The processing of personal data by the Controller falls under the statutory exemption regulations. For this reason, the processing is not reported to the Dutch Data Protection Authority.
Types, purposes, legal bases and period of processing of personal data
First of all, personal data are processed if you enter into a contract with us. The personal data are used in order to be able to provide the service. When creating an account, you are asked to fill in certain mandatory data. If you are a tenant, you are asked to fill in your name and address details, telephone number, current profession/activities and submit proof of registration/your employment contract and a copy of your passport. If you are a landlord, you are asked to fill in your name and address details, place of birth and bank details. You will also be asked to fill in your e-mail address. We need your e-mail address in order to send you relevant information. The personal data are stored for as long as you remain a customer. The legal basis for processing these data is found in the permission you gave and the processing of these data is necessary for the functioning of the service.
If you do not want to provide any personal data to the Controller, the Controller will be unable to provide the services to you. As a result, the Controller may be unable to meet the contractual, statutory and necessary obligations. In such a case, you will be responsible for any adverse consequences of failing to provide the personal data.
Reference to other websites
Transfer to processors and third parties
Personal data are processed by companies engaged by the Controller for the performance of the contract. The law refers to these companies as 'processors'. Examples of processors are the company that provides the hosting of our website or a parcel service engaged by us. The processors act under the Controller's responsibility.
Moreover, personal data will be shared with third parties if the Controller is required by law to forward personal data to competent authorities.
The Controller has taken appropriate technical and organisational measures to protect your personal data against loss or unlawful processing. This website has an SSL certificate, which allows for sending the data over a secure connection. The Controller also uses CSRF tokens and OAuth (Open Authorisation) and passwords are securely stored.
The Controller has also taken security measures with respect to third parties. For instance, the Controller has entered into a processing agreement with third parties that process your personal data. The processing agreement sets out the purpose of the processing and the agreements made on the level of the technical and organisational measures.
Your privacy rights
Data that are no longer necessary will be deleted. You have a right of inspection, rectification, deletion or restriction of the processing of your personal data in accordance with the provisions of the General Data Protection Regulation. To prevent any misuse and/or fraud, we will always ask you to identify yourself. If you create an account on our website, you can view and change the data you provided yourself.
If you want to file a complaint about the Controller with respect to the processing of your personal data, you can inform us of this by sending an e-mail to firstname.lastname@example.org You may also file your complaint with the Dutch Data Protection Authority. More information about how to do so can be found via this link.