Last amendment: 30 June 2022
Privacy mission statement
Our Mission: Enable 5CA to navigate a dynamic future in privacy through transparent, ethical and innovative uses of personal data.
5CA Privacy Team is a division of the 5CA Legal and Compliance department.
We strive to be a valued partner and advisor to the 5CA community by providing guidance and training on privacy laws, policies and best practices.
Our Long-Term Goals:
- Promote privacy by design
- Build trust as a data steward
- Manage privacy risk proactively and pragmatically
- Advocate for the innovative and ethical use of data
- Be a recognized leader in data privacy
Who are we?
5CA B.V., Stationsstraat 154, 3511 EK Utrecht (“5CA”, “we, us, our”), as a controller of your personal data, strives to be transparent and clear. Our goal is to treat the data of our customers, employees, website visitors, and others involved in our actions carefully and respectfully.
Personal data means any information that—alone or with other data—uniquely identifies a human being.
Examples of such data include name, email address, ID numbers or location data.
Which information do we collect and why?
A large part of our Website does not require your personal data. However, for certain parts of the Website, it is necessary for us to process personal data. Overall, we have a lean Website; you do not need to register to use our Website. Nevertheless, we process some personal data to make the Website work and to offer you enhanced Website Services.
5CA processes the personal data of:
- Website Visitors
- Job applicants who apply for a vacancy via the Careers Portal
- Social media platform users via forms (e.g., LinkedIn)
|Data Source/ Website Service||Personal Data||Purpose/Use|
|Website Visitors (via Cookies and other similar means)||To provide certain features of the Website|
To enhance your user experience
To understand and save your preferences for future visits
To advertise on other sites
To compile aggregate data about site traffic and site interaction so that we can offer better Website experiences and tools in the future
For statistical analysis and market research
|Website Visitors who use our “Get in Touch”/”Contact Us” contact form||To get you in touch with our CX specialists|
To proceed with your questions and requests and provide you with sufficient information.
|Job Applicants||We process the personal data of candidates who have applied for open vacancies in our Careers Portal. When you visit our Careers Portal and apply for a job opening, we collect your personal information to process your application.|
|Social media platform users (e.g., LinkedIn)||Personal data provided via forms such as:||We process personal data for the purpose of promoting our brand to Prospect Clients and Job Applicants.|
We use essential cookies for our website to operate, and we rely on the legitimate interests ground under Article 6(1)(f) GDPR.
We process personal data based on consent, according to Art. 6(1)(a) GDPR, which you are free to give or refuse. You’ll see consent options when you visit our website for the first time. You can change your decisions at any time by setting your cookie preferences. Changing your decision will not affect the lawfulness of processing based on consent before the withdrawal.
Compliance with a legal obligation
To comply with our legal obligation. In case of a violation or alleged unlawful activity, or when we need to uphold our Terms, we need to be able to search or share (some of) your personal data.
5CA will save your data for as long as it is necessary for the purpose for which it was provided. We regularly go through our systems to check if your personal data is still necessary for the purposes they were provided.
In addition to the above, in some circumstances, we may store your data for longer periods, for example:
(i) where we are required to do so following legal, regulatory, tax or accounting requirements, or;
(ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or;
(iii) if we reasonably believe there is a prospect of litigation relating to your personal data or dealings.
Sharing personal data with third parties
5CA only provides personal data to third parties when this is permitted and done carefully. Personal data will only be provided to third parties if you have given permission or if this is permitted under the General Data Protection Regulation or other applicable privacy legislation.
Data is provided to parties that help 5CA to perform services for you or to maintain our Website. For example, if you consent to 5CA using your data for marketing purposes, we may share your data with third parties for marketing purposes.
These parties may be located in the Netherlands, other countries in the European Economic Area, or elsewhere. Where we store personal data outside the EEA, we will ensure appropriate protection for the data transferred. Furthermore, we require service providers and other providers to take appropriate measures to protect the confidentiality and security of personal data.
Data transfers, storage, and processing globally
In some countries outside the EEA, data protection laws may provide lower safeguards than those in the EEA, which is why we take specific additional measures to keep this personal data safe as determined by GDPR, such as transferring to countries that have been deemed adequate by the European Commission or using Standard Contractual Clauses (as approved by the European Commission) provided the concerned country provides an equivalent level of data protection.
How we protect your information
Ensuring the security of your personal data is very important to us, which is why we have taken different technical and organizational measures to ensure this. We want to avoid any personal data from unauthorized access, disclosure, use or alterations. This is why:
- We use regular Malware Scanning.
- Your personal data is contained behind secured networks and is only accessible by a limited number of persons with special access rights to such systems and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
- We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your data.
We have implemented commercially-reasonable technical, organizational and security measures designed to protect your personal data. However, please note that we cannot guarantee that the information will not be compromised due to unauthorized penetration into our servers.
As the security of information depends partly on the security of the computer, device or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.
If 5CA experiences a data breach and your information is affected, 5CA Privacy Team (firstname.lastname@example.org) will inform you if required by applicable law. 5CA may also be legally bound to contact the local data protection authorities.
Which cookies do we use?
Cookies and similar tracking technologies—such as beacons, scripts, web beacons and tags (which we also refer to as “cookies”)—are small bits of text, usually stored on a user’s computer hard drive or within a browser.
Cookies enable a website to remember information about a user’s visit to that website, make the website work more efficiently, and provide information to the website owners, which we can use to supply a more personalized and responsive service.
Cookies may be either first-party cookies set directly by us to your device or third-party cookies set by a third-party provider on our behalf. Whenever you use the 5CA website, we may collect this information via cookies and other technologies.
Your privacy rights
- You have a right to lodge a complaint with your local data protection supervisory authority:
- If you believe that your data protection rights may have been breached, you have the right to lodge a complaint with the applicable supervisory authority or to seek a remedy through the courts.
- You have the right to object to profiling.
- You have the right to object to or to request the restriction of the processing:
- In certain circumstances, you also have the right to object to processing your personal data and to ask us to block, erase and restrict your personal data. Please get in touch with us if you would like us to stop using your personal data.
- You have the right to request that we rectify any personal data.
- You also have a right to request certain details of the basis on which your personal data is transferred outside the European Economic Area.
- You have the right to data portability:
- You have the right to request that some of your personal data be provided to you or another data controller in a commonly used, machine-readable format.
- You have the right to request the erasure/deletion of your personal data:
- You have the right to [ask/require] us to erase your personal data when it is no longer necessary for the purposes for which it was collected or when, among other things, your personal data has been unlawfully processed.
- You have a right to access personal data held about you:
- You have the right to request a copy of the personal data that we hold about you. There are exceptions to this right, so access may be denied if, for example, making the information available to you would reveal personal data about another person or if we are legally prevented from disclosing such information. You are entitled to see the personal data held about you. If you wish to do this, please contact us using the contact details below.
- You have the right to withdraw:
- If you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing.
You can exercise your rights by submitting a request to email@example.com.
Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly per applicable law or inform you if we require further information to fulfil your request.
When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes before processing and/or honouring your request.
We reserve the right to charge a fee where permitted by law, for instance, if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initially requested, we will address your request to the maximum extent possible, all per applicable law.