Privacy Policy

We attach great importance to your privacy. We therefore ensure that data is treated confidentially and that we comply with applicable privacy legislation, including the General Data Protection Regulation(AVG). In this privacy statement, we explain what we do with the personal data we receive from you.

Who we are.

We are Schok & Pomp Medische Trainingen B.V., located at Koningin Wilhelminalaan 5, 3527 LA in Utrecht(Schok&Pomp, we). We are data controllers of the personal data we receive from you in order to perform our services to you.

Data Protection
Our principles on the data you provide:

  1. Personal data is never used for any other purpose, than that for which it was obtained.
  2. Personal data is processed only if we have a legal basis for doing so, such as if it is necessary for the performance of the contract with you, or for our legitimate interests.
  3. We take appropriate security measures to protect your personal data.
  4. We respect your rights, such as the right to access or delete your personal data.
  5. Our Privacy Statement can always be accessed through a direct link on our website.
  6. Our privacy statement is in accordance with the terms and obligations imposed on us by the AVG.

Data processing and collection

1.When you purchase training from us, through the website or otherwise, we collect your personal data that we need to create a profile on our website and conduct the training for you. We collect the following personal data for this purpose:

  • Name
  • E-mail address Salutation: Mr. or MsAdress
  • Date of birth

We process this personal data on the legal basis necessity for the performance of the agreement with you.

  1. When you purchase, through the website or otherwise, a training course from us, we collect your personal data that we need for billing purposes. We collect the following personal data for this purpose:
  • Name
  • Email address
  • Address for on invoice

We process this personal data on the legal basis necessity for the performance of the agreement with you.

  1. When you contact us, via a form on the website or by phone or email, for example to ask a question or file a complaint, we collect the personal data we need to make this contact possible. We collect the following personal data for this purpose:
  • Name
  • Email address
  • Phone number
  • Content of the question or complaint

We process this personal data on the legal basis necessity for the performance of the agreement with you (if it involves training) or necessity for our legitimate interests to improve our services.

  1. If we contact you about a change in our services or terms and conditions, we collect the personal data we need to enable this contact. We collect the following personal data for this purpose:
  • Name
  • Email address

We process this personal data on the legal basis necessity for the performance of the agreement with you (if it is a training course) or to fulfill a legal obligation.

  1. If you have signed up to receive our newsletters, we collect the personal data we need to send the newsletter. We collect the following personal data for this purpose:
  • Name
  • Email address

We process this personal data on the legal basis of consent. You may withdraw your consent at any time.

  1. To protect and improve our business and website, we process the personal data we need for this purpose. We collect the following personal data for this purpose:
  • Name
  • Email address
  • Phone number
  • Address
  • Company name
  • IP address
  • Browser data
  • Cookies

If you interact with us through Social Media, we store that via a pixel so that we can provide you with product information, offers or support through those channels.

Sharing with Third Parties
We share your personal data with the following third parties:

  • In order to issue certificates, we share your data with certifying bodies, such as Het Oranje Kruis, KennisCentrum Kraamzorg (KCKZ) or the KNMG. Only the personal data necessary to issue an officially recognized certificate are shared. No valid certificate can be issued without sharing this personal data with these certifying bodies....
  • Service providers, such as IT service providers and administration service providers.
  • Professional advisors, such as banks, law firms, auditors and insurers.
  • Other third parties, for example, if we sell our company or merge.

We require all third parties with whom we share your personal data to ensure the security of your personal data and treat your personal data in accordance with the law.

If we transfer personal data to a country outside the European Economic Area, we ensure an adequate level of protection of your personal data by ensuring that one of the following safeguards is implemented:

  • We share your personal data with a country deemed to have an adequate level of protection, by an adequacy decision of the European Commission.
  • Concluding standard clauses, codes of conduct or certification mechanisms approved by the European Commission or a supervisory authority.

Inspection and modification
You have the following rights:

  1. Requesting to see what personal data we have on you and what we do with it.
  2. The request to correct your personal data.
  3. Requesting the deletion of your personal data.
  4. Withdrawing consent to use data for which we previously received your consent.
  5. The request to object to a particular use of personal data we hold about you.
  6. The request to restrict the processing of your personal data.
  7. Requesting data portability of your personal data.

You also have the right to file a complaint with the supervisory authority. In the case of Schok&Pomp, this is the Personal Data Authority. We appreciate it if you consult with us first.

You may send your request to info@schokenpomp.nl. We may need more information from you to establish your identity before we can process your request.

We aim to respond to your request within one month. In exceptions, it may take longer than one month, in which case we will inform you.

Retention period
We consider how long the data is needed for the purpose for which it was collected. Maximum we will keep your data for 7 years from the time you are no longer a customer. If you are still a customer, we keep your data for the purpose for which it was collected. Under the AVG there is no concrete retention period for personal data.

Security measures

We have implemented appropriate technical and organizational security measures to ensure a risk-appropriate level of security for your personal data.

To this end, we have technical security measures, such as Firewalls, secure backups, access controls, strong password policies, logging and monitoring of access. But organizational security measures, such as data processing policies and processor agreements, access management and regular audits and controls, are also in place to protect personal data from unauthorized access, loss or misuse.

Questions
Please contact info@schokenpomp.nl if you have any questions. This Privacy Statement has been updated on September 1, 2024.