Privacy sensitive data is processed at TriFact365. This information is called personal data. In this privacy statement we explain which personal data we collect and use and for what purpose. We advise you to read this statement carefully.
We adhere to the Personal Data Protection Act (WPB) and the General Data Protection Regulation (GDPR). TriFact365 uses various methods to safeguard the privacy of your data and to protect your personal data. TriFact365 is classified as ‘processor’ according to the GDPR, since our services consist of storing client data. The client is the ‘controller’. TriFact365 also manages the systems and applications with which the data is made available.
This privacy statement applies to the following services:
- Our website (https://www.trifact365.com)
- Our (SaaS) portal, (https://www.trifact365.com/en/sla/terms-conditions)
- Our mobile app (which can be downloaded via Android in the Play Store, IOS in the App Store)
Through this privacy statement we mention for what purposes we process personal data. In doing so, we limit the collection of personal data to the personal data necessary for the established purposes. Of course we ask you in advance for explicit permission to process your personal data in cases where your permission is required. TriFact365 takes appropriate security measures to protect your personal data and also requires parties that process personal data to do so on behalf of us. We respect your right to provide, correct or delete your personal data.
When using our website, portal and mobile app, you leave certain information with us. Usually these will be company data, but sometimes also personal data. We generally process your personal data for the provision of our service and the purposes associated with it, such as providing support, and detecting and preventing misuse of our service.
On our website we process the following (personal) data:
- Purpose: the registration process that you go through to start a (trial) subscription;
- Registration: (company) name, address details, contact details (telephone number and e-mail address), payment details and company details.
- Purpose: to send out newsletters when you are actively registered for this;
- Registration: e-mail address.
- Purpose: to process the contact form you filled in;
- Registration: company name, e-mail, telephone number and the data that you enter in the message of your own accord.
- Purpose: to process the webinar form you have completed;
- Registration: (company) name, address details, contact details (telephone number and e-mail address)
- Purpose: to process the whitepaper, brochure, flyer or related form you have completed.
- Registration: (company) name, name, contact details (telephone number and e-mail address)
On our (Saas) portal we process your data for the following purposes:
- Purpose: to provide access to the service;
- Registration of the Access: login details, consisting of a user name and password.
- Purpose: to send updates regarding our TriFact365 (SaaS) Portal.
- Registration of Update messages: in addition to the updates that appear in the TriFact365 Portal, we may send updates to your e-mail address if they are relevant to the use of TriFact365.
- Purpose: To change and supplement your (company) data
- Registration: (company) name and (company) data.
For our mobile app we process your data for the following purposes:
- Purpose: to provide access to the service.
- Registration: login details, consisting of a username and password.
Reporting duty data leaks
Since 1 January 2016, the obligation to report data leaks is active. The duty to report data leaks in the Wbp requires that any data breaches be reported to the Dutch Data Protection Authority. The “Data Leaks Data Liability Guidelines” from the Dutch Data Protection Authority provide further information on this. We will inform you timely and complete about relevant incidents, so that you as a controller can meet the legal requirements. TriFact365 will not submit any notifications to the Personal Data Authority without the responsible party submitting a request.\
General Data Protection Regulation (GDPR)
Since 25 May 2018 the General Data Protection Regulation (GDPR) applies. This law has been created to better protect data of individuals within the European Union, whereby this protection is also uniformed. TriFact365 processes, among other things, personal data for and on behalf of the customer. According to the GDPR, TriFact365 is the ‘processor’ of the personal data and the client is the ‘controller’. TriFact365 may continue to process this personal information for and on behalf of the customer by means of a Processing Agreement.
Reliability and security of data
We consider careful handling of personal data of great importance. That is why we have taken various control measures to protect your personal data against unauthorized access, misuse and other forms of unlawful use. Check our website for more information about our reliability and security measures.
In and around our office building we use open camera surveillance to protect our employees and our properties. Access to these camera images is only possible for authorized persons. The camera images are saved for up to 14 days before being deleted.
Your personal data will not be stored for longer than is necessary for the purpose for which the data is processed.
Provision to third parties
We will not provide your personal data to third parties. Unless necessary to provide the requested services, or when we are legally obliged to do so.
If you are 16 or younger, you may only use our website and other services under the supervision of your parents or legal representatives.
Changes to this privacy and cookie statement
We may change this privacy statement from time to time. Changes will be published on our website. It is therefore advisable to consult this privacy statement regularly, so that you are aware of these changes.
Access and change your data
If you have provided us with personal data, you can send us a request to view, change or delete this personal data. Please contact us via the medium of your preference. If your details are not (anymore) correct, you can ask us to change the data or have it removed. To prevent abuse we can ask you to identify yourself. For example, by sending a copy of a valid proof of identity. If it concerns access to personal data linked to a cookie, you must send a copy of the relevant cookie. This can be found in the settings of the browser.
Authority Personal Data
We are at your service if you have questions or complaints about the processing of your personal data. You also have the right to file a complaint with the Dutch Data Protection Authority, the privacy regulator in the Netherlands, on the grounds of the privacy legislation.