Get in touch
Get in touch
Leave your details
Want to know more about Kevlinx? Let us know via the form below and our team will contact you as soon as possible.
privacy policy
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Privacy policy

Introduction

KEVLINX Holding B.V. (“KEVLINX”, “we”, “our”, or “us”) honours its obligation to respect and protect the privacy of

personal data as obtained from individuals with whom KEVLINX deals. We are committed to conducting our business in accordance with all applicable laws and regulations, including the GDPR.

This policy explains when and why we collect personal data about you as individual, how this information is used, with

whom we share that information and the rights they have over it.

This policy was created on November 8, 2024. KEVLINX reserves the right to update this policy from time to time.

Application

This policy is applicable to the processing by KEVLINX of personal data. For the purposes of data protection law,

KEVLINX is the “controller” in relation to the processing of activities described below. A “controller” is an organisation

that decides why and how personal data is processed.

This policy applies to the entire KEVLINX group and all employees, contractors, consultants, directors, officers and other workers within such group.

This policy applies subject to appliable laws and regulations in countries where KEVLINX operates.

When and what type of personal data

We collect and process different types of personal data, for example when you:

  • visit our website
  • contact us
  • do business with us
  • work for us under an employment agreement or as a contractor
  • apply for a job
  • visit our sites/locations

It concerns (i) personal data that you have provided to us voluntarily:

Examples: e-mail address, mobile phone number, home address, bank account details, information contained in a CV,

vehicle license plate (e.g. to facilitate location access), biometric data (e.g. to facilitate location access), CCTV camera

footage (during visits)

Or (ii) automatically generated data:

Examples: IP address, browsers, internet provider, device type and other pages visited before or after the visit (Uniform Resource Locators clickstream).

Purpose and legal basis

Data protection law requires us to have a valid reason to process personal data for each of the different purposes for

which we use that information. The law refers to each reason as a ‘legal basis’. The purposes for which we use personal data and the legal basis under data protection law on which we rely to do this are explained below.

We may use personal data for one or more of the following purposes:

  • to grant you access to our website or online portals
  • to optimise the quality of our services
  • making offers for services
  • sending newsletters
  • to comply with our obligations under an employment agreement or contractor agreement
  • to prepare user statistics
  • for marketing and communication activities
  • to send and collect invoices
  • to grant secured access to our data centers / sites

The legal basis is set out below:

  • Execution of an agreement: we may use and process your personal data for the proper execution of an agreement.
  • Consent: we may use and your process personal data where you have consented for us to do so.
  • Legitimate interests: we may use and process your personal data where it is necessary for us to pursue our legitimate interests as a business.
  • To comply with legal obligations: we will use and process your personal data to comply with our legal obligations.

Security

We ensure adequate organisational and technical security measures. This means that we pay attention to new

developments and adjust our security measures accordingly where necessary.

Security is an important part of our service. We use pseudonymisation and encrypt your data, particularly biometrical

data that is required for authentication or security purposes in providing access to our data centers.

Processing by third parties

We may share your personal data with other companies in the KEVLINX group, to the extent necessary for our services.

We may share your personal data with our third-party service providers, agents, subcontractors and other

organisations, such as advertising and PR agencies, cloud storage service providers, insurance services providers, legal advisers, market research and analytics services providers, online e-mail marketing, campaign management and

customer relationship management platform services. When we use third-party service providers, we only disclose to

them personal data that is necessary for them to provide their services and we require such third-party service

providers to adhere to appropriate security measures to protect personal data.

We may transfer your personal data to a third-party as part of a sale of some or all of our business and assets to any

third party or as part of any business restructuring or reorganisation.

We may also transfer your personal data if we are under a duty to disclose or share it in order to comply with any legal

obligation, to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property

or safety of our visitors and customers. We will always take steps with the aim of ensuring that your privacy rights

continue to be protected.

Location

KEVLINX stores personal data within the European Economic Area (“EEA”).

If we transfer your personal data outside of the EEA (e.g. this may happen where any of the companies in our group are located in a country outside of the EEA or if any of our servers or those of our third party service providers are from time to time located in a country outside of the EEA), we will take steps (such as imposing contractual obligations on the recipient) to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy.

Cookies

Our websites uses cookies. Cookies are small pieces of information sent to your computer or device and stored on its

hard drive to allow our websites to recognise you when you visit. Some of the cookies we use are necessary for our

websites to function properly whilst others are not essential but enhance your experience of our websites or allow us to improve them by allowing us to obtain an overall view of visitor habits and visitor volumes to our websites.

We request your consent for any non-essential cookies, which you can withdraw at any time. It is also possible to switch off cookies by setting your browser preferences. For more information on how we use cookies and how to switch them off on your device, please visit our cookie policy on the website.

Retention period

The length of time for which we retain your personal data is determined by a number of factors including the purpose

for which we use that information and our obligations under other laws. We do not retain personal data in an

identifiable format for longer than is necessary.

In concrete terms this means:

  • Data center access data: 6 months
  • CCTV footage: 90 days where allowed by local legislation otherwise 1 month
  • Biometric data: only up to end of contract and end of authorization
  • Job application data: 3 months (or, if you have granted permission, up to 1 year)
  • Cookies: between 8 and 14 months (depending on the type of cookie)

Rights

You have a number of rights in relation to your personal data under data protection law, including:

  • access to your personal data
  • correcting and updating your personal data
  • withdrawing your consent (where we relied on your consent as the legal basis for processing personal data)
  • objecting to our use of your personal data as set out under “Purpose and legal basis”
  • erasing your personal data or restricting its processing
  • transferring your personal data in a structured data file (data portability)
  • filing a complaint with a data protection regulator, please see the European Data Protection Board website for contact details regarding the data protection regulators in the European Union.

In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us

to search for your personal information. Except in rare cases, we will respond to you within one month from either the

date that we have confirmed your identity or, where we do not need to do this because we already have this

information, from the date we received your request.

Contact details

Any queries about this privacy policy may be directed to our COO and/or data protection manager using our contact

details below:

KEVLINX Holding B.V.

Eduard van Beinumstraat 6, 1077 CZ Amsterdam, e-mail: compliance@kevlinx.com