Admin login

SitePodium

Sustainable Community Engagement

1. Introduction

Concepteurs B.V. and all affiliate companies (we, us or ours) place great importance to careful handling of your (you or your) personal data. As the ones responsible for processing your personal data, we ensure that your personal data is treated and secured with the most possible care. We comply with the applicable laws and regulations in all cases.

Please read through this Privacy Statement (Privacy Statement) carefully before using our services (the Services), including: the Admin Module of SitePodium (https://portal.sitepodium.com/) (the Admin Module). By using the Services, you agree to this Privacy Statement.

In this Privacy Statement we explain which data we collect when you use our Services or otherwise contact us, why we collect this data and what we do with this data.

2. Data We Process with Purpose and Principles

In the context of delivering the Services, we process the personal data below for the purposes and principles as set out below.

2.1 Principles

We process personal data based on the following principles, which are included in the European Privacy Legislation:

  1. Permission;
  2. Execution of an agreement with a User;
  3. Legal obligation; and
  4. Our legitimate interests.1.

2.2 The personal data we process and for what purpose

Create an Admin Account: for creating an account, you need to provide: (i) your contact details (first name, last name, email address, phone number); as well as (ii) the username of your account; (iii) the password of your account; and, if you purchase Services through your employer/client: (iv) the name of the company of your employer/client. Depending on the type of processing, principle 2 or 4 applies.

Contact requests: we receive your personal data as soon as you approach us via telephone, email, our contact form, WhatsApp, social media, at a trade fair/event, or any other means of communication. We process this data in order to respond to the message that you sent us subsequently. Depending on the type of processing, principle 1 or 4 applies.

Informative messages: we may use your contact details (as explained earlier) to send informative messages (not marketing communications) which are necessary for the delivery of the Services. Principle 2 applies.

Testing and analysis: we use personal data to analyse how you use the Admin Module. This includes using the data to detect and resolve errors and malfunctions on the Platform. Principle 4 applies.

Data aggregation: in order to minimise the processing of your personal data, we may aggregate or encrypt your personal data to create anonymous data which can no longer be traced back to a natural person afterwards. Principle 4 applies.

Marketing: to the extent permitted by applicable law, we may use your personal data (as described earlier) for marketing communications, such as newsletters. You can unsubscribe from this at any time. The newsletter may also contain information and offers from other parties. Every newsletter contains a link which you can use to unsubscribe from our newsletter. The database with subscribers to the newsletter will not be provided to third parties unless you have given us explicit permission to do so. Depending on the type of processing, principle 1 or 4 applies.

Other data: on top of the specifically mentioned personal data categories as recorded in this Privacy Statement, we may also process other personal data you provide us in the context of your use of the Admin Module (for example, when you report a project). This includes any information you share with us voluntarily, but which does not fall into any of the other specific categories. Depending on the type of processing, principle 1 or 4 applies.

3. Personal Data Retention Period

We do not store personal data any longer than strictly necessary for the purposes for which we process them. We generally apply the following retention periods.

Type of personal data Retention period
Your contact details (as described earlier) No longer than seven (7) years since your last contact with us
Account details, like your username and passwords For as long as your account exists and until you delete the account
Communication with Project Managers, questions, reviews, and complaints posted by you For as long as your account exists and up to a maximum of two (2) years after the specific project was last active
Newsletter preferences Subscriptions and/or unsubscriptions for a period of five (5) years, the (sent) newsletters for a maximum of seven (7) years
Details related to legal proceedings As long as it is necessary to conduct the procedure or to establish our rights in legal proceedings and up to five (5) years thereafter.

You should note that we may retain collected data at any time in an aggregated and anonymous form for (market) research, analysis and/or fraud protection. Principle 4 applies in that case.

Should you have questions about the retention period of your personal data, please contact us via the contact details below.

4. Sharing Personal Data with Third Parties

In the cases listed below, we are permitted to share your personal data with third parties. Your personal data is not sold to third parties and/or rented out and/or passed on for commercial purposes, unless you have given permission for this.

Competent authorities: we disclose personal data to law enforcement authorities and other public authorities, when required by law or strictly necessary for the prevention, detection, or prosecution of criminal offenses and fraud. Principle 4 applies.

Transfer: we may transfer your personal data to third parties in the case of a merger, takeover, reorganisation, sale of business units, or bankruptcy of our company. In that case, we will request your permission in advance, if required by the applicable law. Principle 4 applies.

External service providers: we may share your personal data with external service providers on our behalf as necessary to provide the Services for the purposes included in this Privacy Statement.

Service providers with whom we can share your personal data include:

  1. Product support; and
  2. IT service providers, for hosting and maintaining the Admin Module, for example.

Should the above-mentioned organisations be regarded as a processor under the European Privacy Legislation, we will enter into a processing agreement with them. Processing of your personal data will then only take place on our instructions and under our responsibility.

5. Transfer of Your Personal Data Abroad

Our Services are mainly managed and operated from The Netherlands. Should personal data be provided to a third party abroad, then this will only be done to a third party in a country which, according to the European Commission, offers an adequate level of protection for personal data. Should this adequate level of protection be lacking, we will ensure that the legally required guarantees are provided, such as concluding an EU model contract.

At the time of drawing up this Privacy Policy, your personal data will only be transferred abroad in the following context:

The services that The Rocket Science Group LLC (trading under the name of Mailchimp) – subsidiary of Intuit Inc. – provides in the field of email marketing (including but not limited to creating and maintaining mailing lists, newsletters and marketing campaigns). Mailchimp is located in Atlanta, Georgia, United States, at 675 Ponce De Leon Avenue NE Suite 5000. We have entered into a processing agreement with Mailchimp in which Mailchimp has committed to processing personal data in accordance to the Standard Contractual Clauses for the processing of personal data as established by the European Commission.

6. Use of Cookies

We use cookies in the Admin Module. By clicking on ‘Ok’ at the cookie notification in the Admin Module or by continuing to use the Admin Module, you consent to the placement of cookies. A cookie is a simple small file that a website stores on your hard drive via your browser. Information is stored in a cookie. Various types of cookies can be used per visit. For more information about our use of cookies, please refer to our Cookie Statement

7. Your Data Subject Rights

As a data subject, you have a number of rights, on the basis of the European Privacy Legislation. You have the right to request a copy of your personal data (Article 15 GDPR), the right to have your personal data rectified (Article 16 GDPR), the right to have your data erased (Article 17 GDPR), and the right of restriction of processing (Article 17 GDPR). Under certain circumstances you also have the right to data portability (Article 20 GDPR). Finally, you have the right to object to the use of your data (Article 21 GDPR). If you consented to the processing of your data, you can withdraw it at any time.

Your rights are described in short below:

  • Right to request a copy: you can always request a summary of the personal data that we have collected and request a copy. If we did not receive your personal data directly from you, but from a third party processing your personal details, we will inform you of the source from which this information was received;
  • Right to have your personal data rectified: you can always request your data to be corrected or supplemented if it has been processed incorrectly and/or incompletely in our administration;
  • Right to have your data erased: you can always request to have your data erased in case you do not want us to store certain details about you. This is also called ‘the right to be forgotten’;
  • Right of restriction: you can always request a temporary halt to the processing of your personal data or limit the use thereof;
  • Right to transfer: you can always request your personal data and/or transfer it to a third party.  This is also called the right to data portability. Your personal data will then be sent to you or the third party designated by you in a readable format; and
  • Right to object: you can (under certain circumstances) object to (further) processing of your personal data.

If you created an account, a large part of your personal data can be found in your own account. You can log in there and adjust your data. To access data that are not in your account, you can contact us directly using the contact details below.

It is possible that invoking one of the rights means that you can no longer use all the functionalities of the Admin Module.

We are entitled to refuse a request in case we have a legitimate and/or compelling interest in doing so or if cooperation with that request may be refused on another legal basis.

8. Complaints

We are happy to assist you in case you have complaints about the processing of your personal data. In the event of a complaint, we ask you to contact us directly via the contact details below. Under the European Privacy Legislation, you also have the right to directly file a complaint about the way we process personal data with the Dutch Data Protection Authority.

9. Security of Your Personal Data

We try to do everything we can to protect your personal data and we use technical and organisational security measures to protect the personal data managed by us against manipulation, loss, destruction, and unauthorised access. These security measures are continuously improved in line with technological developments.

The measures we have taken include:

  • All personal data entered into the Admin Module is encrypted and sent via a secure connection;
  • Access to personal data is limited to persons who actually need access to the personal data to perform their tasks within our company;
  • Access to personal data is protected;
  • Persons who have access to personal data are aware of the importance we attach to careful handling with and protection of personal data;
  • Persons who have access to personal data are bound by a confidentiality agreement;
  • The Admin Module is continuously updated with the latest security updates.

To safeguard the protection of our personal data, we recommend you to immediately carry out all updates made available by us for the Admin Module, or to give permission for updates to be carried out automatically. If you are under the impression that your data are not sufficiently protected or that there are indications for a data breach, we recommend you to contact us via the contact details below.

The Admin Module may contain links to external websites operated by other companies. It is possible that they collect personal information of persons visiting their website. We cannot offer any guarantees regarding the privacy policy of external websites and are not responsible for those websites.

10. Obligation to Report Data Breaches

Even though we process your personal data with the utmost care and your personal data is stored securely, a data breach may occur. Should a data breach occur with us, we will first determine whether and to what extent there may be a high risk to your rights and freedoms. In such a case, we will report this within seventy-two (72) hours to the Dutch Data Protection Authority.

Insofar as we are obliged to do so under relevant legislation, in the event of a data breach we will also inform you about:

  • The type of breach related to your personal data;
  • The possible consequences of the breach;
  • The measures to be taken (and already taken) by us to limit the consequences of the breach.

11. Amendments

We reserve the right to amend this Privacy Statement. However, we do not limit your rights under this Privacy Statement without your express consent. You can find the most current version of this Privacy Statement in the Admin Module at any time. We recommend that you regularly check whether an updated version is available.

12. Our Contact Details

If you have any questions or complaints about the use of your personal data or about our Privacy Statement, you can contact us via the contact details below. Alternatively, you can also contact our privacy officer directly.

Concepteurs B.V.
Leusderend 4
3832 RC Leusden
The Netherlands

Dutch Chamber of Commerce number: 57364699
Website: https://www.sitepodium.com
Email: info[at]sitepodium[.]com
Phone Number: +31(0)85 3011 513

13. Privacy Officer

Paul Frankenhuizen
Email: paul[at]concepteurs[.]nl
Phone Number: +31 6 23 88 27 87

14. Version

This Privacy Statement was last changed on the 5th of September 2023.

1. With legitimate interests we mean, amongst other things: security, auditing, fraud detection, (crime) prevention, (market) research into and analysis and improvement of our services, internal management, legal affairs, and business management. The principle applicable to a specific type of processing is always indicated below it.