER, please contact email@example.com.
We can receive personal information from you in various ways (see below). If we receive personal data, we will treat them with care. It goes without saying that we act in accordance with the applicable legislation. Briefly stated, this means the following:
- We clearly state our identity as the controller for the processing of your personal data and how you can contact us about your privacy – see here;
- We clearly state for what purposes and on the basis of what legal principles we process personal data – we do so here or in a separate statement that we make available when we obtain your personal data;
- You can also read here (per situation) whether we pass on your personal data to third parties for the purpose in question and what type of parties these are. Where necessary, we always conclude a (processing) agreement with the receiving party in order to guarantee the protection of personal data;
- If we need your consent for the processing of your personal data, we will ask you for it (e.g. in connection with cookies) and we offer you the opportunity to withdraw your consent at any time;
- We secure your personal data in an appropriate manner, proportionate to the risks – see here;
- We indicate your rights in relation to your personal data, such as the right to access, correct, or delete them – see here.
What are personal data?
Personal data are all data that relate to you as a person, such as your contact details and any questions you ask us. Information that can be used to identify you, such as the IP address of the device with which you visit our website and a cookie ID on your device, are also personal data.
Processing, purposes, recipients and retention period
Which of your personal data we process, for what purpose and on what legal basis, depends on the way in which you came into contact with us. We explain this per activity below. In specific cases, you may also receive or see a separate statement that we make available to you at the time we obtain your personal information.
Visiting our website in general
When you visit our website, your browser automatically transmits technical information to us. This information contains the following categories of personal data: IP address of your device, the pages you visit on the website and the language you select. This information is necessary to make our website available to you and to secure it. We process your personal data on the basis of our legitimate interest. Your IP address is stored in the logs of our website, up to a maximum of three months. The service providers that help us make our website available and secure, such as our hosting providers and external ICT consultants, may process your IP address for this purpose. We have entered into a processing or other agreement with these parties to protect your personal data.
When you visit our website, cookies are placed on the device with which you visit our website. Cookies are small text files that are stored on your device in your browser. If you visit the website again, the information from these cookies can be sent back to our servers. No permission needs to be requested to place essential cookies. These are necessary to make our website available to you (see above). We place these cookies on the basis of our legitimate interest. For placing other cookies (preferences, statistics and marketing cookies) we ask your consent.
If you are visiting our website for the first time, you can enter your preferences in the cookie banner (see cookie banner for more information). You can always withdraw your consent for placing cookies by deleting the cookie that stores your preferences. Consult the browser manual if you want to know how to do this.
Contacting us via the contact form
If you contact us via the contact form on our website, you must enter your name, e-mail address and comment or question. By entering these personal details, we can then contact you to answer your comment or question. These personal data are processed on the basis of our legitimate interest. After your comment or question has been answered, we will delete your personal data.
Submitting a complaint or objection
On the basis of the Dutch General Administrative Law Act (Awb), you have the option of submitting a complaint and/or a notice of objection against the actions of administrative bodies. This also includes the SER. If you submit a complaint and/or objection against the SER, it is possible that we may record certain personal data (such as name, e-mail address and/or telephone number) relating to you. We do this on the basis of our legitimate interest or our legal duty. We will remove your personal data after the complaint has been dealt with or in accordance with the statutory retention period.
Registering for a meeting
If you register for a meeting or event, we will process the personal data you have entered in order to register for the meeting or event and to keep you informed of relevant information. We can also send you invitations to meetings or events that are relevant in the context of the agreement. You have the choice of accepting this invitation and registering, or declining it.
If we organise a meeting or event ourselves, we may issue your details to an external party, such as the organiser of the meeting or event. We keep your personal data for as long as these are necessary for the purpose for which they were provided.
Participating in an agreement
If you are interested in participating in an agreement, please contact us. We will then process the personal data you have entered and/or provided, including in any case your first and last name, organisation, position, e-mail address and telephone number. We process these data in order contact you and answer questions where necessary. We will not retain your data longer than is necessary for the above purposes.
If you are or your organisation is participating in a certain agreement, the personal data above will be used to invite you to meetings or events. In addition, your personal data may be used for monitoring purposes, i.e. to check whether your organisation is complying with the obligations arising from the agreement. Monitoring takes place once per calendar year. Depending on the agreement, a digital tool can be used. We have entered into a processing or other agreement with the supplier of this tool to protect your personal data. We process these personal data on the basis of a duty of general interest and they are destroyed five years after the expiry of the agreement period.
International RBC ensures appropriate security of your personal data. We take technical and organisational security measures to prevent unauthorised access, corruption or deletion of your personal data. The measures taken include:
- All digital devices in which personal data are processed are provided with access security (such as a username and password);
- Regular backups are made to restore data in the event of physical or technical incidents;
- All International RBC employees are informed about the importance of protecting personal data. They have also received instructions on how to deal with personal data.
- International RBC uses secure connections (SSL/TLS) that protect all information between you and the International RBC website when you enter personal data.
International RBC publishes reports, annual reports and agreements. These documents contain the first names and surnames of the persons involved. These documents are public and are published in the general interest. These records will be kept for as long as these personal data are necessary for the purpose for which they were issued.
If we process your personal data, you have the following rights under the law:
- You have a right of access to the personal data we have relating to you.
- You may ask us to supplement or correct your personal data if the personal data that we have received from you is incomplete or incorrect. If you feel that we no longer need your personal information, you can also ask us to remove it.
- You may ask us to temporarily suspend the processing of your personal data, for example because you have objected to the processing of your personal data and are still waiting for an answer.
- You may – for example due to personal circumstances – object to the processing of your personal data. You can object only if the processing of your personal data takes place in connection with the performance of a public task or the legitimate interest of International RBC.
- If you give us permission to process your personal data, you may always withdraw your consent at a later date. From that time on, we will cease the processing based on this consent.
Questions or complaints regarding your personal data
Agreements on International RBC are part of the Social and Economic Council of the Netherlands (SER), based in The Hague, the Netherlands. Here you will find our address details and our general contact details:
NL-2594 AW The Hague
NL-2509 LK The Hague
Tel.: +31 (0)70 0 3 499 499
If, after reading this privacy statement, you still have questions about the use of your personal data by International RBC or the SER, or if you have a complaint, you can send an e-mail to our Data Protection Officer (DPO) via firstname.lastname@example.org. We will respond as soon as possible.
If you are of the opinion that we are not handling your complaint properly, you can submit your complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). The Data Protection Authority regulates the use of personal data.
Privacy statement amendments
From time to time, we may make changes to this privacy statement. You will always find the current version on this page.