At CV we take users’ right to data privacy and protection very seriously. We have always had a comprehensive and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognise our obligations in updating and expanding this program to meet the demands of the GDPR and the Dutch Data Protection Act.
We collect the following information you provide us with directly through our forms and third-party applications, such as Drift chat box:
- Your name;
- Your phone number;
- Your email address;
- Your company name;
- User Content (e.g., photos, comments, and other materials) that you post to the Service;
- Communications between you and CV (e.g., we may send you Service-related emails).
We collect information that your browser sends whenever you visit our Service. This log file information may include information such as your computer’s Internet Protocol address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.
Metadata is usually technical data that is associated with User Content. For instance, metadata can describe how, when and by whom a piece of User Content was collected and how that content is formatted. Users can add or may have metadata added to their User Content including a hashtag (e.g. to mark keywords when you post a photo), geotag (e.g. to mark your location to a photo), comments or other data. This makes your User Content more searchable by others and more interactive.
We use all of the information we have to help us provide and support our Services. Here is how:
- Remember information so you will not have to re-enter it during your visit or the next time you visit the Service;
- Provide, improve, test, and monitor the effectiveness of our Service;
- Monitor metrics such as total number of visitors, traffic, and demographic patterns;
- Organise and keep track of supplied data in a customer relationship management tool provided by HubSpot;
- Diagnose or fix technology problems;
- Develop and test new products and features.
We will not rent or sell your information to third parties outside CV.
Any information or content that you voluntarily disclose for posting to the Service, such as User Content, becomes available to the public. Once you have shared User Content or made it public, that User Content may be re-shared by others. Subject to your profile, any User Content that you make public is searchable by other Users. If you remove information that you posted to the Service, copies may remain viewable in cached and archived pages of the Service, or if other Users or third parties have copied or saved that information.
We may access, preserve and share your information in response to a legal request (like a search warrant, court order or subpoena) if we have a good-faith belief that the law requires us to do so. We may also access, preserve and share information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; and to prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.
CV has taken appropriate technical and organisational measures by using the latest technologies to protect your information against loss or unlawful processing. We use safeguards to help keep the information collected through the Service secure, thanks to Webflow and AWS technologies, including:
- SSL Certificate;
- Two-factor authentication;
- DDoS protection: AWS Shield;
- Filter malicious web traffic: AWS Web Application Firewall;
- Data protection: Amazon Macie;
- Investigate security issues: Amazon Detective;
- Secure access to services and resources: AWS Identity & Access Management (IAM);
- Cloud SSO service: AWS Single Sign-On;
- Threat detection service: Amazon GuardDuty.
However, CV cannot ensure the security of any information you transmit to CV or guarantee that information on the Service may not be accessed, disclosed, altered, or destroyed. We request you to do your part to help us. You are responsible for controlling access to emails between you and CV, at all times. We are not responsible for the functionality, privacy, or security measures of any other organisation.
In accordance with the law, CV does not retain data any longer than is required for attaining the purposes for which they were collected.
If you wish to know which of your data CV has recorded or if you wish to amend or remove data that you cannot amend via your account, please contact our designated Data Protection Officer (DPO) at email@example.com
Our Service does not address anyone under the age of 13 (“Children“). We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your Children has provided us with personal information, please contact us. If we become aware that we have collected personal information from a child under age 13 without verification of parental consent, we take steps to remove that information from our servers.
In addition to the policies and procedures mentioned above that ensure individuals can enforce their data protection rights, we provide easy to access information via our website of an individual’s right to access any personal information that CV processes about them and to request information about:
- What personal data we hold about them;
- The purposes of the processing;
- The categories of personal data concerned;
- The recipients to whom the personal data has/will be disclosed;
- How long we intend to store your personal data for;
- If we did not collect the data directly from them, information about the source;
- The right to have incomplete or inaccurate data about them corrected or completed and the process for requesting this;
- The right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that we use;
- The right to lodge a complaint or seek judicial remedy and who to contact in such instances.