Briddge Legal and Finance
This Privacy Statement is issued by Briddge B.V. (Kabelweg 37, 1014 BA Amsterdam, the Netherlands) (hereinafter: “Briddge”). Briddge respects your privacy and is committed to processing your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and other applicable privacy laws. Even if not specifically mentioned, all parts of this statement shall be governed by the GDPR and any other applicable privacy laws.
This Privacy Statement explains how we may use, process and store your personal data. This Privacy Statement applies to all personal data that you provide to Briddge, including any data you may provide through our website, when you (or your company) becomes a (prospective) client, when you apply for a job vacancy or subscribe for our knowledge base.
On what legal grounds does Briddge process personal data?
The majority of the personal data processed by Briddge is necessary for the performance of a contract or agreement with its clients, based on the legitimate interest of data subjects or to comply with the request of the client prior to entering into a contract. Briddge also processes personal data in order to comply with legal and regulatory obligations.
We may furthermore process personal data for legitimate business interests pursued by Briddge. Such legitimate interests include general research and development (including statistical research or as a basis to analyse our current security measures), to develop and improve our services or to strengthen our relationship with our clients. We may provide you with communications or information regarding our service offering, which we think, will be of interest to you. When we process your personal data for our legitimate business interests, we will consider and balance any potential impact on you and your rights under the relevant data protection laws and any other relevant law. Whenever we process personal data for a legitimate business purpose, you have the right to object to this way of processing. See the section on your rights below.
What types of personal data does Briddge process?
Personal data is any information relating to an identified or identifiable natural person. Briddge processes the following types of personal data:
|Types of personal data||
Visitors to our website
|Clients and employees of clients||Job applicants
|Name, address, email address, telephone number and other contact information||YES||YES||YES|
|Date and place of birth||NO||YES||YES|
|Employment details (including salary)||NO||YES||YES|
|Copies of identity documents (passport, national ID card, driver’s license, employee identification numbers, tax residence) and social security / tax numbers||NO||YES||YES|
Please note that the above list is not exhaustive and that Briddge may also collect and process personal data to the extent that this is necessary for the provision of our services. Furthermore, we may receive personal data from third parties as part of the service we provide to you, or in connection with legal requirements that are applicable to us.
How does Briddge collect personal data?
Briddge obtains and processes personal data in different ways.
We collect personal data directly from (prospective) clients, business partners, intermediaries and job applicants for the purposes of entering into a contract or a service agreement and/or to meet certain legal requirements.
We also collect and process personal data from publicly accessible sources such as internet, social networks or commercial registers.
With whom does Briddge share personal data?
The personal data Briddge processes is stored on our servers and/ or on the servers of the cloud-based database management services engaged by Briddge. Briddge will ensure that all such service providers are bound by a data processing agreement in order to help ensure that they process your data, on our behalf, with the same level of security and confidentiality as applied by Briddge.
Briddge may disclose or transfer personal data insofar as reasonably necessary for the purposes of our service offering or for bona fide compliance purposes, as well as on any of the legal basis as set out in this Privacy Statement or in the GDPR or other local laws.
Except as described in this paragraph, Briddge will not disclose, transfer or sell personal data to any third party unless you have explicitly consented to this in writing.
Briddge may disclose or transfer personal data to sub-processors for the purpose of the proper performance of the services we provide to our clients. It may, for example, disclose or transfer such personal data to third party service providers who provide administrative, IT, payment, data processing, debt collecting or other services. Briddge ensures that data processing agreements are in place with any such sub-processors in order to help ensure that they process your data, on our behalf, with the same level of security and confidentiality as applied by Briddge.
In addition, Briddge may disclose or transfer personal data to protect our rights or those of our clients and/or to prevent fraud. Briddge can also be obliged to disclose or transfer personal data to competent authorities in order to comply with our legal and/or regulatory obligations.
International transfer of personal data
Briddge may disclose or transfer personal data to countries outside the European Economic Area in connection with the aforementioned purposes.
If disclosure or transfer of personal data takes place in or to a country that does not ensure an adequate level of protection of your personal data, Briddge will take measures to ensure that additional safeguards will be put in place.
Briddge may also be required to share personal data with the employer of a data subject outside the European Economic Area for which we provide services. This is done in the legitimate interest of the data subject for the purpose as determined in the data processing agreement with the client.
Briddge may store the data for as long as it is necessary or required in order to fulfil legal, contractual or statutory obligations and/or for the establishment, exercise or defence of legal claims, and where it has a legitimate interest for doing so.
Briddge will store the data collected from the website for as long as necessary to fulfil the specific request, or for as long as is desired by the data subject.
Briddge will store the relevant client data for up to two 2 years after the termination of our business relationship or longer, if required to fulfil legal, contractual or statutory obligations and/or for the establishment, exercise or defence of legal claims, and where it has a legitimate interest for doing so.
Briddge will process and store the relevant data of a job applicant for up to 4 weeks after the expiring date of the vacancy. If Briddge would like to store the data of a job applicant for a longer period, it will be held on file for a maximum of 1 year after the expiring date of the vacancy and the job applicant will be explicitly informed hereof.
Your rights as data subject
You (insofar as you are the data subject) have the following rights:
- Access to your information: you have the right to access the personal data that Briddge holds about you, at any time.
- Data portability: you may ask Briddge to provide you with a copy of the personal data that Briddge holds about you.
- Correction of your personal information: you have the right to ask Briddge to update and correct any out-of-date or incorrect personal information that we hold about you.
- Deletion of your personal information (the right to be forgotten): you have the right to ask Briddge to delete your personal information, to the extent that Briddge has no legal and/or regulatory obligations to keep such personal information.
- Restriction of processing of your personal information: you have the right to ask Briddge to restrict the processing of your personal information in case:
- you have contested the accuracy of the personal information held by Briddge;
- the processing is unlawful but you objected to the deletion of the personal data and request the restriction of the use instead;
- Briddge no longer needs the personal data for the purposes of the processing, but you require them for legal reasons;
- You objected to processing and Briddge is investigating whether there are legitimate grounds to override your objection;
- Automatic decision making: Briddge generally does not make decisions by purely automatic means, but if we do, you have the right to object.
- Object: You have the right to object at any time to the processing of your personal data for any direct marketing (and related profiling) by Briddge.
If you wish to exercise any of the above rights, please contact Briddge on GDPR@briddge.com
In addition you have the right to make a complaint with the local supervisory authority with respect to the way Briddge processes your personal data or the way Briddge handles your rights in this respect.
Navigation and cookies
Please note that Briddge is the controller of personal data collected through the Briddge website (the “Website”).
Briddge collects personally-identifiable information on certain areas of the Website when users register or, request publications or other information. The personally-identifiable information collected may consist of information that you provide, such as name, post address, e-mail addresses, telephone- and fax numbers.
To learn more about the cookies and third-party cookies that are used on the Briddge website and how to refuse the cookies, please be referred to our Cookie Notice as published on our website.
Changes to this statement
Briddge may update this Privacy Statement from time to time. We advise you to periodically review this Privacy Statement to be informed about how Briddge is protecting your privacy.
Data protection officer
Briddge is not required to appoint a DPO under the GDPR since we are not a governmental organization, do not systematically observe persons and do not process special categories of personal data on a large scale. However, we do think data protection is important so we have appointed staff to oversee the company’s data privacy compliance programmes and help ensure compliance with the GDPR.
If you have any questions, concerns or complaints with respect to this Privacy Statement, the way Briddge is handling your privacy or you wish to exercise any of your rights please contact GDPR@briddge.com.