Related to the use and processing of personal details
ESP takes great care to treat the personal details of any person visiting an ESP website prudently. Personal details are processed and protected in conformity with the Dutch General Data Protection Regulation (Algemene Verordening Gegevensbescherming). The purpose of this privacy statement is to inform you how we use and process any personal details obtained by ESP when you visit an ESP website.
ESP processes the personal details within the meaning of Article 1, section a, of the General Data Protection Regulation. Personal details are defined as any details that could disclose information about an identified or identifiable natural person.
ESP uses your name, address, telephone number and e-mail address in order to contact you if your personal details are used, or if ESP has questions about a report you may have made regarding a data leak on the part of ESP.
ESP is the responsible party within the meaning of the General Data Protection Regulation. This means that ESP decides which personal details are processed, as well as the purpose for which and how they are processed. ESP is responsible for ensuring your personal details are processed correctly and prudently in accordance with provisions of the General Data Protection Regulation.
Purpose of the processing of personal data
ESP processes personal details in order to undertake its legal and administrative duties, as well as any other tasks essential for it to fulfil its objective. A visitor will be informed how ESP processes these personal details, and the purpose for which ESP is using or will use the personal details.
Basis of the processing
ESP must be able to justify the use of the personal details on the basis of one of the principles laid down in Article 6 of the General Data Protection Regulation. On the grounds of this Article, it is also permissible for these personal details to be processed if the responsible party is required to comply with a legal obligation (Article 6, section 1c of the General Data Protection Regulation).
Protection of personal details
ESP ensures there are suitable technical and organisational measures in place to prevent the loss or unlawful processing of personal details. This means that (personal) details are encrypted when they are being sent, and that they are sent via a secure connection.
Retention period of personal details
ESP does not retain personal details for any longer than is necessary for the purposes for which they are being processed (Article 5, section 1c of the General Data Protection Regulation).
As the responsible party, ESP maintains a register of all the processing activities which fall within ESP’s sphere of responsibility (Article 30 of the General Data Protection Regulation).
Your privacy rights
You are entitled to access your personal details, and also have the right to request these details are corrected or deleted.
If you wish to know which of your personal details ESP has processed, you should submit a written request to have access to these details. ESP will deal with your request within four weeks.
If it appears that your details are incorrect, incomplete or irrelevant, you should submit an additional request to have these details removed or supplemented.
Contact details of the data protection officer or for further information
For further questions about the processing of your personal details: firstname.lastname@example.org.