Amsterdam
Haarlemmer Houttuinen 23
1013 GL Amsterdam
The Netherlands
Meppel
Blankenstein 260
7943 PG Meppel
The Netherlands

Privacy Policy

At GMU B.V. (hereinafter GMU) we respect your privacy! Therefore, we process your personal data in accordance with the General Data Protection Regulation (AVG) and other relevant laws and regulations. In this privacy policy, we will explain how we do this exactly and how we treat and protect your personal data as best as we can.

In summary, you can read in this privacy policy:

  • What personal data we collect from you and how;
  • For what purposes we collect these personal data;
  • With whom we share your personal data;
  • How long we (may) store your personal data;
  • How your personal data is protected. 

This privacy policy applies when you visit our website and in other situations in which we process personal data, such as when you register for the newsletter, for an event organized by us or when you apply for one of our vacancies.

This privacy policy was last updated on 22 February 2022.

 

1. What is personal data?

Personal data is any information relating to an identified or identifiable natural person. Personal data that we process may include:

  • Basic information, such as your first and last name, prefix and title;
  • Contact details, such as your email address, postal address and telephone number;
  • Personal data you provide to us to become a customer and to verify your identity in connection with applicable anti-money laundering regulations, such as your nationality, date of birth, country of birth, residential address, TIN number, bank account number and passport number;
  • Personal data you provide to us for attending events or meetings, such as access and dietary requirements;
  • Personal data that you provide to us in the context of a job application, such as your full name date of birth, address, telephone number, nationality, marital status and any other personal data specified in the application;
  • Any other personal data relating to you that you provide to us or that we obtain in relation to the purposes and on the basis of the grounds set out below. 

We collect this personal data because you have provided this personal data to us. The reasons for the data you provide may vary: for example, to contact us (using the contact form), to become a customer or to apply for one of our vacancies. However, if you are just a visitor to our website, we will not collect and store any (explicit) personal data from you. It is possible, however, that through cookies we store certain data, such as your IP address or language preference. You can read more about which cookies we use in our cookie policy. 

 

2. What are the grounds on which we may process and store your personal data?

At GMU we may process your personal data for the following purposes: 

  • To identify you, verify your identity and accept you as a customer;
  • To provide our services to you;
  • To comply with our legal obligations;
  • For marketing and business development activities, such as news updates, invitations to our events and other marketing communications that may be of interest to you;
  • To process your application or registration to one of our recruitment services and events.

In this case, we will process your personal data based on one or more of the following legal grounds:

  • Execution of a contract;
  • Compliance with a legal obligation;
  • Legitimate interest;
  • Your consent.

 

3. Do we share your personal data with third parties?

In some cases, we may also share your personal data with third parties. These may include: 

  • Third parties relevant in connection with the services we provide, such as financial institutions, supervisory authorities regulatory bodies and government agencies;
  • Third parties, in order to comply with legal obligations;
  • Third party suppliers in connection with the processing of your personal data for the purposes described in this Privacy Policy, such as IT suppliers, communication service providers or other suppliers to whom we outsource certain support services.

We will only share your personal data with these third parties for the purposes and on the basis of the legal grounds set out in this Privacy Policy.

Third parties to whom we provide your personal data are themselves responsible for complying with privacy laws and regulations. We at GMU are not responsible or liable for the processing of your personal data by these third parties. 

Data processing outside the EEA 

In order to provide our services, it may be necessary for us to transfer your personal data to a recipient in a country outside the European Economic Area. In that case, we at GMU will ensure that the data transfer complies with applicable law. 

We at GMU are also aware of the EU Court of Justice ruling of 16 July 2020 with implications for the transfer of personal data. We are currently in the process of exploring how best to overcome this. We will do everything we can to find a suitable solution. When we have found it, we will inform you about it via this Privacy Policy.

 

4. How long do we keep your data?

Your personal data is stored in accordance with the AVG and other applicable laws and regulations. This means that your personal data will be kept until the end of the legal retention period, until the moment you inform GMU that you no longer wish to receive digital communication and/or information or until you request us to delete your data. 

Your personal data will also be deleted if:

  • It appears that your e-mail address is no longer in use (for example, in the case of error messages);
  • The consent on the basis of which your personal data is processed and/or stored is withdrawn by you;
  • The aforementioned legal basis on the basis of which your personal data is processed expires because, for example, your company ceases to exist, or you have had no contact with GMU for a period of 5 years (without prejudice to any legal obligations).

 

5. What are your rights?

When processing your personal data, according to the AVG, you have a number of rights. We would like to explain below what your rights are. If you would like to make a request based on these rights, please contact us at privacy@gmu.online.

The right to transfer your data 

If you no longer wish to use our services, you may choose to become a customer with another provider. There too, they will probably register certain data about you. To make this switch easier, the privacy law has established the right to 'data portability'.

With this data portability, your data can easily be taken to the other provider: you can have your data sent to you, after which you can use these data again with the other provider. You can also request us to forward the data directly to the other provider.

The right to have your data deleted

In addition to being able to take your data with you to another provider, you also have the right to have your data deleted if you are no longer a customer of ours. This is not possible during the period that you are a customer because we have to keep certain necessary data due to tax and legal obligations (such as registration for the tax authorities). Of course, you can have data that is not necessary removed at any time. 

The right to view your data

We are always talking about your personal data here, but what data is it really about? To gain insight into this, the privacy law provides the right to inspect your data. To get an overview of what personal data we have about you, you can send us a request to receive it. 

The right to have your data corrected

Is the information we have on you incorrect or incomplete? That is annoying, and we would like to solve this for you! In the event that this happens, you can make a request to supplement or correct your data. This is also called the 'right to rectification'. 

The right to object

You have the right to object to the processing of your personal data for direct marketing. Direct marketing occurs when we send you advertising mail at GMU without your consent. We are allowed to do this under certain conditions, but so you can always object. 

The right to withdraw your permission

If you have given GMU (explicit) permission to process your personal data, you can always let us know that you wish to withdraw this permission. If you do so, we may and will no longer process your personal data. 

The right to restriction of processing

In some cases, you can request us to restrict (temporarily or permanently) the processing of your personal data. Reasonable grounds for requesting restriction of processing include, for example, if you dispute the accuracy of the personal data or have lodged an objection to the processing of your personal data. 

Identification

Should you make a request under any of the above rights, we at GMU may ask you to identify yourself. We request this identification information to ensure that you are the person to whom the personal data in question belongs.

 

6. How do I contact you with questions?

If you have questions or comments about our Privacy Policy or the processing of your personal data, you can send a question or request to the data controller: GMU B.V. We will do our best to answer your request or question as best as possible!

GMU B.V.
Blankenstein 260
7943 PG Meppel, Netherlands
Chamber of Commerce: 66392179

privacy@gmu.online
+31 (0)85 888 7305

 

7. Where can I leave my complaints? 

If you are not well served or do not agree with the way we process your data, you can contact the Dutch Data Protection Authority. You can submit a complaint to this supervisory authority in the event of dissatisfaction. But, of course, you can always send us an email first!

GMU reserves the right to modify this Privacy Policy. You are invited to consult the Privacy Policy regularly so that you are aware of any changes.