RAC | Your IT Sparring Partner
Privacy Policy
INTRODUCTION
Risk, Audit & Compliance (RAC) B.V. is based in Amsterdam and is responsible for data processing (Controller within the meaning of the Personal Data Protection Act).
Risk, Audit & Compliance (RAC) B.V. is an organization that brings IT risk professionals and employers together and provides IT risk services to clients. To this end, Risk, Audit & Compliance (RAC) B.V. holds information from both candidates and employers/clients. Risk, Audit & Compliance (RAC) B.V. guarantees careful and discrete handling of this information, taking into account the interests of all parties involved. Risk, Audit & Compliance ( RAC) B.V. exercises the utmost care in safeguarding the privacy of visitors to this website. You are welcome to visit the website as often as you wish without any obligation and to read the content. This Privacy Statement describes which information is collected by Risk, Audit & Compliance (RAC) B.V. and for what purpose. Personal data is therefore treated and secured with the utmost care, in accordance with the requirements of the Personal Data Protection Act (including but not limited to the General Data Protection Regulation, "the AVG" (EU Regulation 2016/679).
WHY DO WE COLLECT YOUR PERSONAL DATA?
We collect and process your data for the performance of our IT risk services, including mediation, secondment, recruitment & selection, personal development, employability and payroll.
More specifically, your personal data are processed to:
- Providing you with offers and/or information on services and other activities and tailoring them better to your needs and qualities, this is done by our employees and partly automated (e.g. a job information service)
- To be able to assess your suitability and availability in connection with mediation for permanent or temporary work or an assignment, which may also involve the use of test results, reference checks, social media (if relevant to the position and indicated in the job posting), etc.
- Establish and maintain an employee or personnel/agency relationship with you and perform the relevant administration for this purpose
- Be able to record an assignment with the client in an agreement with the client and maintain and fulfill the agreement with the client
- To promote your personal development and employability, including training, education and testing
- Quality purposes such as certification
- In an employee relationship with you, compliance with laws and regulations, including but not limited to identification, labor laws, tax and social security laws, anti-fraud and national and international sanctions laws.
WHEN DO WE COLLECT YOUR PERSONAL DATA?
We collect your information from the moment you enter or leave your information on our website, or otherwise sign up or are notified to use our services.
We may also collect data from you if you have posted it on public resources (such as job boards like LinkedIn, Monster etc.) which might indicate that you would be interested in work-related services. In that case, we may approach you to see if you are interested in registering with us in accordance with our terms and conditions and subject to this Privacy Statement.
What personal data do we capture from you
We process the personal data necessary for our services; some of this data is mandatory to use our services. Additional data may be desirable to better tailor the service to your needs and qualities or to meet more specific requests or obligations from clients. You are responsible for the accuracy and relevance of the data you provide. If you are not interested, we may process relevant data from you in order to honor your wish not to be contacted by us.
More specifically, this includes - among others - the following (documents containing) personal data:
If you want to be mediated or have been mediated (candidates):
- Name information, e-mail address and other contact information
2. Birth data, age, gender - Curriculum Vitae (CV), information on education, internships and work experience
- Training and education data
- Other information that is or may be important in the context of assessing eligibility, e.g., references and certificates
If you will be working/have worked for Risk, Audit & Compliance (RAC) B.V.:
- Nationality, BSN number, ID proof, work permit
- Other data related to personnel, salary and absence records
- Assignment-related statements such as, but not limited to, VOG.
If you are a business relationship of Risk, Audit & Compliance (RAC) B.V. (customer/supplier):
Risk, Audit & Compliance (RAC) B.V. records personal data of data subjects working for companies with whom we do business. For making offers, for and/or providing information about our services, to maintain a business relationship and to conclude and maintain an assignment agreement. For this purpose Risk, Audit & Compliance (RAC) B.V. registers:
1. Name, position, telephone, e-mail address and other contact information
2. Relevant data about the organization with which business is conducted.
In principle, Risk, Audit & Compliance (RAC) B.V. does not record any special personal data (data on race, religion, belief, health, political affiliation, union membership, genetic data, biometric data, criminal activity, sexual life, criminal personal data), unless required to fulfill its legal obligations.
WITH WHOM MAY WE SHARE YOUR PERSONAL DATA?
If you want to be mediated or have been mediated (candidates):
Risk, Audit & Compliance (RAC) B.V. may share your personal data with its clients, suppliers (e.g., data processors of CVs) providing services or performing assignments on its behalf, government agencies and other business associates. And in all other cases in which we may be required to do so, for example by a court order or court judgment.
If you will be working/have worked for Risk, Audit & Compliance (RAC) B.V.:
The same applies to this as to you as a candidate
The provision of personal data is made on the basis of a legitimate interest, legal obligation and/or for the performance of the agreement in accordance with the purposes listed under "Why do we collect your personal data?".
If you are a business relationship of Risk, Audit & Compliance (RAC) B.V. (customer/supplier):
Risk, Audit & Compliance (RAC) B.V. may pass on personal data obtained from its business relations if this is necessary to achieve the objectives of the business relationship or for the purpose of mediation. This data may be passed on to applicants or candidates, business partners and in all other cases in which Risk, Audit & Compliance (RAC) B.V. may be obliged to do so, for example by a court order or court judgment.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
The retention periods we use depend on applicable legal retention periods.
If you want to be mediated or have been mediated (candidates):
Your mediation data (CV, work experience, education, test results, etc.) are available for up to two years after the last meaningful contact if you did not work for Risk, Audit & Compliance (RAC) B.V. By a meaningful contact" we mean, for example, communications between us (either verbal or written), or situations in which you actively participate in our (online) services. We consider a contact meaningful when you send your updated resume through our website, for example, or when you participate in one of our activities. Also, when you communicate with us about potential positions, verbally or in writing, or when you click through from one of our marketing messages.
If you no longer wish to be mediated, you can unsubscribe yourself. You can do this by sending an e-mail to info@riskauditcompliance.nl. If you have been mediated by Risk, Audit & Compliance (RAC) B.V., your personal data are still available for 24 months in connection with possible claims. In that case, the information is only available to Risk, Audit & Compliance (RAC) B.V. and only for the purposes and periods set for that purpose. After expiration of the aforementioned periods, your data will be permanently deleted.
If you will be working/have worked for Risk, Audit & Compliance (RAC) B.V.:
Your personal data is available for (re)mediation up to two years after the end of employment.
Certain personal data are retained for longer periods in accordance with statutory retention periods for purposes such as claims, audits and tax obligations. However, this data is only accessible to Risk, Audit & Compliance (RAC) B.V. employees to a limited extent.
If you no longer wish to be mediated, you can have yourself unsubscribed. You can do this by sending an email to info@riskauditcompliance.nlof letyour contact person know. If you have been mediated by Risk, Audit & Compliance (RAC) B.V. then your personal data are still available for 24 months in connection with possible claims. In that case, the information is only available to Risk, Audit & Compliance (RAC) B.V. and only for the purposes and periods set for that purpose. After expiration of the aforementioned periods, your data will be permanently deleted.
If you are a business relationship of Risk, Audit & Compliance (RAC) B.V. (customer/supplier):
Name and contact information will be kept as long as it is relevant to the purpose for which it was recorded. Business contact information will be updated or deleted when it is no longer relevant.
YOUR RIGHTS: ACCESS, MODIFY AND DELETE DATA
If you have your own account, you have access to much of the personal data registered about you. You can change a limited amount of data yourself, such as making changes to your CV or your account information.
If you would like to inspect your total personal data processing and/or change or delete data that you cannot modify yourself, please contact your contact person at Risk, Audit & Compliance (RAC) B.V.. When making such a request, we may ask you to identify yourself. Your request could be denied if Risk, Audit & Compliance (RAC) B.V. has the legal right to do so.
SECURITY
Risk, Audit & Compliance (RAC) B.V. makes every effort to optimally secure your personal data against unlawful use. We do this by means of physical, administrative, organizational and technical measures. For example: only authorized persons have access to the data. If and insofar as data are provided to data processors who provide services or execute assignments on its behalf, a processing agreement has been agreed with Risk, Audit & Compliance (RAC) B.V. which stipulates that they must also optimally secure the personal data.
QUESTIONS, COMMENTS, COMPLAINTS OR (SUSPECTED) DATA BREACH
If you have any questions, comments or complaints about the protection of your personal data by Risk, Audit & Compliance (RAC) B.V., please contact us in writing or by e-mail at info@riskauditcompliance.nl or Risk, Audit & Compliance (RAC) B.V. t.a.v. Department of Personnel & Organization, Thomas R. Malthusstraat 1-3, 1066JR in Amsterdam.
If there is a (suspected) data breach, please report it immediately at info@riskauditcompliance.nl.
CHANGES
Risk, Audit & Compliance (RAC) B.V. may make changes, additions or amendments to its Privacy Statement from time to time for various reasons. The most current Privacy Statement can be viewed at any time on the website of https://care-contact.nl.
COOKIES
https://riskauditcompliance.nl uses cookies to analyze the use of the website and improve user experience.
All websites today use cookies. For example, to collect information about how the website is used. A cookie can be seen as a small text file that is sent to the device you use to visit our website and stored when you use the Internet. Cookies store data and send it back to the entity that placed the cookies.
The cookies used on this website are:
STRICTLY NECESSARY COOKIES
These cookies are necessary to visit the website and make it easier for the user to use the services and tools on our site.
FUNCTIONAL COOKIES
These cookies remember decisions made by users of the website. For example, language choice, browser type, etc. These cookies are completely anonymous and cannot be traced back to individual users. They are used purely for use of the website.
ANALYTICS
We store collective information and statistics of visitors to this website. For example, which sections are most visited. This data helps us improve the website and enhance user experience.
SOCIAL MEDIA COOKIES
These are cookies that allow sharing information from our site on social media channels or, for example, linking a LinkedIn profile when registering on our site.
Most computers automatically accept the use of cookies. If the use of cookies is not desired, it can be disabled in the browser settings. However, this may cause that not all functionalities of the website can be used.
TECHNICAL INFORMATION AND COOKIES
In general, our Web site can be visited without your personal information being transmitted to us. Like many other Web sites, this Web site does automatically collect certain non-identifiable information about Web site users, including, for example, the Internet Protocol (IP) address of your computer, the IP address of your Internet Service Provider, date and time of access to the Web site, the Internet address of the Web site from which you linked directly to our Web site the operating system you use, the parts of the Web site you visit, the pages of the Web site you visited and the information you viewed, information about the type of device you use to visit the site, the geo location you are in, and the material you send or download from the Web site. This technical information is used to administer the Web site and system administrator, and to improve the Web site and its use. This technical information may be disclosed to third parties and may be permanently stored for future use.
Risk, Audit & Compliance (RAC) B.V. uses cookies and web statistics. We do this to see how visitors use our website. This information helps us to improve the site. A cookie is a file that is stored on your computer. On a subsequent visit to our website, these cookies can be recognized.