To provide our services we process your personal data. This privacy statement informs you how we handle your personal data. HollandFit treats your personal data with the utmost care for confidential treatment of personal data in accordance with the General Data Protection Regulation (GDPR) (Algemene Verordening Gegevensbescherming (AVG) and Uitvoeringswet AVG (UAVG) in Dutch).
Use of personal data by HollandFit
We obtain the personal data from our users or their employer. Examples are website, e-mail, telephone or during the performance of a health check.
HollandFit processes the following categories of personal data:
- Personal details (e.g. name, address, e-mail address, telephone number, gender and date of birth)
- Health information (e.g. BMI, blood pressure, cholesterol measured during a health check)
- Information about lifestyle and mental health (e.g. work ability, diet, work pressure measured with an online questionnaire as part of a health check or vitality scan)
- Marketing preferences
- Interaction data
Intents and purposes
HollandFit processes this personal data for various purposes, such as:
- Offering adequate advice and to support well-being, vitality and work ability;
- Maintaining good and efficient service;
- Maintaining contact;
- Administration and planning;
- Offering customized guidance;
- Improving our services;
- Reporting and analysis to our clients;
- Benchmarking and data analysis;
- Compliance with legal obligations.
We process certain personal data to deliver our services. We also process personal data based on a legitimate interest. These legitimate interests are:
- Efficient and effective service;
- Improving services;
- Security and management of systems;
- Internal administrative purposes, including the processing of personal data of clients and/or employees;
- Realizing business economic objectives.
If personal data is processed on the basis of consent, this will be requested separately. This is always the case when processing special personal data, such as data about health.
Provision to third parties
HollandFit exchanges personal data in the context of its services. This includes services from third parties, such as the IT suppliers of our website and our systems. These third parties may only process your personal data on our instructions for the aforementioned purposes and have no control over your data. A processing agreement has been concluded with these third parties.
In conclusion your personal data may be provided to third parties when HollandFit has to comply with a legal obligation. HollandFit never provides data to commercial organisations or charities.
How long do we keep your personal data
HollandFit will not process your personal data for longer than necessary for the purposes stated in this privacy statement. HollandFit will under no circumstances store your personal data for longer than is legally permitted.
How do we secure your data
We believe it is important that your personal data is protected against unauthorized access to, or unauthorized alteration, disclosure or destruction of, your personal data. That is why HollandFit has taken appropriate technical and organizational security measures. HollandFit is ISO 27001 certified and is tested annually by an external audit party on its information security.
Cookies and data usage
We only share data about usage anonymously and on an aggregated level with the providing organization. At user level, we only provide information for the purpose of financial settlement.
You can submit a written request to HollandFit at any time to:
- Inspection, correction and deletion of data;
- Transfer of personal data;
- Restriction of processing;
- Withdrawal of given consent;
- Objection to processing.
You can request that your data be amended, supplemented, deleted or blocked. HollandFit will ensure your request is handled appropriately within 1 month after receiving your request.
Questions about this privacy statement or a request about the processing of your personal data? Please send to:
Holland Fit B.V.
+31 (0)10 280 7080
If you have a complaint about the processing of your personal data by HollandFit, please let us know. View the complaints procedure.
In case you disagree with our solutions and there is no conformity, you have the right to file a complaint with the privacy supervisor, the Dutch Data Protection Authority. You can contact the Dutch Data Protection Authority for this.
Privacy statement changes
This privacy statement was last amended on March 31, 2022.
HollandFit can adjust this privacy statement. New versions are always published on the website. We therefore recommend that you consult this statement regularly so you are kept informed of changes.
Holland Fit B.V. (hereinafter also referred to as HollandFit) hereby disclaims all liability for damage resulting from the use of this data or data to which links on this website refer. The information on this site is subject to change without notice.
HollandFit is not liable for any damage that could result from the use of data from our applications. No rights can be derived from or claimed in any way from the content of this website. Although the greatest possible care is taken in compiling the content of this website, it is possible that certain information (after a while) is outdated or not (any longer) correct.
HollandFit gives no guarantees with regard to the nature and content of the information on the site and is not liable for the content of this information or for the consequences of its use. Any liability for any damage resulting from access to and use of the site is expressly rejected by HollandFit. Also, no guarantee is given for the error-free and uninterrupted functioning of the site. References or links to other sites or sources that are not owned by HollandFit are only included for the information of the user of the site. HollandFit is not responsible for the availability of these sites or sources. HollandFit accepts no liability whatsoever with regard to the content, advertisements, products or other matters on such sites or sources or availability.
RESPONSIBLE DISCLOSURE NOTICE
We consider the security of our systems a top priority, but no matter how much effort we put into system security, vulnerabilities can still be present.
If you discover a vulnerability, we'd like to know so we can take steps to fix it as soon as possible. We would like to ask you to help us better protect our customers and our systems.
Do the following:
• E-mail the findings to email@example.com;
• Do not take advantage of the vulnerability or problem you have discovered;
• Do not tell the problem to others until it is solved;
• Do not attack physical security, social engineering, distributed denial of service, spam or third party applications; and
• Provide enough information to reproduce the issue so that we can resolve it as quickly as possible. Usually the IP address or URL of the affected system and a description of the vulnerability are sufficient, but complex vulnerabilities may require further explanation.
What we promise:
• We will respond to the report within 3 business days with our evaluation of the report and an expected resolution date;
• If you have followed the instructions above, we will not take any legal action against you in relation to the report;
• We treat your report with strict confidentiality and do not pass on your personal information to third parties without your permission;
• We will keep you informed of the progress in solving the problem;
• In the public information about the reported problem, we will list your name as the discoverer of the problem (unless you wish otherwise); and
• As a token of thanks for your help, we offer a reward for every report of a security issue that we were not aware of. The amount of the reward is determined on the basis of the seriousness of the leak and the quality of the report.
We strive to resolve all issues as quickly as possible, and we would like to take an active role in the eventual publication on the issue after it has been resolved.