Processing  responsibility

TOMi, Onderwijsboulevard 225, 5223 DE at ‘s-Hertogenbosch, registered at the Chamber of Commerce under number 17197627, is responsible for the processing of personal data as shown in this privacy statement.

 

In general

We consider the protection of your data extremely important and take appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. Personal data is processed by us in accordance with the Dutch law on the protection of personal data, and from its implementation on, the General Data Protection Regulation 2016 / 679n (from here on we will refer to this as AVG or GDPR). We want to inform you as much as possible, respect you and give you control over what happens with your personal data. Below you will find information about what data we collect, why we do this, how long we keep it, what your privacy rights are and how you can exercise them. If you have the impression that your data is not properly secured or there are indications of abuse, please contact info@tom-i.nl.

 

Personal data that we process

This privacy statement only applies to the personal data that we process as organization. It applies to the processing of our customers’ personal data in relation to our services.

 

We mainly collect your personal data when:

– you contact us, through our website, correspondence, telephone or through personal contact regarding our services

– you visit our website

– you use our newsletters to keep you informed

– a third party, authorized to do so, provides us with your personal data (professional service providers, doctors, physiotherapists)

 

This privacy statement also applies when you visit our website or use our services in any other way. The personal data of former customers and prospects are also treated and secured as well and carefully as possible, in accordance with this privacy statement.

 

Below you will find an overview of the personal data that we (may) process:

– First and last name
– Location data

– Gender
– Information about your activities on our website

– Date of birth
– Bank account number

– Birthplace
– IP-adress

– Address data
– E-mail address

– Phone number
– Physical data

– Living habits

– Other personal data that you actively provide, for example by creating a profile on this website or information you make known in written correspondence and / or by telephone.

 

Special and / or sensitive personal data that is being processed

Our service and / or website do not intend to collect data about customers / website visitors under the age of 16. Unless they have parental or guardian consent, or if we are bound by the performance of our legal obligations. However, we cannot check whether a visitor is older than 16. We therefore advise parents to be involved in the online activities of their children, in order to prevent data about children from being collected without parental consent. If you are convinced that we have collected personal information about a minor without this consent, please contact our Data Protection Officer and we will delete this information. We also do not collect special personal data such as information about religious beliefs, political opinions, ethnic origin, health or sexual orientation.

 

For what purpose and on what base we process personal data

 

We process personal data for the following purposes

– In the context of the preparation, performance or termination of our contract; and / or

– To comply with the legal or regulatory provisions to which we are subject; and / or

– To represent the vital interests of you or another natural person; and / or

– To process your registration and / or payment after you have purchased a product or service.

– Handling your (eventual) payments; and / or

– Sending our newsletters; and / or

– Sending (e-) mailings with activities on offer; and / or

– To be able to call or e-mail you if this is necessary to be able to perform our services; and / or

– To inform you about changes to our services; and / or

– To process your request for our services; and / or

– To track our performance.

 

We may use your data and profile to evaluate our services.

 

 

Automated decision making

We do not make decisions based on automated processing (algorithms) that can have adverse consequences for you.

 

 

Sharing of personal data with third parties

We do not sell your information to third parties and only provide it if this is necessary for the performance of our services, in agreement with you or to comply with any legal obligations and powers. We also provide your personal data to third parties in some other cases, but we only do this with your explicit consent. We conclude a processor agreement with companies that process your data on our behalf to ensure the same level of security and confidentiality of your data. We remain responsible for these processing operations.

 

Cookies, or similar techniques, that we use

This website uses functional, analytical and tracking cookies. A cookie is a small text file that is stored in the browser of your computer, tablet or smartphone when you first visit this website. These cookies ensure that the website works properly and that, for example, your preferred settings are remembered. The cookies are also used to make the website work properly and to optimize it. In addition, we place cookies that keep track of your surfing behavior so that we can offer customized content and advertisements. On your first visit to our website we informed you about cookies and we asked for your permission to place them. You can opt out of cookies by setting your internet browser so that it no longer stores cookies. In addition, you can also delete all information previously saved via the settings of your browser.

For an explanation, see: https://veiliginternetten.nl/themes/situatie/cookies-wat-zijn-het-en-wat-doe-ik-ermee/

 

Cookies that are placed on our website by third parties:

 

• Google Analytics: anonymous, analytical cookies that measure the amount of website visitors.

 

Privacy Rights and How to Exercise them

 

Privacy rights

You have the right to view, correct or delete your personal data. You also have the right to withdraw your consent to the data processing or to object to the processing of your personal data by us and you have the right to data portability. This means that you can submit a request to us to send the personal data that we hold about you in a computer file to you or another organization mentioned by you.

 

How to exercise your rights

You can send a request for access, correction, removal or data transfer of your personal data or request for cancellation of your consent or objection to the processing of your personal data to info@tom-i.nl.

 

To ensure that the request for access has been made by you, we ask you to send a copy of your ID with the request. Cover your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and citizen service number in this copy, to protect your privacy.

 

We will respond to your request as soon as possible and within a maximum of thirty days.

 

We would like to point out that you have the opportunity to file a complaint with the national supervisory authority. This can be done via the following contact details:

Dutch Data Protection Authority

Bezuidenhoutseweg 30
2594 AV  Den Haag

Phone: 088 – 1805 250
autoriteitpersoonsgegevens.nl

 

 

Storage of your personal data

We are not allowed to hold on to personal data longer than necessary to achieve the purpose for which we collect it. The retention period can therefore differ per purpose. Sometimes the term can also be longer, for example to comply with our legal obligations (for example, to meet our accounting and tax obligations, we are obliged to keep your billing data for a maximum of 7 years). After the applicable retention period (s), personal data will be deleted or anonymised.

 

 

How do we protect your personal data?

We work hard to protect your personal information and privacy. In the context of every project that aims to process personal data, an assessment is first made in terms of security and the protection of personal data, in which your interests come first. We take the protection of your data serious and take appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. If you feel that your data is not properly secured or there are indications of abuse, please contact us.

 

 

We have taken the following measures to protect your personal data

 

– We only send your data through secure internet connections. You can see this at the address bar “https” and the padlock.

– Access to personal data is restricted and is actively monitored.

– All members of our Team that have access to personal data are trained to handle your data with care.

– When we transfer or receive your data on our website, we always use encryption technologies that are recognized as accepted standards within the IT sector;

– When we receive or transfer certain critical information, such as financial information or health information, we use a secure server.

– We have implemented the necessary security measures to prevent the loss, misuse or alteration of information we receive on our site;

– A secure connection is used on the pages you provide personal data on.

– Passwords are always stored hashed.

– We store as little customer data as possible and ensure that no particularly sensitive personal data is stored in our database, unless there is no other option.

– Sending personal data by e-mail is done with a a secured connection.

– We take technical and organizational measures to prevent data loss or unlawful processing (such as attacks). We therefore guarantee an appropriate security level and have our site tested periodically.

– All the systems, in which (sensitive) personal data is being processed, are equipped with antivirus software and the latest security-related patches of all other important software, as issued by the suppliers of this software.

 

 

Changes to the privacy statement

It is not inconceivable that our privacy statement will be expanded or changed in the near future. We therefore recommend that you regularly use https://www.tom-i.nl/en/privacy/

to see if changes have been made. If these changes are of a significant nature, we will ensure that they are communicated in a clear and conspicuous manner.