WPT Privacy Statement
This WPT Privacy Statement shows explains how WPT deals on a day-to-day basis with personal data and privacy, and provides information on what is and what is not permitted by law. Privacy plays an important role in the relationship between the client and WPT.
WPT is responsible for personal data and data exchange for all areas in which it operates. WPT is obliged to handle carefully, securely, appropriately and confidentially the collection, retention and administration of the personal data of its employees, clients and other data subjects. Protecting privacy and personal data is a complex affair, and one that is becoming ever more complex due to technological developments, major security-related challenges and new European legislation. This is why we believe it is important to be transparent about the way in which we handle personal data and preserve privacy.
The General Data Protection Regulation (EU 2016/679; "GDPR") and the Dutch GDPR Implementation act (Uitvoeringswet AVG; "UAVG") provide the legislative framework for the processing of personal data applicable to WPT.
The following terms are used in the GDPR (see Article 4 GDPR):
The person to whom the personal data relates.The data subject is the person whose data is being processed.
The person or organisation that processes the personal data on behalf of and on the instructions of another person or organisation (the controller, see below).
All information relating to natural persons that can be used to identify an individual. This does not only refer to special categories, confidential data such as data concerning a person’s health but to any piece of information that can be traced back to a particular person (such as: name, address, date of birth). In addition to ordinary personal data, the law also designates certain personal data as being ‘special’. This is data that relates to sensitive subjects such as ethnic background or political preferences.
A natural or legal person or body that, alone or together with others, determines the purposes and means of the processing of the personal data.
Processing is everything that you can do with personal data, including the recording, storage, collection, provision thereof to another party and the destruction thereof.
The privacy statement applies to all processing of personal data by WPT. Since WPT has offices in multiple EU member states, but its main establishment in the Netherlands, WPT, in accordance with GDPR, regards the Dutch Data Protetction Authority (Autoriteit Persoonsgegevens, "AP") as the competent Lead Supervisory Authority.
WPT is the controller for the processing activities that are carried out by or on behalf of WPT.
WPT processes personal data for the following purposes, based on a legal basis. These legal bases are, amongst others, the necessity for the performance of a contract with the data subject, the necessity to comply with a legal obligation, and the legitimate interests pursued by WPT.
The legitimate interests of WPT include marketing, advertising and the research and analysis of the products and services.
WPT solely processes personal data for the aforementioned purposes.
WPT may provide the personal data it processes to third parties that are involved in the processing or that help achieve the aforementioned objectives. WPT has entered into data processing agreements with these third parties.
In addition, in so far as permitted by the GDPR and the UAVG, WPT may also transfer personal data to enterprises that are affiliated with WPT and with other organisations, including those that are established outside the EEA (European Economic Area). WPT implements the necessary appropriate safeguards to transfer the personal data to such countries in a lawful manner.
5. Rights of data subjects (Articles 13 to 20 inclusive GDPR)
The GDPR provides for the following rights of data subjects:
Should the data subject wish to exercise his/her rights then he/she can submit an application to the address provided below. This application may be made either in writing or by e-mail to which a copy of a valid proof of identity has been attached. (personal identification number can be made illegible).
WPT has in principle four weeks from receipt of the application to evaluate whether it is justified and to provide the data subject with a repsonse. WPT will let it be known within four weeks what action (if any) will be taken in respect of the application.If the application is not followed up on a complaint may be lodged either with WPT or with the AP. Following an application, WPT may ask for additional information in order to be sure of the identity of the data subject.
WPT takes the utmost care of the personal data, and - together with any processors - is responsible for ensuring suitable organisational and technical protection to protect the personal data processes. Therefore, WPT has taken technical and organisational measures to ensure a level of security appropriate to protect the personal data from unauthorized or unlawful processing and from loss, destruction, damage, alteration or disclosure. These measures ensure an appropriate level of security.
7. Retention periods
WPT will not store personal data longer than necessary to achieve the purposes stated in this privacy statement, unless we are required by law to do so.
This website may contain links to other websites. We are responsible for neither the privacy statements nor the content of these other websites. We advise you to take notice of the privacy statements on these other websites.
Amendment of the Privacy Statement
If WPT amends this Privacy Statement then we will inform you of this in our newsletter.
Questions, comments or complaints
If you have any questions that are not answered in this Privacy Statement or if you have any suggestions or comments about this privacy statement or should you wish to exercise your rights, please contact us by (i) sending a letter to WPT at P.O. Box 54, 9679 ZH Scheemda for the attention of the Liaison Officer for GDPR matters, stating as your reference ‘Privacy’, or (ii) by sending us an e-mail at firstname.lastname@example.org.