Privacy and Cookie Statement of Topscriptie B.V.
Where “we” or “our” is mentioned, it refers to our company, the private limited company Topscriptie B.V., located in Schiedam and registered with the Chamber of Commerce under number 78762723. If you have questions regarding the protection of your (personal) data, please email us at mirjam@topscriptie.nl.
General
This statement applies solely to our services. Please be aware that we are not responsible for the privacy and/or cookie policies of any other organizations and companies mentioned on the website www.topscriptie.nl (hereinafter: the website) or third-party services we use or link to. The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) is the national supervisory authority for the protection of your personal data. For more information, we kindly refer you to the AP’s website www.autoriteitpersoonsgegevens.nl.
Personal Data: What Are They?
Personal data is information about a person that can identify or trace that person. It may relate directly to that individual or lead to them when combined with other information. Importantly, data about deceased individuals and companies (with the exception of sole proprietorships, partnerships, or associations) are not considered personal data.
Use of (Personal) Data
Through the website, you can provide your (company)(personal) data. As a (potential future) customer, we also collect some of your (personal) data (for example, through the contact form on the website). It is important for you to be aware of how we handle (personal) data, what rights you have, and how you can express your wishes regarding your (personal) data. The (personal) data we receive from you will be treated confidentially so that they do not fall into the wrong hands. However, it may occasionally happen that your (personal) data is shared with others because they assist us in our business operations.
Personal Data We May Collect
Below is an overview of the (personal) data we may process from you. This information has been provided by you or can be inferred from public registers or social media. We recommend not providing privacy-sensitive information via the contact form.
Why Is Processing Personal Data Necessary?
Processing personal data without a justified purpose is not allowed. For example, we may process personal data because you provided it to us yourself. These purposes must then be justified. The GDPR outlines six grounds to determine if the purposes are justified:
|
Purpose |
Legal |
|
1. To process |
Because this |
|
2. To contact |
Because this |
|
3. To handle |
Because there |
|
4. To respond |
Because this |
|
5. To refine |
Because there |
|
6. In case of |
For |
|
7. To receive |
Because this |
|
8. Because we |
Because you |
Special and/or Sensitive Personal Data
We do not process sensitive personal data from customers, stakeholders, or website visitors other than indicated in this statement. Occasionally, we may receive health data that you provide yourself, for example, if it is relevant to the duration of your thesis project. We do not intend to collect data about website visitors under the age of 18 unless they have consent from a parent or guardian. However, we cannot always verify whether a visitor is over 18.If you believe we have collected personal data about a minor without consent, please contact us, and we will remove the information.
How Long Your Data Is Retained
We do not retain your personal data longer than strictly necessary to achieve the purposes for which the data are collected. We adhere to the following retention periods:
|
Personal |
Retention |
Reason |
|
First and |
7 years (Tax |
To comply |
|
Address |
7 years (Tax |
To comply |
|
Phone number |
As long as |
To contact |
|
Payment |
7 years (Tax |
To comply |
|
Email address |
As long as |
To inform you |
|
(Email) |
As long as |
To retrieve |
|
Age, health |
As long as |
Necessary for |
|
Response on social |
Indefinitely |
When you |
|
Social media |
Indefinitely |
To respond to |
|
Other |
As long as |
Necessary for |
Sharing Data with Third Parties/Others
Your data will not be sold to third parties, and your information will only be provided if necessary for executing the agreement with you, if you have given consent for this, or to comply with a legal obligation. With companies that process data on our behalf (processors), we will at least enter into a processing agreement to ensure a similar level of security and confidentiality for your data. We remain responsible for such processing. With third parties who are themselves responsible for processing personal data (data controllers), we do not need to enter into an agreement.
We share personal data with the following third parties:
|
Third
Party |
Category |
Purpose
of Sharing |
Data
Shared |
|
Hosting
provider |
Processor |
For backing
up the website |
Full website
backup |
|
Website
provider |
Processor |
For hosting
the website |
Encrypted
data |
|
Email
provider |
Processor |
For hosting
emails |
Encrypted
data |
|
Bank |
Data
Controller |
To generate
payments |
Bank account
number, (company) name, address details, email address |
|
Accounting
system |
Processor |
To maintain
accounting |
Bank account
number, (company) name, address details, email address |
|
Payment
provider |
Processor |
To receive
(online) payments |
Bank account
number, (company) name, address details, email address |
|
Accountant |
Processor |
To assist us
with accounting |
Bank account
number, (company) name, address details, email address |
|
IT specialist |
Processor |
To optimize
(settings of) the website |
Name, email
address, access to host, user access to website itself, login details |
|
WhatsApp |
Processor |
Our chatbot
via WhatsApp |
(Company)
name, phone number, information you provide yourself |
|
Review sites |
Data
Controller |
To post
reviews |
Name, email
address and other information you provide yourself |
Transfer to Third Countries
We strive to process personal data within the EEA as much as possible; however, sometimes we cannot avoid using services outside the EEA (such as social media use or Google/Microsoft Office). These companies are located in countries deemed adequate by the European Commission. We have entered into processing agreements with all processors both within and outside the EEA. The parties are part of the EU-US Data Privacy Framework established by the U.S. Department of Commerce. This means there is an appropriate level of protection for processing any personal data.
Social Media
When you interact with our social media channels, such as Instagram, Facebook, LinkedIn, and possibly other platforms, we may collect certain information. This can include details such as your username, profile picture, messages you send to us, and other data you share publicly. This information is collected in accordance with the privacy policies of the respective social media platforms.
Use of AI
In certain cases, we utilize artificial intelligence (AI) to enhance and make our services more efficient. The use of AI is always in compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR). We ensure that personal data processed through AI systems is secured and not used beyond what is strictly necessary for the intended purpose.
Your Right to Access, Modify, or Delete Data
You have the right to access, correct, or delete your personal data. Such requests can be sent to us via email. We will respond to your request as soon as possible, but in any case, within one month. If your request is disproportionate or very specific, the timeframe may be extended by 2 months.
Your Rights to Withdraw Consent, Object, and Data Portability
You have the right to withdraw any consent you have given for data processing or to object to the processing of your personal data by us. You also have the right to data portability, meaning you can request that your personal data be sent to you or another organization you specify in a computer file format.
Security Measures
We take adequate and appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure, and unlawful alteration of your data. Here’s a summary of our security measures:
Concerns About Security or Misuse of Your Data?
If you believe that your data is not adequately secured or if there are indications of misuse, or if you wish for more information regarding the security of personal data, please contact us via email.
Your Right to File a Complaint
Finally, we want to inform you that you have the option to file a complaint with the national supervisory authority if you believe we do not comply with privacy regulations as stated in the GDPR. The national supervisory authority is the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). You can file a complaint here.
Cookies
The website uses various cookies. By having this cookie statement, we not only comply with obligations under the Telecommunications Act & Cookie Act (upcoming e-Privacy Regulation), but you also know exactly how to manage these cookies.
What Is a Cookie?
A cookie is a small text file that is stored on your computer, tablet, smartphone, smartwatch, etc., during your first visit to the website. Cookies primarily ensure that the website functions properly. For example, cookies remember your settings and help optimize the website.
Functional and Analytical Cookies
The website uses functional cookies and analytical cookies that do not infringe on your privacy. Consent from you is not required for placing functional cookies. Analytical cookies provide us insight into how the website is used; no consent from you is required for placing analytical cookies. The website does not use any other cookies.
Permanent Cookie
A permanent cookie allows the website to recognize you on a subsequent visit. This is a functional cookie that enables the website to be tailored specifically to your preferences. If you have consented to cookie placement, this can also be remembered by a cookie. This way, you do not need to repeat your preferences each time, saving time and enhancing your experience on the website. Permanent cookies can be removed via your browser settings.
Session Cookie
A session cookie allows us to see which parts of the website you have viewed during your visit. This is also a functional cookie that enables customization based on your preferences. We can thus adapt our service as much as possible according to visitors’ browsing behavior. These cookies are automatically deleted once you close your web browser.
Site Improvement Cookie
A site improvement cookie allows us to test different pages of the website. This functional cookie helps us determine which page receives the most visits. We can adjust our service according to visitors’ browsing behavior.
Analytical Cookies: Google Analytics
The website places a cookie from Google Inc., as part of its “Analytics” service. This is used to track and report on how visitors use the website. We have configured Google Analytics so that statistics are anonymous and cannot be traced back to any individual. Google may provide this information to third parties if legally obligated or if third parties process information on behalf of Google. We have no influence over this and have not permitted Google to use information obtained via our website for other services. The retention period is 14 months. More information can be found here along with opt-out options here.
The information collected by Google is anonymized as much as possible. The data collected by Google is transferred to and stored on servers in the United States (outside the EEA). Google is part of the EU-US Data Privacy Framework established by the U.S. Department of Commerce. This means there is an appropriate level of protection for the processing of any personal data.
Google reCAPTCHA V3
Additionally, the website uses Google reCAPTCHA V3 to prevent spam submissions. First, reCAPTCHA V3 checks if a Google cookie has previously been placed on your device. Then, a cookie is added to your browser, and a complete snapshot of the browser window is taken, capturing every pixel. For analysis, Google collects browser and user information, which includes:
The information collected by Google is transferred to and stored on servers in the United States (outside the EEA). Google is part of the EU-US Data Privacy Framework established by the U.S. Department of Commerce. This means there is an appropriate level of protection for the processing of any personal data. We have not permitted Google to use information obtained through our website for other (Google) services. The retention period for this data is 26 months, and we have no influence over this. More information can be found in Google’s privacy policy.
Refusing, Blocking, and Deleting Cookies
You can refuse cookies, block cookies, and unsubscribe from cookies. You do this by configuring your internet browser not to store cookies anymore. You can always easily block and delete cookies via your internet browser. You can also set your internet browser to notify you when a cookie is placed. You can indicate that certain cookies should not be placed. For these options, refer to your browser’s help function, as how you adjust settings varies by browser. Consult your browser’s help function if necessary. Please note: if you delete cookies in your browser, it may affect your pleasant use of the website. Be aware that if you do not want cookies, we cannot guarantee that the website will function properly. Some features of the site may be lost, or you may even be unable to visit the website at all.
Unexpected Cookies
In some cases, it may happen that cookies are placed by others through our websites, of which we are not always aware. If you encounter unexpected cookies that you cannot find in this statement, please let us know via email. You can also directly contact the third party and ask which cookies they placed, what their purpose is, what the lifespan of the cookie is, and how they safeguard your privacy.
Changes
The texts on the website can be adjusted at any time due to ongoing developments. This also applies to our privacy-cookie statement. This version is from November 25, 2024, and if there are changes, we will always post the latest version on the website.
