Turning Breakthrough Science into Business

Privacy policy

Privacy statement Delft Enterprises B.V.

Delft Enterprises B.V. processes personal data. This privacy statement provides you with information about the purposes for which Delft Enterprises processes personal data and about exercising your privacy rights. We also provide further information that may be of importance to you.

The privacy statement applies to all Delft Enterprises activities. We have included the most relevant information on each topic.

Delft Enterprises takes the utmost care with personal data and in doing so acts within the law, including the General Data Protection Regulation (GDPR).

Data controller and responsibility

Under the GDPR, Delft Enterprises is the data controller. Delft Enterprises considers it to be of essential importance that the personal data of its employees and its (business) relations is processed and secured with the utmost possible care. Delft Enterprises aims to be open about the way in which it processes your data. That is why this is explained below. In all cases, Delft Enterprises aims to meet the requirements and obligations of the GDPR.

For which purposes does Delft Enterprises process your personal data?

The personal data collected by Delft Enterprises is used for internal and external operational purposes and human resource management.

The most important processes for which Delft Enterprises uses personal data are:

  1. external operational purposes: entering into and executing agreements with third parties, including related corporate and notary actions and registrations with the Dutch chamber of commerce, maintaining and expanding (business) relations;
  2. internal operational purposes: internal organization, including with regard to its internal corporate bodies (board of directors, general meeting of shareholders, supervisory board), including all related corporate and notary actions and registrations with the Dutch chamber of commerce, internal and external communication, website;
  3. human resource management: entering into and executing agreements with employees, HR management, data concerning performances, recruitment and selection of new employees and applicants.

Delft Enterprises records all processes in which personal data is processed in a register of processing activities.

Whose personal data does Delft Enterprises collect?

In the processes listed above, Delft Enterprises collects data from the following categories of parties:

  1. members of its board of directors, general meeting of shareholders, supervisory board;
  2. employees (including self-employed persons), job applicants;
  3. third parties: TU Delft employees, students, entrepreneurs, investors, other (business) relations.

What personal data does Delft Enterprises collect?

Different personal data is collected in each process, the most frequent being the following:  

  • name;
  • address;
  • telephone number;
  • email address;
  • date of birth;
  • place of birth;
  • signature;
  • bank account number (IBAN).

Delft Enterprises collects personal and other data directly from the individual involved, but it can also receive personal data via third parties insofar as this is in accordance with the law.

How does Delft Enterprises ensure that personal data is handled confidentially?

Delft Enterprises handles personal data confidentially. Delft Enterprises takes appropriate technical and organisational measures to ensure that personal data is protected. Delft Enterprises will only share personal data in accordance with its privacy statement and only with third parties if this is authorised and is done with care.

Providing and withdrawing permission

Delft Enterprises offers some activities that require your explicit permission. This may, for example, contact details of our business relations. Your data will be used only if you have given explicit permission for this. In this regard, you will always be notified of the purposes for which your data will be used, which data is involved and to whom it will be provided. If you give Delft Enterprises permission to use personal data, you are also entitled to withdraw this permission at a later stage. Withdrawal cannot apply retrospectively.

Sharing of data with third parties

Third parties may provide certain services, on behalf of Delft Enterprises, in executing an agreement. Delft Enterprises makes agreements with these data processors in order to guarantee confidential and careful handling of personal data. These agreements are laid down contractually in data processor agreements.

Passing on your data outside the EU

Delft Enterprises does not provides personal data to countries outside the EU.

How long is data retained?

Delft Enterprises retains your personal data in accordance with the GDPR. The data is retained in accordance with the statutory retention period and for no longer than is strictly necessary in order to achieve the purposes for which the data was collected.

How can you consult, correct or delete your data?

You can submit a request to Delft Enterprises to consult or correct your data, clearly indicating that you are making the request on the grounds of the GDPR. You can also ask to have your data deleted, insofar as Delft Enterprises is still able to meet its statutory obligations, such as the statutory retention periods.

Technical security

Delft Enterprises applies appropriate security technology in order to provide optimum protection for your personal data against unauthorised access or use. Delft Enterprises takes technical and organisational measures in order to secure personal data against unauthorised access.

Questions

If, after reading this information, you have specific questions or comments about Delft Enterprises’ privacy statement, please do not hesitate to contact us. You can e-mail privacy-holding@tudelft.nl to do this.