Privacy Policy
This Privacy Policy was last updated on: 01-01-2024
We are Sweav B.V. and we operate under the name Sweav (Sweav). We respect your privacy and private life, but sometimes we need your personal data. We consider Personal Data to be any information relating to an identified or identifiable person, in conformity with the General Data Protection Regulation (the GDPR).
This policy explains which Personal Data we use and why (the Privacy Policy). Furthermore, you will read how we store, protect and process this Personal Data. Finally, we outline the rights you have when we process your Personal Data and explain how you can exercise these rights.
This Privacy Policy applies to our website www.sweav.works (the Website) and the services or products we provide (the Services). We process your Personal Data in accordance with the GDPR and all other relevant legislation and regulations in the field of protection of Personal Data, like the Dutch Telecommunications Act (Telecommunicatiewet) regarding the use of cookies (together: the Relevant Legislation).
Are you under the age of 16?
If you are younger than 16 years old, you need permission from your parents or legal guardian to use our Website and Services.
Who is the controller of your Personal Data?
We are the controller of your Personal Data within the meaning of the Relevant Legislation. At the end of this Privacy Policy, you can find our contact details.
Details of the processing of Personal Data
We need some of your Personal Data in order for you to use our Website and Services. We are allowed to process your Personal Data, because we comply with the Relevant Legislation. We lawfully process your Personal Data because:
- Processing Personal Data is necessary in order to perform our contract;
- We have legitimate interests to process your Personal Data, where we have considered these are not overridden by your rights;
- You have given us consent.
We make sure that the processing of your Personal Data is adequate, relevant and limited to what is necessary in relation to the purpose for which the Personal Data is processed. In the table below you will read:
- what Personal Data we process;
- the purposes for which we process Personal Data; and
- on what basis(s) we process Personal Data.
General
| (Personal) Data | Purpose(s) | Legal basis |
Contact Data:
|
We use these Data:
|
We process these Data on the basis of:
|
Payment Data:
|
We use these Data:
|
We process these Data on the basis of:
|
Data for marketing and promotional reasons:
|
We use these Data:
|
We process these Data on the basis of:
|
Optional data:
|
We use these Data:
|
We process these Data on the basis of:
|
Legitimate interest as a legal ground for processing
We may only process your Personal Data subject to one of the limited legal grounds specified in the GDPR. For the legal basis of legitimate interest, an assessment was made on behalf of Sweav of the interests of Sweav on one hand and your interests, fundamental rights and freedoms as the data subject on the other. This balancing test assesses whether your interests should override ours.
In assessing your risk, we have paid attention to both the quantity and quality of the Personal Data we process. Based on our legitimate interest, we only process your e-mail address, in order to send you our newsletter once in a while. Therefore, we do not process a large amount of Personal Data, nor does this concern any sensitive data. The chance of identity fraud, discrimination or reputational damage in case of a possible data breach is, in our opinion, minimal. The processing of your email address therefore has no, or only a limited, impact on your privacy. Sending a newsletter is valuable to us, because we can inform you about relevant developments regarding the strategy consultancy market while strengthening our community. In this way, we can offer you an optimal service and also improve our services.
The conclusion of this assessment is that we may use legitimate interest for the processing of your email address. However, this assessment is subjective. Do you disagree with the processing of your Personal Data based on our legitimate interest? Then you can always object to this. We will then reassess, and possibly discontinue, the processing of your Personal Data.
How do we receive your Personal Data?
We receive Personal Data directly from you, when you fill out our contact form on our Website. In addition, consultants may provide additional Personal Data through the Community App. Your account details can be changed or supplemented at any time in the settings section.
Are you obliged to share your Personal Data with us?
In some cases, the processing of your Personal Data is necessary. This is relevant, for example, when we have to process your Personal Data in order to oblige to a contract with you or to provide a service to you. Without your Personal Data, we cannot provide our Service to you.
How do we secure your Personal Data?
We do our utmost to protect your Personal Data from being lost, destroyed, abused, altered or spread by unauthorized parties. This way we ensure that only the necessary persons have access to your Personal Data. We ensure this by taking the following security measures:
- Secure network connections with Secure Socket Layer (SSL), or a comparable technology;
- Non-disclosure agreements (NDA’s) & back-ups.
- The access to the Personal Data is strictly limited to the employees on a ‘need to know’ basis;
We constantly check our security measures for effectiveness and, if necessary, adjust our process. This way, your Personal Data are always protected and accessible in the event of a (technical or physical) failure.
How long do we store your Personal Data?
We shall not store your Personal Data longer than the period in which we need them for the aforementioned purposes. We delete the Personal Data after we no longer need them for the purpose we process them for. We use the following retention periods:
| Category of Personal Data | Retention Period |
| Contact Data | We will retain your contact information for as long as necessary to provide you with our Services. |
| Payment Data | We will retain your Payment Data for as long as necessary to fulfil our financial and tax obligations. |
| Data for marketing and promotional purposes | We will retain your data for marketing and promotional purposes for as long as you wish to use our Service. You can always unsubscribe from our newsletter. |
With whom do we share your Personal Data?
Processors
We may share your Personal Data with other parties who process Personal Data on our behalf. These are Processors within the meaning of the Relevant Legislation. The Processors will only use your Personal Data in accordance with our instructions and not for their own purposes. We agree with the Processors in a data processing agreement that they will handle your Personal Data with care and they will only have the Personal Data necessary to provide their service(s) to us. Currently, our sole processor is Hostgater, who we engage to host our Website.
Transfer
We shall only process your Personal Data within the European Economic Area (EEA). We will only process your Personal Data outside the EEA if that country offers an appropriate level of protection for your Personal Data. For the transfer of Personal Data we use, where appropriate, standard contractual clauses (SCC) approved by the European Commission. We shall never transfer your Personal Data to countries or parties other than those mentioned above without your consent.
Cookies
A cookie is a small text file that can be sent via the server of a website to the browser. The browser saves this file to your computer. Your computer is tagged with a unique number, which enables our site to recognize that computer in the future.
We use cookies to improve the user experience on our Website. Moreover, cookies ensure that the Website works faster, that you can visit our Website safely and that we can track and solve errors on our Website.
Links
Our website may contain links to other websites. We are not responsible for the content or the privacy protection on these websites. Therefore, we advise you to always read the Privacy Policy of those websites.
Modifications to the Privacy Policy
We may modify this Privacy Policy. If we substantially modify the Privacy Policy, we shall place a notification on our Website together with the new Privacy Policy. We shall notify registered users in case of a substantial modification. If you are not a registered user, we advise you to consult the Website and this Privacy Policy regularly.
Your rights
You have the following rights:
Right of Access
You can request access to your Personal Data;
Right to Rectification
You can request us to correct, limit or delete your Personal Data. In the event of fraud, non-payment or other wrongful acts, we can store some of your Personal Data in a register or on a blacklist;
Right to Data Portability
You can request a copy of your Personal Data. We can provide this copy to third parties at your request, so you do not have to do so yourself;
Right of Objection
You can object to the processing of your Personal Data;
Right to Object
You can file a complaint at the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you are of the opinion that we wrongfully process your data;
Right to withdraw Consent
You can always withdraw your permission to process your Personal Data. From the moment of your withdrawal, we cannot process your Personal Data anymore.
Contact
In the event that you wish to exercise these rights, or in the event of other questions or remarks regarding our Privacy Policy, you can contact us via the following contact details.
- Sweav B.V.
- Email: info@sweav.works
- Telephone: +316 274 486 80
- Address: Kinkerstraat 297A, 1053ET, Amsterdam
- Chamber of Commerce: 85645443