During the performance of the services provided by Joore NV, Joore Holding BV, Holding Combinatie Samenwerkende Accountants BV, SMA Joore BV, SMA Accountants NV and Joore Incontrol BV (referred to below as: Joore) various information is processed. This information also includes data relating to identified or identifiable natural persons (personal data).
Joore considers it highly important that personal data of its clients, suppliers and other business connections is handled with great care. That is why personal data is processed and secured with utmost care, and as part of this we obviously act in accordance with legislation and regulations in the field of the protection of personal data, including the General Data Protection Regulation (GDPR), so that the protection of the privacy of those concerned is appropriately ensured. The operating activities of Joore are conducted in The Netherlands and [their data] is stored on servers in the European Economic Area (EEA)
In this Privacy Statement you will find a summary of when and the way in which we handle your personal data. Use of our services is subject to a separate privacy statement, which you will receive from us if you wish to use our services. It is also available to you at our website.
It is advisable to check our Privacy Statement periodically because the provisions of this Privacy Statement are subject to modification.
Tilburg, 25 September 2018
|Data subject||The natural person to whom the personal data relates.|
|Client||A natural person or legal entity with whom Joore has concluded an agreement as a contractor.|
|Supplier||A natural person or legal entity with whom Joore has concluded an agreement as a principal.|
|Business Connection||A natural person or legal entity with whom Joore maintains relations, including a (potential) Client or Supplier.|
|Processor||A natural person or organization which processes personal data on behalf of the Controller.|
|Processing||Any (set of) operations which is performed on personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, erasure or destruction of data.|
|Controller||The party which, alone or jointly with others, determines the purposes and means of the processing of personal data.|
This Policy describes how Joore processes personal data which have been obtained from its business connections.
This Policy applies in particular to situations in which Joore qualifies as a controller and the Policy is not exhaustive. In case additional policies apply separate information will be made available to data subjects.
Joore collects only the personal data that is necessary to comply with your request. In case additional, voluntary data is collected you will be notified of that.
Privacy legislation, including the General Data Protection Regulation (“GDPR”) allows processing of personal data in case it relies on one of the legal bases contained in the GDPR. In case we process personal data this processing will take place on one of the following bases:
- personal data may be processed if processing is necessary for the performance of an agreement with a data subject.
- Processing of personal data is necessary to comply with statutory obligations such as record-keeping for tax purposes or providing information to a public institution or enforcing authority.
You have given your specific and explicit permission for the processing of your personal data for a specific purpose. For instance for sending you content by email for the purpose of marketing, including invitations to events that are organized by Joore. We shall process your personal data only for the purpose for which we have obtained your permission. In that case you can withdraw your permission at any point in time through email@example.com. Joore collects data of its business connections only if they opt to make this data available to us or in case this is necessary or admissible on the basis of legislation and regulations. You may have offered personal data to us at an earlier point in time for specific services which are offered by Joore. We collect personal data only in case you provide said data to Joore voluntarily for the purpose of sending you information and/or offering services to you. Joore does not use any cookies, web beacons and other additional technology to automatically collect types of information. Should you have any questions on this, please contact firstname.lastname@example.org.
3. Processing of personal data of business connections
Joore offers various services, which can be categorized in the following sub-fields:
- Audit and review engagements and other assurance engagements;
- Compilation engagements and other non-assurance engagements;
- Transaction-related consulting services;
- Wage administration;
- Tax return practice; and
- Tax and other consulting services.
In addition to that we obtain personal data in case you apply for a job with us.
Due to the nature of our services Joore will obtain various personal data from. Ensuring the privacy and confidentiality of the information that is entrusted to us is highly important to us. That is why we make every effort to guarantee the protection and appropriate use of your personal data.
4. The way in which Joore collects, uses, discloses and protects personal data
Because we like to provide high quality service and are obliged to comply with legal (quality) requirements we will request from our business connections such data that are relevant for that purpose. This personal data is not used for purposes other than those for which this data was initially provided to us, unless we have obtained specific permission to do so or if it is necessary for Joore to comply with mandatory obligations, professional standards or quality requirements, for the optimization of the quality of our services or in order to inform you of our other services.
We may also use the data concerned for several engagements, however, only in case we have obtained your express permission to do so. As indicated above we offer various services, for the purpose of which we collect various personal data. This data may differ for every engagement. Below you will find a schedule of the data we collect for each category of data subjects.
Processing takes place for the purpose of entering into and/or maintaining relations and/or any procedures for the purpose of concluding an agreement with a potential client.
Personal data of potential clients are processed for the purpose of entering into or performing an agreement to which the potential client concerned is (or may be) a party, but only on the basis of permission obtained from the potential client concerned.
Joore may process personal data of potential clients for the purpose of entering into and maintaining relations with potential clients. This also includes e.g. inviting potential clients to events.
In addition to that Joore may process personal data for the purpose of compliance with a mandatory obligation.
Processing takes place for the purpose of:
Personal data of clients are processed for the purpose of performing an agreement or the promotion of legitimate mutual interests.
Personal data of clients may also be processed for the purpose of compliance with a mandatory obligation.
Processing takes place for the purpose of:
Personal data of suppliers are processed for the purpose of performance of an agreement to which the supplier concerned is a party or for the promotion of legitimate mutual interests.
Personal data of suppliers may also be processed for the purpose of compliance with a mandatory obligation.
In addition to that we obtain personal data in case you apply for a job with us. If you send us a résumé for an online application we will use the information provided by you in order to check whether a suitable vacancy for you is available with Joore. If you request information about Joore from us by email, we will use your email address and other information you provide to us in order to be able to respond to your request.
5. Disclosing and transferring personal data
We do not disclose any personal data with any third parties except when this is necessary to be able to comply with your request, for our legitimate and professional purposes or if it is required or permitted by law, professional standards or quality rules. For instance, Joore may in some cases share your personal data with external enterprises or service providers who are working on behalf of Joore in order to comply with your request.
Joore may transfer personal data to other member firms or external enterprises abroad, which cooperate with us or work on behalf of Joore.
Transfer of personal data abroad by Joore will take place in accordance with European (and Dutch) privacy legislation.
Joore may process personal data in connection with the transfer of services, as part of which the personal data is processed. Joore is also obliged to disclose personal data in case this is required by law, a court order or a government decision. In addition to that personal data may also be necessary for privacy or security audits or in order to perform an investigation concerning a complaint or a threat to security. Joore does not sell any personal data to third parties.
Neither will Joore transfer any personal data obtained from you, to third parties for the own direct marketing purposes of third parties.
If you have made any personal data available to Joore you will in most cases have the right to inspect this personal data and to rectify any inaccuracies.
You also have the right to object to processing of your personal data by Joore if we are not or no longer authorized to use this data. In addition to that you have the right to erasure of the personal data relating to you, in case it is your opinion that we store this data too long. In certain circumstances you also have the right to restrict processing of your personal data by Joore or to have Joore transfer your data in a computer/machine-readable format (data portability).
You can also submit a request to exercise the rights described in this policy by contacting email@example.com
Joore shall make every reasonable effort to comply with the request, as long as it complies with applicable law and professional standards. Depending on the complexity and number of requests we may extend this term by no more than two months. However, Joore may not be obliged to comply with your request in certain cases, for instance in case we have a legal reason to process your data.
7. Security and retention period of data
Joore has security processes and procedures in place in order to protect personal data and in that way guarantee confidentiality, integrity and availability. We shall restrict access to personal data to those who are involved in providing services to you on behalf of Joore and those who are otherwise authorized within the framework of privacy legislation. The individuals who have access to that personal data are obliged to maintain the confidentiality of such data.
We also guarantee that your personal data is retained only for as long as is necessary to provide services to you, as is legally permitted or until we are requested to erase the personal data.
A legal retention period is e.g. the legal duty to keep tax records which includes a retention period of seven years, as part of which Joore is obliged to retain (personal) data that is relevant for tax purposes. The regulations that apply to accountants also prescribe a retention period of seven years (or more) for certain documents.
Other Personal data will not be retained for more than three months after the purposes, for which this personal data has been collected have been achieved, unless agreed otherwise by Joore and the data subject.
8. Links to other websites
If you have any request concerning the processing of your Personal Data or if you wish to submit an objection to that, please send your remarks or objection by email to firstname.lastname@example.org.
10. Modification of this policy
The latest version of this Policy is always available to you through the website. This Policy was last modified on: 25 September 2018.