We at CGE Risk Management Solutions BV (also: “CGE”) value your privacy and we take care to protect your personal data in accordance with applicable privacy laws.
Here are some important things we do to protect your privacy and personal data. For example, we:
- clearly state our identity and how you can contact us, in our contact details below;
- clearly state which kinds of parties may need to receive your data from us and why;
- strive to limit the collection of personal data to those needed for legitimate purposes only;
- first request your express consent to the processing of your personal data in cases where your consent is required, giving you the right to withdraw your consent at any time;
- implement appropriate security measures to protect your personal data, and demand the same of parties processing personal data on our instructions;
- respect your right to request inspection of your personal data and have them corrected or deleted, or to restrict our processing of it.
OUR PURPOSES AND LEGAL BASIS FOR PROCESSING PERSONAL DATA
Your personal data is any information which says something about you, as an identified or identifiable human being. By interacting with us, you may cause us to process some of your personal data. Which of your personal data we may process and why, depends on how you choose to interact with us and the context in which you provide information to us.
In general, we process personal data for the following purposes:
- to give you access to the website cgerisk.com and bowtiexp.com;
- to enable you to request (information about or a demo or trial of) our software products, and to register yourself for events;
- to analyse statistics and optimise the website;
- to market and advertise our products and services, including by using online advertising networks and their cookies or similar technologies that are implemented on our website and other websites around the web, in order to make ads and other content you see on our website and other websites more relevant to and to you report on and measure the effect of our marketing efforts;
- to keep you up to date about our commercial developments and offers via our newsletter, if you have subscribed or have already purchased similar products or services;
- to handle your questions and requests, for example via a contact form or via e-mail.
The following section provides some key examples of how you may interact with us and which personal data may be processed by us as a result and why.
Visiting our website
By visiting our website, you may automatically provide us with some technical information transferred by your web browser. This automatic transfer (contrary to a form you consciously fill out) typically includes the following categories of data:
- public IP address of your device (and country of IP address);
- requested page and time;
- ‘user agent’ information, which typically includes information such as your operating system and browser type, version and language;
- Referrer-URL (the address of the website you visited previously, if you clicked on a hyperlink to arrive on our website)
The first three categories of data are necessary to enable you to access the website (such as your IP-address), or to correctly load its content (such as ‘user agent’ information). The country information is processed to help us send newsletters (if you have subscribed) on the right time, based on your country’s time zone. This processing is based on your consent, and our legitimate interest to enable you to properly access and use our website and its features. We may also process such data for our legitimate interest to secure our website or our product and services, to find and fix bugs, and to make other improvements. The referrer-URL is used in anonymous form, for usage analytics and advertising statistics.
Requesting a trial, demo or our full software products and services
In order to request trial version or an online demo of our software, you need to provide us with some information, such as your name, company name, business email, and phone number. When you provide this information to us, we will use it to provide what you requested. In this case, the legal basis for our processing of your personal data is your consent and the performance of a contract with you, or to take steps at your request prior to entering into a contract. When you (on behalf of your organisation) proceed to request, purchase and/or use the right to use any of our products and/or services, further information may be requested from you (such as bank account and other information for invoicing and payment) and processed accordingly, based on the same legal grounds. In addition, invoices are stored to comply with legal (tax) obligations.
Subscribing to our monthly newsletter
If you have given consent, we may contact you by e-mail for commercial purposes with information and offers, which may be personalised to you. Each communication by e-mail includes an option to unsubscribe.
Other questions or communications
If you use e-mail, phone or our contact form to ask us a question or provide feedback, we use the information provided by you to follow up on this. The legal grounds for processing your personal data in this case, are your consent and our legitimate interest to respond to your question or feedback.
In accordance with the principle of data minimisation and storage limitation, we try to ensure that we don’t process more personal data than we need, and that we don’t store it for longer than we need it.
We store invoices for 7 years, or whichever period may be prescribed under applicable tax law. If you have provided us your contact data because you are interested in our products or services, we will keep this information for that purpose, until you ask us to remove your data.
CONFIDENTIALITY & PROVISION TO THIRD PARTIES
We will not provide your data to third parties for direct marketing purposes by such parties. Nor will we provide your personal to third parties, unless this is necessary for performing the agreement you have concluded with us or is required by law. If we need to engage any external party to process your personal data (for example a professional hosting provider that keeps our products and services available via the Internet), we conclude a data processing agreement with that party in order to protect your personal data.
We may provide your contact details to a partner that either:
- provides the service your request pertains to. You recognize that by requesting such service, you explicitly authorize the transfer; or
- has been provided with your explicit consent for transfer.
Cookies are small information files that can be automatically stored on or read from the device (such as a PC, tablet or smartphone) of the website visitor, while visiting a website. This is done through the web browser on the device. The information that can be transmitted by a cookie, over the use of our website, can be transferred to the own secured servers of CGE.com or to the servers of a third party.
- to enable the functionality of our website (technical and functional cookies);
- to generate overall statistics and gain insight into the use of our website by the public in order to optimise our website and services (analytics cookies);
- to make the internet offer more interesting for you by displaying advertisements that fit your interests and to personalise the ads and content on our website and in our newsletters based on your interests and click and surf behaviour (targeting/advertisement cookies);
- to offer you the possibility to share information on our webpages via the different Social Media channels (Social Media cookies).
For the above purposes, we use the following cookies. Some of the relevant parties who provide these cookies are located in the United States of America (USA). If the relevant party is not Privacy Shield certified, EU Model Contract Clauses will be concluded with the relevant party. These additional safeguards help to protect your personal data even when it is processed outside of the EU, as required under EU privacy laws and regulations.
|Name cookie||Purpose of cookie||Country||Privacy Shield?||EU Model Contract Clauses|
|LinkedIn Marketing Solutions||Advertising||USA||Yes||No|
|Google Adwords Conversion||Advertising||USA||Yes||Yes|
|Facebook Custom Audience||Advertising||USA||Yes||No|
|Google Tag Manager||Functionality||USA||Yes||Yes|
DISABLING OF COOKIES
You can prevent the placement of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling some functionality and certain features of this website. Therefore, it is recommended not to disable cookies.
REMOVAL OF COOKIES
Most cookies have an expiration date. This means, that they will automatically expire after a certain period and no longer register any data concerning your visit of the website. Another option is to remove the cookies manually before the expiration date. In order to do this, consult the instruction manual of your browser.
We take appropriate security measures to limit and prevent misuse of and unauthorised access to your personal data. More specifically, we take the following measures:
- securing network connections using Secure Socket Layer (SSL) technology;
- purpose-related access restrictions;
- monitoring granted powers.
This policy does not apply to third-party websites that are linked to our website. We cannot guarantee that such third parties handle your personal data carefully and securely. We recommend that you read the privacy policies of their websites before you make use of the websites.
We reserve the right to change this policy. Changes will be published on our website and previous versions will continue to be available. We recommend that you check this policy regularly so that you are informed of any changes.
YOUR RIGHTS REGARDING YOUR DATA
If you have provided personal data to us, you can send us a request to access, correct, or erase your data. You may also request us to keep your data but restrict it from being processed in a certain way or for a certain purpose.
To prevent abuse, we may ask you to provide proper proof of your identity. If you want to inspect personal data linked to a cookie, you should include a copy of the relevant cookie with your request, which you can find in your browser settings.
YOUR RIGHT TO REVOKE YOUR CONSENT
You have the right to revoke your consent for our processing of your personal data at any time. To make use of this right, you only need to inform us. You should understand, however, that we may not be able to provide our products or services to you and your organisation, and keep you adequately informed about these, without processing some of your personal data. If your consent is not the only legal basis for processing your personal information, we may continue our processing if this is necessary and justified on another legal basis.
NATIONAL SUPERVISORY AUTHORITY
If you have any complaints about our processing of your personal data, we will do our utmost to help you quickly and effectively. In accordance with EU privacy laws and regulations, you have the right to lodge a complaint with the national supervisory authority responsible for the protection of personal data against our processing of your personal data. For the Netherlands, this is the Autoriteit Persoonsgegevens, which you can contact here.
Website: www.cgerisk.com / www.bowtiexp.com
Address: Vlietweg 17v, NL-2266 KA, Leidschendam, The Netherlands
Telephone: +31 (0) 88 100 1350
KvK-number: 27379386 (Dutch Chamber of Commerce number)
DPO contact details