1. Introduction
Concepteurs B.V. and all affiliate companies (we, us or ours) attaches great importance to careful handling of your (you, your or user) personal data. As the ones responsible for processing your personal data, we ensure that your personal data is treated and secured with the most possible care. We comply with the applicable laws and regulations in all cases.
Please read through this Privacy Statement (Privacy Statement) carefully before using our mobile application “SitePodium” (the App). By using the App (which also includes downloading and installing the App), you agree to this Privacy Statement.
In this Privacy Statement we explain which data we collect when you use our App or otherwise contact us, why we collect this data and what we do with this data.
2. Data We Process with Purpose and Principles
When you use the App, or otherwise contact us, we process the personal data below for the purposes and principles as set out below.
2.1 Principles
We process personal data based on the following principles, which are included in the European Privacy Legislation:
- Permission;
- Execution of an agreement with a User;
- Legal obligation; and
- Our legitimate interests.1
2.2 The Personal Data We Process and for Which Purpose
Create an account: should you choose to create an account in the App (this is not obligatory), you need to provide: (i) your contact details (first name, last name, email address); as well as (ii) the username of your account. Depending on the type of processing, principle 2 or 4 applies.
Address functionality: you can add one or more addresses to the App, so that you are kept informed about projects in the vicinity of these addresses. Principle 1 applies.
Location functionality: you can grant temporary access to your GPS location so that relevant projects in your area are shown.2 Principle 1 applies.
Contact requests: we receive your personal data as soon as you approach us via telephone, email, our contact form, WhatsApp, social media, at a trade fair/event, or any other means of communication. We process this data in order to respond to the message that you sent us subsequently. Depending on the type of processing, principle 1 or 4 applies.
Device information: each time you visit the App, we process your device information (your temporary or permanent IP address, the model of your hardware, the version of your operating system). We process this for technical and functional management, to analyse trends, to keep our App up to date, to analyse visitor behaviour, to gain demographic insight about our visitors, and to ensure that the App is easy to use. Principle 4 applies.
Informative messages: we may use your contact details (as explained earlier) to send informative messages (not marketing communications) which are necessary for the maintenance of the App and/or for making the App available. Principle 2 applies.
Testing and analysis: we use personal data to analyse how you use the App. This includes using the data to detect and resolve errors and malfunctions on the App. Principle 4 applies.
Data aggregation: in order to minimise the processing of your personal data, we may aggregate or encrypt your personal data to create anonymous data which can no longer be traced back to a natural person afterwards. Principle 4 applies.
Other data: on top of the specifically mentioned personal data categories as recorded in this Privacy Statement, we may also process other personal data you provide us by using the App (for example, when you report a project). This includes any information you share with us voluntarily, but which does not fall into any of the other specific categories. Depending on the type of processing, principle 1 or 4 applies.
3. Personal Data Retention Period
We do not store personal data any longer than strictly necessary for the purposes for which we process them. We generally apply the following retention periods.
Type of personal data | Retention period |
Your contact details (as described earlier) | No longer than seven (7) years since your last contact with us |
Account details, like your username and passwords | For as long as your account exists and until you delete the account |
Communication with Project Managers, questions, reviews, and complaints posted by you | For as long as your account exists and up to a maximum of two (2) years after the specific project was last active |
Details related to legal proceedings | As long as it is necessary to conduct the procedure or to establish our rights in legal proceedings and up to five (5) years thereafter. |
You should note that we may retain collected data at any time in an aggregated and anonymous form for (market) research, analysis and/or fraud protection. Principle 4 applies in that case.
Should you have questions about the retention period of your personal data, please contact us via the contact details below.
4. Sharing Personal Data with Third Parties
In the cases listed below, we are permitted to share your personal data with third parties. Your personal data is not sold to third parties and/or rented out and/or passed on for commercial purposes, unless you have given permission for this.
Competent authorities: we disclose personal data to law enforcement authorities and other public authorities, when required by law or strictly necessary for the prevention, detection, or prosecution of criminal offenses and fraud. Principle 4 applies.
Transfer: we may transfer your personal data to third parties in the case of a merger, takeover, reorganisation, sale of business units, or bankruptcy of our company. In that case, we will request your permission in advance, if required by the applicable law. Principle 4 applies.
External service providers: we may share your personal data with external service providers for the purposes included in this Privacy Statement.
Service providers with whom we can share your personal data include:
- all relevant parties during construction and infrastructure projects, such as project managers;
- product support; and
- IT service providers, for hosting and maintaining the App, for example.
Should the above-mentioned organisations be regarded as a processor under the European Privacy Legislation, we will enter into a processing agreement with them. Processing of your personal data will then only take place on our instructions and under our responsibility.
5. Transfer of Your Personal Data Abroad
The App is managed and operated from The Netherlands. Should personal data be provided to a third party abroad, then this will only be done to a third party in a country which, according to the European Commission, offers an adequate level of protection for personal data. Should this adequate level of protection be lacking, we will ensure that the legally required guarantees are provided, such as concluding an EU model contract.
At the time of drawing up this Privacy Policy, your personal data is not transferred abroad.
6. Use of Cookies
This application doesn’t make use of cookies. This includes both functional as well as tracking cookies.
7. Your Data Subject Rights
As a data subject, you have a number of rights, on the basis of the European Privacy Legislation. You have the right to request a copy of your personal data (Article 15 GDPR), the right to have your personal data rectified (Article 16 GDPR), the right to have your data erased (Article 17 GDPR), and the right of restriction of processing (Article 17 GDPR). Under certain circumstances you also have the right to data portability (Article 20 GDPR). Finally, you have the right to object to the use of your data (Article 21 GDPR). If you consented to the processing of your data, you can withdraw it at any time.
Your rights are described in short below:
- Right to request a copy: you can always request a summary of the personal data that we have collected and request a copy. If we did not receive your personal data directly from you, but from a third party processing your personal details, we will inform you of the source from which this information was received;
- Right to have your personal data rectified: you can always request your data to be corrected or supplemented if it has been processed incorrectly and/or incompletely in our administration;
- Right to have your data erased: you can always request to have your data erased in case you do not want us to store certain details about you. This is also called ‘the right to be forgotten’;
- Right of restriction: you can always request a temporary halt to the processing of your personal data or limit the use thereof;
- Right to transfer: you can always request your personal data and/or transfer it to a third party. This is also called the right to data portability. Your personal data will then be sent to you or the third party designated by you in a readable format; and
- Right to object: you can (under certain circumstances) object to (further) processing of your personal data.
If you created an account, a large part of your personal data can be found in your own account. You can log in there and adjust your data. To access data that are not in your account, you can contact us directly using the contact details below.
It is possible that invoking one of the rights means that you can no longer use all the functionalities of the App.
We are entitled to refuse a request in case we have a legitimate and/or compelling interest in doing so or if cooperation with that request may be refused on another legal basis.
8. Complaints
We are happy to assist you in case you have complaints about the processing of your personal data. In the event of a complaint, we ask you to contact us directly via the contact details below. Under the European Privacy Legislation, you also have the right to directly file a complaint about the way we process personal data with the Dutch Data Protection Authority.
9. Security of Your Personal Data
We try to do everything we can to protect your personal data and we use technical and organisational security measures to protect the personal data managed by us against manipulation, loss, destruction, and unauthorised access. These security measures are continuously improved in line with technological developments.
The measures we have taken include:
- all personal data entered into the App is encrypted and sent via a secure connection;
- access to personal data is limited to persons who actually need access to the personal data to perform their tasks within our company;
- access to personal data is protected;
- persons who have access to personal data are aware of the importance we attach to careful handling with and protection of personal data;
- persons who have access to personal data are bound by a confidentiality agreement;
- the App is continuously updated with the latest security updates.
To safeguard the protection of our personal data, we recommend you to immediately carry out all updates made available by us for the App, or to give permission for updates to be carried out automatically. If you are under the impression that your data are not sufficiently protected or that there are indications for a data breach, we recommend you to contact us via the contact details below.
The App may contain links to external websites operated by other companies. It is possible that they collect personal information of persons visiting their website. We cannot offer any guarantees regarding the privacy policy of external websites and are not responsible for those websites.
10. Obligation to Report Data Breaches
Even though we process your personal data with the utmost care and your personal data is stored securely, a data breach may occur. Should a data breach occur with us, we will first determine whether and to what extent there may be a high risk to your rights and freedoms. In such a case, we will report this within seventy-two (72) hours to the Dutch Data Protection Authority.
Insofar as we are obliged to do so under relevant legislation, in the event of a data breach we will also inform you about:
- The type of breach related to your personal data;
- The possible consequences of the breach;
- The measures to be taken (and already taken) by us to limit the consequences of the breach.
11. Amendments
We reserve the right to amend this Privacy Statement. However, we do not limit your rights under this Privacy Statement without your express consent. You can find the most current version of this Privacy Statement in the App at any time. We recommend that you regularly check whether an updated version is available.
12. Our Contact Details
If you have any questions or complaints about the use of your personal data or about our Privacy Statement, you can contact us via the contact details below. Alternatively, you can also contact our privacy officer directly.
Concepteurs B.V.
Leusderend 4
3832 RC Leusden
The Netherlands
Dutch Chamber of Commerce number: 57364699
Website: https://www.sitepodium.com
Email: info@sitepodium.nl
Phone Number: +31(0)85 3011 513
13. Privacy Officer
Paul Frankenhuizen
Email: paul@concepteurs.nl
Phone Number: +31 6 23 88 27 87
14. Version
This Privacy Statement was last changed on the 8th of September 2023.
1 With legitimate interests we mean, amongst other things: security, auditing, fraud detection, (crime) prevention, (market) research into and analysis and improvement of our services, internal management, legal affairs, and business management. The principle applicable to a specific type of processing is always indicated below it.
2 Your GPS location is not stored or linked to your account.