Privacy Statement

G-kracht (hereinafter " G-kracht") attaches great importance to the privacy of everyone with whom we have a relationship. These are, of course, our own colleagues, but also everyone who works for our clients, suppliers, subcontractors, residents/companies that we inform about our work, course participants and freelancers (hereinafter: "data subject").

G-kracht creates, receives and shares personal data of data subjects. In this privacy statement, we explain how we handle personal data and how this fits within the General Data Protection Regulation (hereinafter: "AVG").

Processing personal data

Processing includes everything that can be done with personal data. For example, collecting, storing, retrieving, using, linking and deleting data from G-kracht's records. Personal data is any data that directly or indirectly says something about a natural person. Think of a name or an address. A list of first names is not personal data because it is not traceable to a natural person.

Who is responsible for processing data?

G-kracht Group consists of G-kracht Groep b.v. and its affiliated group companies. AVG compliance within G-kracht is the responsibility of the group management. For questions about the AVG and how G-kracht does this, please contact G-kracht

From whom are personal data processed?

G-kracht processes personal data of those with whom G-kracht has a relationship. This includes, for example, data of:

  1. Colleagues - these include former employees and applicants in addition to current employees.
  2. Contractors - these are professionals that G-kracht hires such as self-employed workers or those employed by a subcontractor hired by G-kracht .
  3. Third parties - these include residents at whose homes G-kracht performs work or who are affected by G-kracht's work.
  4. Students - those who are not employed by G-kracht and are taking a course with G-kracht (on behalf of their employer).
  5. From partnerships - personal data that arise because G-kracht collaborates with other companies. Think of suppliers, clients or combiners. This data is used in the context of collaborations, contracts or financial transactions.

What data are processed?

Data provided to G-kracht itself. Examples include colleagues, residents who subscribe to a newsletter or relations of G-kracht who wish to be kept informed of current developments.

Data provided by other companies. For example, data needed for access control to the construction site, students who are going to take a training course, project employees with whom G-kracht employees will be working together, and clients' customers for whom G-kracht performs the work on behalf of a client.

No fixed retention periods apply to the retention of personal data. What matters is determining the purpose for which G-kracht needs this data and determining the retention period accordingly. G-kracht thinks from the perspective of the person concerned. G-kracht does not keep data because it is 'convenient'. Data from job applicants who do not ultimately end up working for G-kracht is kept G-kracht a much shorter period than personal data that is necessary for asbestos removal work. All personal data is deleted when it is no longer needed.

Why does G-kracht process personal data?

Because the data subject has given their own consent to do so. When a resident signs up for a newsletter, they are also asked for permission to process personal data (mail address) to enable the newsletter to be sent.

Because G-kracht executes a contract. To comply with the employment contract, G-kracht must use personal data, for example, to pay salary.

Because G-kracht has a legal obligation to collect this data. This may concern the payment of social contributions and premiums. Control of the Wet Keten Aansprakelijkheid (WKA) and the Wet Arbeid Vreemdelingen (WAV) is also a legal obligation for which G-kracht processes personal data.

Because G-kracht has a legitimate interest. For example, keeping track of training and certificates is important for G-kracht, because it can be used to demonstrate compliance with safety requirements on projects. G-kracht also shares data of project staff with, for example, clients in order to be able to carry out projects. G-kracht only shares data that is necessary.

What type of personal data does G-kracht process?

G-kracht processes ordinary personal data (name, address) that fit within a "basis" (consent, contract, legal obligation or legitimate interest).

G-kracht does not process special personal data. For example, data about health is not processed by G-kracht ; the company doctor does this in a system to which G-kracht does not have access. The company doctor also does not share this data with G-kracht.

To whom does G-kracht provide personal data?

G-kracht provides personal data to service providers that G-kracht engages in its business operations. These include leasing companies, companies that provide work clothing, clients/suppliers/subcontractors that require a contact person within G-kracht , and internet and telephone providers.

These companies may only use the personal data for the purpose for which it was made available and may not retain it after the purpose for which it was given has been achieved. G-kracht may only share this data with these companies if this fits within the purpose for which G-kracht obtained it. If necessary, G-kracht will enter into a processing agreement with the company instructing what may and may not be done with the data and how the personal data must be secured.

What are my rights?

  • Right of access: the data subject may know what data about the data subject is being processed.
  • Right to amend and supplement: if something is incorrect, the data subject may have it amended or supplemented.
  • Right to limitation: the data subject may ask G-kracht to process less data.
  • Right in automated decision making: the data subject has the right to human review of decisions made by normal system.
  • Right to object: the data subject may object to data processing.
  • Right to data portability: under certain conditions, the data subject may ask G-kracht to transfer his/her data to himself/herself or to another company.
  • Right to oblivion: the data subject may ask G-kracht to delete their personal data.


Please note that the above rights cannot always be exercised. For example, we cannot be asked to delete personal data that the government asks us to record. Also, retention periods of different data may differ; for example, G-kracht must retain a copy of ID proof longer than absence data of former employees. What rights the data subject has varies depending on the purpose of processing.

AVG within G-kracht

G-kracht has established a register of 23 processing points (processes) within which the processing of personal data is recorded and described. G-kracht is also ISO-27001 certified, a certificate that tests our information security. Based on the register, where necessary, the protection of personal data is regulated.

Reporting data breach

A data breach means access to or destruction, modification or release of personal data without the organization's intent. A data breach can be reported to Van Gelde's security officer at avg@vangelder.com.

Complaint or question

For questions or complaints regarding G-kracht 's processing of personal data, please contact avg@vangelder.com.

Changes in document

This privacy statement may change from time to time. For example, G-kracht will adjust the statement if the AVG changes or if G-kracht modifies certain procedures. If these changes affect (groups of) people, G-kracht will inform those involved.

The current version of the privacy statement can always be found on this website(https://gkracht.nl/).

Edwin

Questions? Email Edwin

Innovative quay renewal in historic downtowns

Contact

Visiting address:
Amstel 208c
Amsterdam

Postal address:
Scheepvaartweg 1
3356 LL Papendrecht

Phone:
+31 (0) 633043338

E-mail:
info@gkracht.nl

Innovative quay renewal in historic downtowns