Centrum voor Verantwoord Spelen (Centre for Responsible Gambling)
Centrum voor Verantwoord Spelen is responsible for the processing of personal data as shown in this privacy statement.
Yvon Jansma is the Data Protection Officer of Centrum voor Verantwoord Spelen.
She can be reached via firstname.lastname@example.org.
1. Personal data we process
Centrum voor Verantwoord Spelen processes your personal data because you use our services and/or because you have provided this information to us yourself.
Below you will find an overview of the personal data that we process:
- First and last name;
- Telephone number;
- Email address;
- Other personal data that you actively provide, for example in correspondence and by telephone;
- Internet browser and device type.
2. Data processing under the age of 16
Our website and/or service do not intend to collect data about website visitors who are younger than 16 years of age, unless they have permission from their parents or legal guardian. However, we cannot check whether a visitor is older than 16. We therefore advise parents to be involved in their children’s online activities, in order to prevent data about children from being collected without parental consent. If you are convinced that we have collected personal information about a minor without this permission, please contact us via email@example.com, we will delete this information immediately.
3. For what purpose and on what basis we process personal data?
To protect your personal data, we only process personal data for a specific purpose, with a legal basis in accordance with the GDPR. Below we indicate exactly on what legal basis we process your data and why we have to process this data. Centrum voor Verantwoord Spelen processes your personal data for the following reasons:
Did you sent an e-mail to our e-mail address? Or have you left information via social media, WhatsApp or by phone? Then we store this data so that we can approach you further.
The bases for processing in this context: our legitimate interest (we must be able to communicate with you in order to be able to take action or follow up on questions or complaints).
2. Performing service
When we switch to performing our service, we need certain data. Without this data, it is not possible for us to perform our services properly. For example e-mail address, name and telephone number.
The bases for processing in this context: execution of the agreement (compliance with the agreement as concluded with our customer), legal obligations (performing our services in accordance with the standards set by applicable laws and regulations) and a legitimate interest (being able to properly execute the agreement with our customers).
For this processing purpose, we process your name, bank details (including name of the bank/IBAN/BIC), contact details (including telephone number) and e-mail address.
The basis for the financial administration processing purposes: execution of the agreement (in case the agreement has been concluded with the customer); legal obligations (including our administration and retention obligations, tax obligations and obligation to draw up annual accounts and annual reports); our legitimate interest (to be able to carry out our regular activities and services in a correct and effective manner; to be able to provide and improve our services, for example to protect our interests during a dispute or legal proceedings and to prevent fraud or other unlawful behavior).
4. Relationship management
It is important for us to store and process your feedback, complaints and wishes. If we still need to make further contact (for example about a follow-up of a complaint) we must be able to do so. For this purpose, we store data such as name, telephone number, e-mail address, agreements and, if possible, data in the context of a customer satisfaction survey.
The bases for processing in the context of this purpose are: execution of the agreement (if it concerns a business customer) and our legitimate interest (being able to initiate and maintain the customer relationship and to be able to perform the associated administration, correspondence and relationship management activities).
5. Giving course/training and storage of certification
Centrum voor Verantwoord Spelen provides several types of courses and training. Personal data is required to provide such courses, including the personal data of the students. This data is stored in the systems shown under Chapter 6. In addition, it is necessary to store and process this data for issuing a certificate. Personal data used for this purpose include name and date of birth.
The bases for processing in the context of this purpose are: execution of the agreement (the execution of the agreement that CvVS has with the party that purchases the course or training for its employees) and our legitimate interest (being able to provide courses and training, as well as issuing certificates).
4. Automated decision-making
Centrum voor Verantwoord Spelen does not make decisions based on automated processing on matters that can have (significant) consequences for people. Automated processing are decisions that are taken by computer programs or systems, without involving a person (for example, an employee of Centrum voor Verantwoord Spelen).
5. How long we store personal data
Centrum voor Verantwoord Spelen does not store your personal data longer than is strictly necessary to achieve the purposes for which your data is collected. Below we show the retention period of the various processing purposes for which we process your data. We use the following retention periods for the following processing purposes for personal data:
Data required to contact you will be kept for a period of two (2) years. This period starts from the moment the last contact has taken place.
In order to perform our service, it is necessary to keep data for a certain period of time. The required data will not be kept for longer then two (2) years. This period starts from the moment that the service has been fully performed or the last service has taken place.
We must keep a thorough financial administration. As a result, we are legally obliged to keep our financial records for at least seven (7) years.
It is important for us to have our relationship management in order. Therefore, the data provided by you will be kept for a period of two (2) years.
Giving course/training and issuing certificate
When we have given a course and it has been completed with the achievement of a certificate by the student, we must keep it for an indefinite period of time. This means that the students information and the accompanying certificate are kept for the period that the Agreement with the party that took the course is in force. If the Agreement no longer needs to be executed, the data with the corresponding certificate will be kept for a maximum period of two (2) years.
6. Sharing personal data with third parties
Centrum voor Verantwoord Spelen will never sell your data to third parties and will only provide personal data to third parties if this is necessary for the execution of our agreement with you or to comply with a legal obligation. We conclude a processor agreement with companies that process your data on our behalf to ensure the same level of security and confidentiality of your data. Centrum voor Verantwoord Spelen remains responsible for these processing operations.
We share your data with Coachview for course administration, the creation of courses and for the registration of students and certificates. We share certain personal data in order to be able to perform our services properly.
In addition to Coachview, we also share certain data (including e-mail address and name) with Avetica for the purpose of carrying out e-learning. By using data with Avetica, we can perform our services properly.
A processing agreement has been concluded with all parties with whom Centrum voor Verantwoord Spelen shares data. By doing so, we guarantee your rights and ensure that your data is properly processed.
If necessary, it is also possible that we share data with the Netherlands Gaming Authority if the Gaming Authority so requests. Centrum voor Verantwoord Spelen is legally obliged to share certain data with the Netherlands Gaming Authority, if requested to do so by the authority. This also applies to other government agencies that legally have a basis for viewing data that Centrum voor Verantwoord Spelen stores, Centrum voor Verantwoord Spelen will always pay attention to your rights and wishes regarding the processing of your data.
7. Cookies, or similar techniques, that we use
Centrum voor Verantwoord Spelen uses necessary, analytical and marketing cookies. A cookie is a small text file that is stored on your computer, tablet or smartphone when you first visit our website. The cookies we use are necessary for the technical operation of the website and your ease of use. They ensure that the website works properly and remember, for example, your preferred settings. It also allows us to optimize our website. For more specific information about the cookies that Centrum voor Verantwoord Spelen places on your devices, please see our cookie statement.
You can opt out of cookies by adjusting the setting of your internet browser so that it no longer stores cookies. In addition, you can also delete all information previously stored via the settings of your web browser. The precise steps to delete cookies from your web browser differs per web browser. The Self-Test on our website does not contain any cookies. By watching a video on the site, third-party cookies can be placed.
8. View, modify or delete data
Below we give you an overview of the rights you have regarding your personal data and our use thereof. Although we collect and process personal data in a minimal way, we think it is important to point out the rights that you have under the GDPR.
1. Right of access (Article 15 GDPR)
At any time you have the right to request your data, which have been recorded and stored by us. This can be done by sending an e-mail or via telephone contact. You will then receive a clear overview of your data that Centrum voor Verantwoord Spelen processes.
2. Right to rectification (Article 16 GDPR)
Is your data (which we have processed) no longer correct or has it changed? Then you have the right to have this rectified.
3. Right to data portability (Article 20 GDPR)
According to the GDPR, you have the right, if reasonable and possible, to request that we transfer data to another party.
4. Right to erasure (Article 17 GDPR)
In certain cases, you have the right to ask Centrum voor Verantwoord Spelen to destroy your data. You can do this by invoking ‘the right to be forgotten’. In the following situations, Centrum voor Verantwoord Spelen must destroy your personal data if:
- Centrum voor Verantwoord Spelen no longer needs your data for purposes for which we have collected the data.
- You have expressly given permission to Centrum voor Verantwoord Spelen to use your data, but are now withdrawing it. This can be done, for example, via the ‘unsubscribe button’ for newsletters.
- You object to data processing. You have an absolute right to object to direct marketing. Are your interests greater than the interests of Centrum voor Verantwoord Spelen, with regard to the processing of your data? Then you have a relative right to object. This means that deletion does not have to take place immediately, but only when it has been established that your interest outweighs the purpose of processing the data.
- If Centrum voor Verantwoord Spelen processes your data unlawfully, you have the option to ask for the data to be deleted. This is possible, for example, if there is no legal basis for the processing of your personal data.
- If Centrum voor Verantwoord Spelen has exceeded a statutory retention period, Centrum voor Verantwoord Spelen is obliged to delete your data.
- If you, as a data subject, are younger than 16 and Centrum voor Verantwoord Spelen has collected your data. You can ask Centrum voor Verantwoord Spelen to delete the data immediately.
There are exceptions to the right to be forgotten under the GDPR. For more information, see the next page.
5. Right to file a complaint with the Dutch Data Protection Authority
You always have the right to file a complaint with the Dutch Data Protection Authority if you have the feeling that Centrum voor Verantwoord Spelen has not handled your personal data correctly. This can be done via this link. The Dutch Data Protection Authority will then handle this complaint.
6. Right to stop data consumption, objection (Article 21 GDPR)
You have the right to object to the processing of your data at any time. Especially in the case of ‘direct marketing’.
Do you want to make use of the aforementioned rights?
In most cases, an e-mail to our data protection officer is enough to exercise your rights. Do we doubt whether you are who you claim you are? Then we can ask you to provide a copy of proof of your identity, as prescribed by the Dutch government. However, in most cases a less invasive method of identity verification will be sufficient.
Centrum voor Verantwoord Spelen would also like to point out that you have the opportunity to file a complaint with the Dutch national supervisory authority, the Dutch Data Protection Authority. This can be done via the following link: https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons
9. How we protect personal data
Centrum voor Verantwoord Spelen takes the protection of your data seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. If you feel that your data is not properly secured or there are indications of abuse, please contact our customer service or via firstname.lastname@example.org
Personal data are only accessible to the authorized employees of Centrum voor Verantwoord Spelen. This personal data are protected by a password. Where possible, we use two-step verification (or reCAPTCHA).
The Devices that access your data are also locked with a password and/or fingerprint scanner and/or facial recognition. This concerns the necessary devices, such as computers, laptops and mobile phones.
Your visit to Centrum voor Verantwoord Spelen website is also secured by ”https” security. This means that your connection to the website is private. With this we ensure that your personal data remains safe during the website visit.
For the sake of completeness, more information about online security that Centrum voor Verantwoord Spelen uses:
- Sending your data via a secure internet connection. You can see this in the address bar ‘https’ and the padlock in the address bar.
- Securing all devices on which your data is processed, stored and used with.
Centrum voor Verantwoord Spelen does not store data in a physical manner.
Centrum voor Verantwoord Spelen processes your personal data, as indicated, on the basis of our legitimate interest. Your personal data will never be sold to a third party.
The data that are mandatory to provide are the minimum necessary data for the provision and execution of our services. If you do not provide us with this mandatory information, Centrum voor Verantwoord Spelen will not be able to offer the services (properly).
If it is necessary to share your data with parties other than the parties mentioned above, your permission will of course first be requested by amending our privacy statement. We always make changes known via the website of Centrum voor Verantwoord Spelen.
Centrum voor Verantwoord Spelen reserves the right to disclose data when this is required by law, or when Centrum voor Verantwoord Spelen deems this justified in order to comply with a legal request or process, also when it comes to ownership or protecting Centrum voor Verantwoord Spelen. We try to respect your right to privacy as much as possible.
Do you have any questions or comments regarding our privacy statement? Please contact us via the contact details below: