Privacy and Cookie Policy

Effective 5 July 2021

 

NIPED Prevention B.V. (hereinafter referred to as ‘&niped’) takes your privacy and data protection seriously. We comply with all relevant privacy legislation and regulations, including the General Data Protection Regulation (hereinafter referred to as ‘GDPR’).

In this Privacy and Cookie Policy, we describe:

  • Who we are
  • How and the purposes for which we process your personal data, as well as the legal basis
  • Your privacy rights and how you can exercise them

1. &niped

&niped is committed to promoting a healthier life for everyone in a variety of ways. Through our products, we offer insight into the health of individuals and organizations and enable them to take personal responsibility for their health. We then inspire them to get moving.

You can always contact us through the following options:

  • Email: info@niped.nl
  • Phone: +31 (0)20 261 0444
  • Terms and Conditions: https://www.persoonlijkegezondheidscheck.nl/gebruikersvoorwaarden/

If you have a complaint about your privacy, you can contact the Data Protection Officer at fg@niped.nl.

2. Use of the website

This section pertains to navigation within our websites and portals that do not requiring a login. Information on data processing within the context of the Personal Health Check can be found here. In the public sections of our websites, we process personal data for the following purposes.

2.1  Google Analytics

We use Google Analytics to measure how visitors use our company website. The information is processed in the United States. Appropriate security measures are taken with regard to this processing. We have configured Google Analytics in a privacy-friendly way. This means, among other things, that we do not permit Google to use the analytical information obtained for other Google services and have entered into the European model agreement with them. We allow Google to pseudonymize the IP address. This processing is based on our legitimate business interest to improve our website.

2.2  Contact forms

The contact forms on the website can be used to ask questions or submit requests. To be able to respond, we require your name, company name, phone number and email address. We retain this information for up to six months after our last contact with you. This enables us to easily retrieve this information if we receive follow-up questions. This processing is based on fulfilment of an agreement. It also lets us train our customer service staff to improve the customer experience. This processing is based on our legitimate business interest to improve our services.

2.3  Job applications via the website

If you send us personal information by email as part of a job application process, we will retain your information (such as provided in your CV) for the duration of the application process plus an additional four weeks. The basis for this processing is the fulfilment of an agreement (pre-contractual phase). With your consent, we may save your application data for up to one year.

3. Cookie policy

Our company uses cookies. Cookies are small text files in which we may store information, so that you do not need to enter it repeatedly. But they also show us if you visit our website repeatedly. You can disable cookies via your browser if desired. Disabling cookies will affect certain functionalities of the website.

3.1. Details

&niped uses the following types of cookies on the website:

  • Functional cookies: cookies with a purely technical functionality. These ensure that the website functions properly. They also let us remember your preferred settings.
  • Analytical cookies: third-party cookies that track your online activities. These cookies are necessary because we use analytical services like Google Analytics.
  • Tracking cookies: third-party cookies that also track your online activities in order for these parties to develop a specific profile. Tracking cookies are only permitted with your consent.
Name Location Type Retention period Purpose
Active Campaign Active Campaign, outside the EEA Analytical 1 month These cookies may be used to prepare reports on website traffic.
Tracking 1 month These cookies may be used to personalize the visitor experience.
Hotjar Hotjar Analytical 1 year The Hotjar cookie stores information on your visit to the website. This makes it possible to adapt the website to visitor preferences, thereby improving the website experience.
Facebook Facebook, outside the EEA Tracking 3 months These cookies track which pages the visitor has visited on the website, enabling an analysis of user behaviour.
LinkedIn LinkedIn, outside the EEA Analytical 2 years These cookies analyze which pages the user has visited on the website. This lets us make our campaigns measurable.
Tracking 2 years These cookies enable the user to share information with others via LinkedIn.
Google Analytics Google, outside the EEA Analytical 6 months Google uses these cookies to generate an overview of visitor flows via Google Analytics.
Analytical (anonymous) 2 years Google uses these cookies to generate an overview of visitor flows via Google Analytics.
OptinMonster OptinMonster, outside the EEA Tracking 11 years These cookies are placed by OptinMonster to enable us to determine whether the visitor is new or returning. This information makes it possible to show these specific visitors targeted advertisements.
Google Tag Manager Google, outside the EEA  Functional 2 years Make it possible to accept or reject cookies.
Zopim Zopim  Functional 1 year Make it possible to start a chat with the Service Desk.
Google AdWords AdWords, outside the EEA  Analytical 2 year Make it possible to monitor how often a target conversion has been achieved from AdWords.
WordPress Personal Health Check  Functional 1 year Make it possible to download the form on the website and make it functional.
3.2. How long are cookies stored on my computer?

The cookies are saved for up to six months after the session. For the exact retention period for each type of cookie, see the table above. You can always disable the cookies in your browser settings. Keep in mind that if you disable all cookies, certain functions or sections of the website may be unavailable or may not function properly.

4. &niped customer

We process personal customer data for the following purposes:

4.1  Quotes, orders and forms

If you request a quote or download or place an order with &niped, your information will be saved in our Customer Relationship Management (CRM) system. This pertains to your first and last name, phone number, email address and company details. We process this information as part of preparations for a potential agreement with you and save the data until you are no longer a customer. By submitting a form, you are only authorizing &niped to contact you regarding services and to send you our newsletter.

4.2  Employer portal

As a customer of &niped, you have access to the employer portal. This is a personal and secure environment in which you can submit new requests, upload invitee lists (email addresses and first names of your employees), monitor the progress of the Personal Health Check and view the macro report. The macro report is available in your personal employer portal for two years after the end of the project. It is up to you whether or not you wish to archive the report.

In order to access this service, you are required to register as a user. This means that you provide information on yourself and choose a username. We then create an account for you, which you can access by logging in with that username and a password of your choosing. We save the following information on you: your first and last name, email address, phone number, organization, number of employees, the packages you have chosen and, if relevant, a PO number. The basis for this processing is the fulfilment of the agreement you enter into with us when you create an account. We save this information until you delete the account or it is deleted by us, so that you do not have to enter the same information every time. You can submit a request to us to delete your account at any time.

If your account is inactive for a period of over 2 1/2 years, we will send you an email to inform you that your account will be deleted automatically after six months unless you indicate within that time period that you want to continue to have an active account. In the email, we will explain the steps you need to take to retain your account or to have it deleted immediately. If you do not respond to this email, we will send you two reminders, the first after three months and the second and final reminder after five months. If we still do not receive a response to these emails, we will delete the account. In other words, if there is no activity in the account or a response to the emails sent, your account will be deleted after three years.

4.3  Macro report

When participating in the Personal Health Check, you can opt to receive a company report with all health-related information on the group level (with a minimum of 30 participants with results). The data is anonymous and cannot be used to identify the individual. If there are fewer than 30 participants, but more than ten, the report can be prepared in a condensed form (without percentages, only significant differences from the benchmark).

4.4  Invitations to your target group

We will delete all invitee lists that we receive from employers, insurers or other parties that facilitate free participation in the Personal Health Check immediately after the project. We enter into a processing agreement with the relevant party to this end.

4.5  Development and improvements

&niped monitors and analyzes the use of its public website for purposes of improvements and information security research. The information is only used for our own internal purposes and processed based on a legitimate interest. We process location information, information on your activities, the IP address, internet browser and type of device. This type of information is saved for a maximum of 14 months.

4.6  Newsletters

We have a newsletter and you are only added to the list of subscribers if you have consented to this. The newsletter contains the latest news, tips and information on our products and services. We use your name and email address to send the newsletter. This is carried out on the basis of your consent. We save this information for up to five years after you have unsubscribed.

4.7  Advertising and campaigns

These are carried out using Google, social media and email in response to your request on our website. You can object to this at any time by email. Every email sent contains an unsubscribe link or you can block us.

4.8  Details

The following sub-processors are involved in the above activities:

  • Teamleader: as our Customer Relations Management (CRM) system. Location: EU/EEA
  • ActiveCampaign: as our email marketing software. Location: S.
  • Poort80: as a hosting provider responsible for the cloud infrastructure. Location: Amsterdam/EEA
  • Zendesk: for processing service desk requests and email correspondence. Location: U.S.
  • Inboxify: for sending invitations for PHC participation. Location: Netherlands/EEA

5. To whom do we provide personal data?

&niped may use third-party services to process your data in accordance with this Privacy Policy. These parties act as a processor for &niped and &niped ensures that these parties provide sufficient data protection by means of technical and organizational security measures. Third parties that act as a processor for &niped have signed a data processing agreement that includes a guarantee that they only process data on behalf of &niped.

Your data will only be provided to parties other than &niped if we are legally required to do so, such as to supervisory authorities, because we must fulfil an agreement with you or if necessary to meet our obligations to you.

6. What happens in the event of a company takeover?

In the future, it is possible that one or more divisions or assets of &niped are transferred to or &niped merges with a third party. In that case, your personal data will be transferred to this third party and &niped will inform you of this beforehand.

7. How do we protect your personal data?

We take appropriate measures to combat the misuse, loss, unauthorized access, undesired disclosure or unauthorized changes to personal data. We are NEN-7510 and ISO 27001-certified. NEN-7510 is the recommended standard for information security for the healthcare sector in the Netherlands.

A few examples of security measures that we have implemented:

  • Access to the customer portal is protected by a username and password.
  • Access to the personal portal is protected by a username and password, as well as an optional additional login code (two-step verification).
  • After being received, the information is stored in a separate, protected system.
  • We take such physical measures as locks and safes for purposes of access protection of the systems in which personal data is stored.
  • We use secure connections (minimum of TLS 1.2) to protect all information transmitted between you and our website when entering your personal information.
  • We keep information processing logs.

8. What are your rights?

You have a number of rights related to the processing of your personal data (see below). If you would like more information on your rights or wish to exercise one of them, send an email to info@niped.nl.

  • Right to withdraw your consent if we have requested your consent for a specific type of processing of your personal data;
  • Right of access;
  • Right to rectification if personal data is incorrect or incomplete;
  • Right to data erasure if personal data is not relevant for the purpose for which it was collected, if consent has been withdrawn, if you object to the processing of your personal data based on a legitimate reason or if the processing of your personal data is unlawful;
  • Right to limited processing if you dispute the accuracy of the personal data processed by &niped or you have submitted an objection to the processing of your personal data by &niped;
  • Right to data portability;
  • Right of objection to data processing or direct marketing. You have the right to object to the processing of your data in the context of our legitimate interest. We will then reconsider whether your data should no longer be used. You can also object specifically to the use of your data for direct marketing;
  • Right to submit a complaint. This can be done by contacting the Data Protection Officer at &niped at fg@niped.nl or the Dutch Data Protection Authority.

9. Changes

If changes take place within our company, we will also make the necessary changes to our Privacy and Cookie Policy. So make sure to check regularly to see whether a new version is available by checking date shown at the top. We will do our best to notify you of any changes.