This privacy statement had been prepared for Q&A (see article 2 for definitions), established in Amersfoort at the address: Printerweg 22.
Unless otherwise expressly provided below, the terms used in this statement, will be used in the sense that General Data Protection Regulation (here in after: ‘GDPR’) gives.
Q&A: Q&A Consultancy BV (kvk 65015061), Q&A Insights BV (58913009), Q&A Insights Europe BV (65019776) en Q&A Insights Belgium BV (70621160).
Personal Data: all information regarding an identified or identifiable natural person (data subject).
Processing of Personal Data: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
This Regulation shall apply to all processing of personal data within Q & A, other than the personal information that individuals/consumers have given in the capacity of individual/consumer.
Q&A will take care of complying with applicable laws and regulations concerning privacy among which the General Data Protection Regulation (GDPR).
Our processing of the personal data shall be lawful because of:
The personal data will only be processed by employees of Q&A insofar as this is necessary for the performance of their duties.
In the case of organising events or retail tours/study trips, it is possible Q&A uses other organisations/subcontractors for the purpose of (among other things) making batches for the people present at the event or for booking overnight stays or flight tickets. In that situation Q&A will hand over the personal data necessary for making the batches or booking the overnight stays etcetera to these organisations. Q&A will inform you which subcontractors she will use, what personal data will be shared with them and for what purpose they will be shared.
The personal data will only be processed, as far as they are, given the purposes described in article five, sufficient, relevant and not excessive.
Q&A will keep confidentiality about the personal data from which she takes note, unless insofar as any legal regulation obliges her to communicate or if the task of the responsible employee results in the communication of the data.
Q&A stores personal data among other things in personal Outlook/exchange boxes, in a CRM system, developed by Q&A and in Excel databases per event. Each employee has access to his/her personal Outlook/exchange system, to the CRM software program and to the Excel databases. The personal assistants also have access to the personal Outlook/exchange boxes of the Managing Director.
Each user of personal data has a confidentiality obligation with regard to the data he or she has authorized access to.
Q&A will take technical and organizational security measures to prevend unauthorized access or unauthorized use of personal data.
Q&A confirms to the obligation to report data leaks.
Q&A won’t provide your personal data to third parties, unless you have given her the necessary permission or unless Q&A is obligated to provide personal data by law or a court decision or or if such provision is at the service of the purposes of processing the personal data.
In the case Q&A organizes events with sponsors, Q&A will provide her sponsors only a list with the company names of attending persons. Your personal email address and/or your personal name will not be provided to sponsors or other third parties without your permission.
Q&A won’t store the personal data longer than it’s necessary to service the purpose of processing the data, unless there’s a longer legal storage period.
Q&A reserves the right to amend this Privacy Statement. It is advisable to consult this Privacy Statement on our website on a regular basis to stay up to date on these amendments.
You can execute the rights granted to you under GDPR concerning your personal data (among which: the rights on information and access, rectification, erasure, restriction, dataportability and the right to object) by contacting Sandra Jonker (secretariaat
We then ask you to prove your identity, on the basis of a valid identification. That way we can check if we provide the personal data to the right person.
Excessive requests in relation to the provision of information may be rejected by us. Excessive requests occur when, for example, you approach us on an above average and unnecessary number of times with information requests.
Any complaints about this statement you can indicate to your own contactperson or to: secretariaat
You also have the right to file a complaint to the Supervisory Authority. The ‘Autoriteit Persoonsgegevens’ supervises compliance with the legal rules for the protection of personal data. You can contact the Authority:
2594 AV Den Haag, the Netherlands