Node1 ensures that the personal information that we process is treated confidentially. Personal data is processed in a manner that is consistent with the requirements of the General Data Protection Regulation (GDPR). You can find the previous version of the privacy statement here.
The services of Node1 consist of giving advice to improve business processes. We do this in tailor-made projects. It is not our goal to collect personal data. Prior to and during a project we communicate with you by phone/mail and at the end of a project we invoice you.
Name, phone number, e-mail address.
For this processing, we rely on the legal basis Necessary for the performance or conclusion of a contract (Art. 6.1b GDPR). Without this personal data, we cannot provide you with any services.
The data will be deleted at the latest seven years after the last contact.
It may happen that we unintentionally receive personal data during an assignment. In that case, we will ensure that your personal data is processed in a proper and careful manner in accordance with the GDPR.
In our RPA engagements with UiPath, Node1 is neither a Controller nor a Processor. Consultants of Node1 work under the direct instruction and authority of the customer, which means that section 78 of the "EDPB Guidelines 07/2020 on the concept of controller and processor in the GDPR (version 2.0)" applies. Thus, in this situation, Node1 does not process personal data as a separate entity on behalf of a customer.
Personal data of employees of Node1 are processed:
a) for salary administration;
b) in case of sickness absence (occupational health and safety);
c) in order to do customer projects for Node1.
a) Name, e-mail address, telephone number, address, BSN, copy of passport, account number;
b) Name, e-mail address, telephone number, address, BSN, information received from company doctor;
c) Name, business e-mail address, business telephone number, photograph (website).
a) Necessary for compliance with legal obligation (Art. 6.1c GDPR);
b) Necessary for compliance with legal obligation (Art. 6.1c GDPR);
c) Necessary for the performance or conclusion of a contract (Art. 6.1b GDPR).
Node1 cannot offer employment if personal data are not provided.
Personal data will be retained for a maximum of seven years after end of employment.
Personal data is processed during the application process in order to maintain contact with applicants and assess their suitability as employees of Node1.
Name, e-mail address, telephone number, CV.
Necessary for the performance or conclusion of a contract (Art. 6.1b GDPR). Node1 cannot offer employment if personal data are not provided for this purpose.
Personal data will be retained for a maximum of 3 months after the end of the application process. With your consent, we can keep them for one year.
Node1 offers a newsletter that anyone can subscribe to. We send the newsletter through Mailchimp.
E-mail address, name.
Consent of the person concerned for a specific purpose (Art. 6.1a GDPR). The consent can be easily withdrawn by clicking on the "Unsubscribe" link at the bottom of the newsletter.
As soon as you unsubscribe, your data will be deleted.
On our website node1.com, we use cookies to ensure that the website functions optimally. We use Google Analytics for this purpose. Your IP address is immediately anonymised by Google. We do not have access to it and therefore do not process it.
Browser metadata and anonymised IP address.
For this processing, we rely on the legal basis of legitimate interest (Art. 6.1f GDPR). The legitimate interest is the continuous improvement of our website.
48 months.
We pay for the use of Microsoft 365 as central cloud storage for documents and the sending and receiving of e-mails. Microsoft is based in the EU.
For non-EU processors, we have taken extra measures, such as concluding Standard Contractual Clauses. An example of this is Mailchimp, our processor for newsletters. We have concluded a processing agreement with all parties that process personal data on our behalf.
As a data subject, you have the following rights:
Right to information: You have the right to know why your personal data is needed, what happens to it and how long it is stored. We facilitate this by means of this privacy statement.
Right of access: You have the right to access the personal data Node1 holds on you.
Right to rectification: You have the right to complete and have corrected your personal data.
Right to erasure: You may also request us to delete the personal data we process about you. We will comply with this request, unless we are legally obliged to keep the data for a longer period.
Right to object: You have the right to object to the processing of your data by Node1.
Right to restriction: You have the right to restrict our processing of your personal data.
Right to data portability: You have the right to have your personal data transferred to another controller. This means that you will be provided with your data in a form in which you can easily pass it on to another person if you wish to do so organization. In practice, however, we have little or no personal data and there is little or nothing to transfer.
Should you wish to exercise one or more of the above rights, please send a written request to info@node1.com. We will process your request within three weeks. We may ask you to identify yourself, but will not ask for more personal data than we already process from you. Node1 would also like to point out that you have the option of submitting a complaint to the national supervisory authority, the Dutch Data Protection Authority (https://www.autoriteitpersoonsgegevens.nl).
Node1 has taken appropriate technical and organisational measures to protect personal and other confidential data. These include setting up an information security team, use of encryption for website traffic, back-ups, access security and screening of employees. The information security is set up following the structure of ISO 27001 and externally tested by ICT Institute against the Security Verified standard (http://securityverified.nl).
We reserve the right to make changes to this statement. It is recommended that you consult this statement regularly so that you are aware of these changes.
