Privacy Policy
Data Protection
Welcome to the Jurcom GRC Services B.V. website https://www.jurcom.nl/ . We appreciate your interest in our company. Protection of the personal data you entrust to us is a priority for us, and we want you to feel safe and secure when you visit our website or use our online offers.
It is important to us that you are fully informed about the personal data that we collect when you use our online offers and services, and are familiar with how we use them.
Intended use of data processing
Jurcom GRC Services B.V. (Jurcom) is the leading service provider company offers governance, risk and compliance advisory services and technology solutions in international regulatory compliance. Wherever Jurcom processes personal data, such processing is carried out for the purposes defined in this data privacy statement.
Processing of personal data
Visiting our website
We record and save your computer’s IP address in order to send the contents of our website visited by you to your computer (e.g. texts, pictures, and files provided for downloading, etc.) (cf. Art. 6 (1) lit. b GDPR). We also process these data to identify and pursue any misuse. Legal basis in this case is Art. 6 (1) lit. f GDPR. In this context, our legitimate interest in data processing is to ensure the due functioning of our website and the business transacted via the website.
In as far as we process your data as described above for the purpose of providing the functions of our website, you are contractually bound to make these data available to us.
Other purposes
We also process personal data that you provide voluntarily, e.g. when you make an inquiry or online appointment, or when you order information material or newsletters. Legal basis in this case is Art. 6 (1) lit. b GDPR. The data processed by us in this context include the data of customers, employees, and suppliers to the extent necessary for the purposes specified within the scope of this data privacy statement.
In as far as we process your data as described above for the purpose of accepting and processing your inquiry, appointment, or (newsletter) order, you are contractually bound to make these data available to us. We are unable to process your request without the data.
Where you have given your consent to the processing of personal data (cf. Art. 6 (1) lit. a GDPR), you can withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent up to the time of withdrawal of consent.
Transfer to third parties
We generally transfer your data to the relevant Jurcom company where it is processed to deliver the service and support you requested.
This means that information may also be processed by other legal entities of the Jurcom Group. However, such processing is limited to the extent required for the purposes defined in this data privacy statement or to which the other legal entity acting as a service provider / processor has to follow the instructions given by the controller.
In this context, we sometimes use service providers (located in Europe and in the Turkey) which process data on our behalf (e.g. in email marketing or software design and development, or to support processing of customer inquiries). In these cases, the information is transferred to third parties to enable further processing. External service providers are selected carefully and audited at regular intervals to ensure protection of your data privacy.
These service providers / processors are bound by instructions. Given this, they are subject to our requirements, which include processing of your data exclusively in line with our instructions and in compliance with the applicable Data Protection Act. In particular, they are contractually bound to treat your data with strict confidentiality, and are not permitted to process data for other purposes than the ones agreed.
Data transfer to the data processor is affected on the basis of Art. 28 (1) GDPR. We will not sell your data to third parties or otherwise share them for commercial purposes.
Beyond the above, we will transfer your personal data to prosecution authorities and, if applicable, damaged third parties without your explicit consent where this is necessary for clarifying illegal use of our services or for legal prosecution. However, such a transfer will only take place if there is concrete evidence of illegal conduct or misuse. Transfer of your data may also take place where this contributes to enforcing the conditions of use or other agreements. We are also under legal obligation to provide information to certain public bodies on request. These comprise prosecution authorities, authorities prosecuting offences punishable by a fine, and financial authorities.
The transfer of these data is based on our legitimate interest in fighting misuse, prosecuting criminal acts, and securing, asserting, and enforcing claims unless our interests are overridden by your rights and interests in the protection of your personal data, Art. 6 (1) lit. f GDPR.
Intended data transfer to third countries
At present, we transfer data to third countries such as to the Turkey. We will establish the required legal conditions. In particular, you will be informed of the respective recipients or categories of recipients of the personal data in line with the legal requirements
Security
Jurcom takes appropriate technical and organizational measures to protect any personal data you provide to Jurcom from accidental or intentional manipulation, loss, destruction, or access by unauthorized parties. This also applies to any external services purchased. We verify the effectiveness of our data protection measures and continuously improve them in line with technological development. Any personal data entered are encrypted during transfer using a secure encryption process.
Cookies
For a user-friendly website experience and to tailor the operations of our website to your needs, some areas of our website may use cookies. A cookie is a small file that is stored locally on your computer when you visit a website. When you revisit the website on the same device, the cookie will indicate, for example, that you are a repeat visitor. Cookies also allow us to analyze the use of our website. They do not include any personal data, other than your email address, and cannot identify you on third-party websites – including those of analytics providers.
We use the following types of cookies:
• Essential/necessary cookies
These cookies are essential for the functioning of our website. This includes the login ID which is typically the email address that was registered with the system, anonymous session IDs to summarize multiple queries to a web server, or ensuring fault-free functioning of registrations and orders.
Functionality cookies
These cookies help us to save your chosen settings or support other functions when you are navigating our website. They allow us, for example, to remember your preferred settings for your next visit or save your login data for certain areas of our website.
Performance/statistics cookies
These cookies collect information about how you use our website (e.g. which Internet browser you use, how often you visit our website, which pages you open, or how long you stay on our website). These cookies do not store any information that enables visitors to be personally identified. The information collected with the help of these cookies is aggregated, and thus anonymous.
You can accept or decline cookies––including those used for website tracking––by selecting the appropriate settings for your browser. You can set your browser to notify you when you receive a new cookie, or to decline cookies altogether. However, if you choose to decline cookies you may not be able to use all the features of our website (e.g. Impairment reporting, or purchasing training courses, etc.). Your browser also offers you the option to delete cookies (e.g. via the Clear Browsing History function). For further information, please refer to the user help function under Settings in your web browser.
Anonymized website tracking
To align this website better to our customers’ needs, we analyze how our customers interact with the site. We anonymize your IP address (and possibly similar information exchanged with our site by your computer or device during standard Internet use) and then use it to analyze data such as the pages at https://www.jurcom.nl/visited by your browser and your computer. Again, we use cookies for this purpose. Our cookie contains only one unique number by which we can re-identify you on our websites––but not, however, on third-party websites. We use the stored data for statistical purposes only. In particular, the IP address will not be associated with any individual user. The data will not be shared with third parties.
Use of Google Universal Analytics
This website uses Google Universal Analytics, a web analysis service offered by Google Inc. (“Google”). Google Universal Analytics uses ‘cookies,’ text files stored on your computer, to help us analyze how you use our website. The information generated by the cookie about your use of this website (including your IP address) is transferred to Google servers in the USA and saved there.
We have activated IP anonymization on this website, so that the IP address of users within EU Member States or other States party to the Agreement on the European Economic Area will be truncated by Google beforehand. Only in exceptional cases is the full IP address sent to Google servers in the USA and truncated there. On behalf of the website provider, Google will use this information for the purpose of analyzing your use of the website, compiling reports on website activity, and providing us with other services relating to website activity and internet usage. Google will not associate the IP address transmitted by your browser within the operations of Google Universal Analytics with any other data held by Google. You may prevent cookies from being installed by selecting the appropriate settings on your browser. However, please note that in this case you may not be able to use the full range of functions of this website. Furthermore, you can prevent Google from collecting and using the data regarding your use of the website generated by the cookies (including your IP address) by downloading and installing the browser plugin from the following link http://tools.google.com/dlpage/gaoptout?hl=en.
Click on the link below to prevent collection of your data by Google Universal Analytics. By clicking on this link, you will set an opt-out cookie which prevents your data from being tracked when you visit this website in the future. Deactivate Google Universal Analytics
For more detailed information on the conditions of use and data privacy, go
to http://www.google.com/analytics/terms/us.html and/or http://www.google.com/privacy.html. Please note that this website uses Google Universal Analytics with the code extension “anonymizeIp” to ensure anonymized recording of IP addresses (known as IP masking) and exclude direct personal references.
Embedding of social plugins
Our website uses buttons for the following social networks:
• Linkedin, 1000 W. Maude Avenue, Sunnyvale, CA 94086, USA
The buttons show the logos of the individual social networks. However, the buttons are not standard social plugins, i.e. plugins provided by social networks, but links with button icons. These buttons are only activated by deliberate actions (clicking). As long as you do not click the buttons, no data will be transferred to the social networks. By clicking the buttons, you accept communication with the servers of the social network, thereby activating the buttons and establishing the link.
Once clicked, the button functions as a share plugin. The social network then obtains information about the site you have visited, which you can share with your friends and contacts. You need to be logged in to “share” information. If you are not logged in, you will be forwarded to the login page of the social network you have clicked, thereby leaving the pages of tuev-sued.de. If you are logged in, your “like” or recommendation of the article in question will be transmitted.
When you activate the button, the social networks will also receive the information that you accessed the respective page of our website and when you did so. In addition, information such as your IP address, details about the browser you used, and your language settings may be transmitted. If you click the button, your click will be transferred to the social network and used according to their data policy.
When you click the button we have no control over the data collected and the data-processing operations. We are not responsible for this data processing, nor are we the “controller” as defined in the GDPR. Neither are we aware of the full extent of data collection, its legal basis, purposes and storage periods. Given this, the information provided here is not necessarily complete.
The data will be transmitted irrespective of whether you actually have an account with this provider or whether you are logged in there. If you are logged in with the provider, your data will be assigned directly to your account. Providers may also use cookies on your computers to track you.
As far as we know, these providers store these data in user profiles which they use for advertising, market research and/or demand-oriented website design. This type of analysis is performed (also for users who are not logged in) to present demand-oriented advertising and inform other users of the social network of your activities on our website. You have the right to object to the creation of these user profiles. To exercise your right of objection, please contact the relevant provider.
Please consult the information provided by the following social media sites for details of the purpose and scope of data collection and of further processing and use of the data by the respective social network, and for your rights and privacy settings:
• LinkedIn: https://www.linkedin.com/legal/privacy-policy
If you do not wish social networks to obtain data about you, do not click the button.
Standard periods for deletion of data:
Legislation has defined numerous data storage periods and obligations. At the end of these periods, the relevant data will be routinely deleted. Data that are not affected by the above storage periods and obligations are deleted or anonymized upon request as soon as the purposes defined in this data privacy statement no longer apply. Unless this data privacy statement includes other deviating provisions for data storage, we will store any data we collect for as long as they are required for the above purposes for which they were collected.
Other data use and deletion of data
Any further processing or use of your personal data will generally only be carried out to the extent permitted on the basis of a legal regulation or where you have consented to data processing or data use. In the case of further processing for other purposes than the ones for which the data were originally collected, we will inform you about these other services and provide you with all other significant information before further processing.
Identification and prosecution of misuse
We may store any information for the identification and prosecution of misuse, in particular your IP address, for a maximum period of 7 days. Legal basis in this case is Art. 6 (1) lit. f GDPR. Our legitimate interest in keeping your data for 7 days is to ensure the functioning of our website and the business transacted via this website and to be able to fight off cyberattacks and similar malicious actions. Where appropriate, we may use anonymous information to tailor the design of our website to user needs.
Rights concerning the processing of personal data.
Right of access (EU)
On request, you have the right to obtain information from us about the personal data concerning you and processed by us, to the extent defined in Art. 15 GDPR. You can send your request either by mail or email to the addresses given below.
Right to rectification (EU)
You have the right to require us to rectify any inaccurate personal data concerning you without undue delay (Art. 16 GDPR). For this purpose, please contact the address given below.
Right to deletion (EU)
Where the legal reasons defined in Art. 17 GDPR apply, you have the right to immediate deletion (“right to be forgotten”) of personal data concerning you. These legal reasons include: the personal data are no longer necessary for the purposes for which they were processed, or you withdraw your consent, and there are no other legal grounds for processing; the data subject objects to the processing (and there are no overriding legitimate grounds for processing––does not apply to objections to direct advertising). To assert your above right, please contact the contact address given below.
Right to restriction of processing (EU)
If the criteria defined in Art. 18 GDPR are fulfilled, you have the right to restriction of processing as established in the above article of the GDPR. According to this article, restriction of processing may be called for in particular if processing is unlawful and the data subject opposes deletion of the personal data and requests the restriction of their use instead, or if the data subject has objected to processing according to Art. 21 (1) GDPR as long as it is unclear whether our legitimate interest overrides the interest of the data subject. To assert your above right, please contact the contact address given below.
Right to data portability (EU)
You have the right to data portability as defined in Art. 20 GDPR. This means you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller, such as another service provider. Prerequisite is that processing is based on consent or a contract, and is carried out using automated means. To assert your above right, please contact the contact address given below.
Right to object (EU)
You have the right to object at any time under Art. 21 GDPR to processing of personal data concerning you which is based on Art 6 (1) lit. e or f GDPR, on grounds relating to your particular situation. We will desist from processing your personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights, and freedoms, or unless processing is for the establishment, exercise, or defense of legal claims. To assert your above right, please contact the contact address given below.
Right to file a complaint with a supervisory authority (EU)
If you think that processing of personal data concerning you and carried out by us is unlawful or impermissible, you have the right to file a complaint with the supervisory authority responsible for us. You can contact this authority:
For EU:
Autoriteit Persoonsgegevens
Postbus 93374
2509 AJ DEN HAAG
Telefon: (+31) – (0)70 – 888 85 00
Telefax: (+31) – (0)70 – 888 85 01
For EU:
World Trade Center, Prinses Margrietplantsoen 33 2595 AM The Hague/Netherlands
+31 61 115 1771