Privacy and data processing

DDGC respects your privacy and all your data will be treated confidentially. The manner in which we do this is laid down in our Data Processing Agreement which includes our Privacy Statement, Information Security Policy and a Data breach Procedure. All documents can be downloaded from this page in PDF format.

Download our Verwerkersovereenkomst

Download our Data Processing Agreement via the button below, including:

  1. Privacy Statement
  2. Information Security Policy
  3. Data Breach Procedure
Data Processing Agreement (PDF)

Education Privacy Covenant

DDGC is also a partner in the Education Privacy Covenant (Privacy Convenant Onderwijs). The model agreement is used by default for all educational institutions that wish to enter into a processing agreement with DDGC. Download the Word version of this agreement below, including the appendices:

  1. Privacy statement
  2. Information Security Policy
  3. Data Breach Procedure

Educational institutions can download the version below, complete it with their own data and then return it to our Support department.

Data Processing Agreement 'Privacy Convenant Onderwijs' version 3.0 (.docx)

Privacy Statement

The processing of personal data always takes place in a manner that is in accordance with the requirements of the European General Data Protection Regulation (Regulation EU 2016/679, hereinafter GDPR) and any other laws and regulations. This Privacy Statement explains in more detail how DDGC handles such data.

This privacy statement is divided into a general part, a part for customers with regard to the DDGC software, a part for the use of the DDGC website and a part for the DDGC digital newsletter and CRM software. This Privacy Statement applies as of July 16, 2016 and replaces earlier statements of DDGC.

General

For the delivery of our product and related services to customers, we process personal data. These are processed in our own software and that of selected partners. We never sell or provide your data to third parties. We will only share your data:

  • To provide services or products at your request.
  • In the event of (legal) investigation into illegal activities, suspected fraud, possible threat to the physical safety and welfare of other persons, violation of the General Terms and Conditions, or if DDGC is requested to do so by a court of law. <In the event of an acquisition by or merger with another company. In this case, you will be informed of this in good time before it comes up.

Contact info

DDGC B.V.
Nicolaes Maesstraat 2 - unit 216
1506 LB Zaandam
Chamber of Commerce number: 57628955
Telephone: +31 (0)75 - 670 2715
E-mail: support@ddgc.com

DDGC software

This section describes the data processing within the DDGC software (accessible via https://app.ddgc.nl).

Processing personal data

DDGC processes (personal) data of you as a customer. As a customer of DDGC, you receive a right to use the software. In order to comply with this user agreement and to be able to perform certain administrative actions (financial administration and invoicing), as well as to keep you informed of the latest developments regarding DDGC, DDGC requires a number of details from you. In this context DDGC processes the following data:

  • Title;
  • First name;
  • Middle name;
  • Surname;
  • E-mail address.

During the use of the software DDGC also collects certain data. This data is required for DDGC's services. This data can be used by DDGC if, for example, there are complaints about the software. Depending on the activity within the software, DDGC processes the following data in this context:

  • IP address;
  • Login name or customer ID;
  • Time of operations in the software.

DDGC's role

DDGC processes data of its customers and is responsible for such data processing within the definition of the GDPR. The customers of DDGC will in turn process personal data for their users with the software. In this relationship, DDGC is the Processor of the personal data within the definition of the GDPR. This means that DDGC processes personal data on the instructions of its clients. The customers of DDGC must therefore be regarded as the Processor of these data processing operations within the meaning of the GDPR. Customers have their own privacy policy for which DDGC is not responsible.

Right to inspection, correction or removal

As described above, DDGC is not the Data Processing Responsible Party within the meaning of the GDPR with respect to the users of the software. For this reason, requests for inspection, correction or deletion cannot be handled independently by DDGC. Requests for inspection, correction or deletion must be submitted to the DDGC customer who makes use of DDGC's services and software.

DDGC's commercial website

This section describes the data processing within the DDGC website (accessible via https://DDGC.nl).

Google Analytics

DDGC's commercial website uses Google Analytics to measure how often and how the website is visited. In order to perform this measurement, Google will store certain information, such as your IP address, on its servers in the United States. Google's privacy statement can be consulted at http://www.google.com/intl/nl/policies/privacy/. In this context, DDGC has not permitted Google to use the information obtained for purposes other than the provision of services to DDGC.

Facebook and Twitter

The content of some pages within the DDGC website can be shared via Twitter and Facebook. When sharing, Facebook and Twitter store cookies on your computer. In this case, Facebook and Twitter may also process personal data about you. In order to find out what Facebook and Twitter can do with these data, the respective privacy statements of Twitter and Facebook can be consulted. DDGC has no influence on this and bears no responsibility for this.

Cookies

Both the website and the software make use of technical and functional cookies. A cookie is a small text file that is placed by the browser on your computer, smartphone or tablet. DDGC uses cookies to remember your settings and preferences and thus increase your ease of use.

DDGC also makes use of Google's advertising service (Google Adwords). Google Adwords can place a cookie on your computer. DDGC will ask you for permission to do this at the time that you visit the DDGC website. You can set your browser not to store cookies on your computer. Read moreabout this process on http://www.consumentenbond.nl/internet-privacy/extra/cookies-verwijderen/ . You can also delete previously stored cookies via your browser's privacy settings.

DDGC's newsletter

DDGC regularly sends a newsletter by e-mail to clients and prospects, informing them of news about DDGC and related matters. DDGC will only add you to the newsletter file if you have given your explicit consent or if you become a client of DDGC. This concerns the following data:

  • First name;
  • Surname;
  • E-mail address.

Every newsletter contains a link to unsubscribe. For more information about the privacy policy of this software, please visit https://www.campaignmonitor.com/policies/.

DDGC's Customer Relationship Management software

To support our sales and support work processes, DDGC uses relationship management software to store correspondence with customers and prospects. In this way, our account managers and support staff can serve you better. This involves the following data:

  • First name;
  • Surname;
  • E-mail address;
  • Telephone number;
  • Organisation;
  • Any correspondence or communication.

For more information about the privacy policy of this software, please visit https://highrisehq.com/privacy/.

Data Protection Officer

Organisations are required to appoint an internal supervisor for the processing of personal data. Such a person is called a Data Protection Officer (DPO). Within the organisation, the DPO supervises the operation of the company and its compliance with the General Data Protection Regulation.

Marten Wilmink
Marten

Product Manager

Responsibilities of our DPO

Our Data Protection Officer is Marten Wilmink, MSc. He studied Applied Communication Science at the University of Twente and is involved in the following:

  • Supervision;
  • Make regular inventories of data processing practices;
  • Tracking data processing notifications;
  • Handling questions and complaints from people inside and outside our organization;
  • Developing internal guidelines;
  • Advising on technology and security (privacy by design);
  • Provide input when drawing up or modifying a code of conduct.