GDPR and security
For decades, EDM has been working with databases from renowned partners and customers. Working with and exchanging data and personal information requires constant monitoring and compliance with all current legal rules and codes of conduct regarding privacy and security. Privacy and security have been important concerns of EDM for years.
EDM works strictly in compliance with Dutch and European legislation and, with regard to the protection and processing of personal data, complies with the General Data Protection Regulation. The processing of personal data has always been registered with the Dutch Data Protection Authority under number 1285521. In addition, EDM holds the DDMA Privacy Guarantee certification and has been awarded the 'Gold' security label in the field of security.
Information is only made available to customers who are active in the Netherlands and who must comply with the Dutch and European legislation. In this way, EDM guarantees that personal data is always protected by the Dutch and European rules and regulations. Of course, the rights of consumers in the organisation of EDM are also guaranteed. A request for access to the origin of (personal) data or a request for removal will always be honoured by EDM. EDM has appointed a Privacy Officer to handle these requests and privacy questions. The EDM Privacy Officer can be contacted by e-mail at: firstname.lastname@example.org.
Data Protection Officer
In addition to the Privacy Officer, EDM has also appointed a Data Protection Officer (DPO). The EDM DPO monitors the compliance with the General Data Protection Regulation, data protection provisions and the policy that EDM has drawn up with regard to the protection of personal data. In this context, the following can be declared:
EDM declares that it will guarantee the privacy of those involved, in accordance with its core privacy values:
- Relevant communication;
- Always a Privacy Impact Assessment (PIA);
- Filters are always followed;
- Special personal data is not processed;
- Security and procedures are in order;
- Rights of the consumer are well secured in procedures and actions.
EDM declares that it will guarantee the privacy of those involved, including by means of compliance with the following:
- EDM has taken technical and organisational security measures, an information security policy has been applied and internal authorisations have been granted;
- EDM is ISO 27001-certified and is subject to regular audits;
- EDM processes personal data only based on a signed processor agreement;
- A Privacy Impact Assessment (PIA) is always performed at several points in the processing process;
- EDM does not exceed its role as the “processor”; personal data is not used for other purposes;
- EDM has appointed a Privacy Officer and Data Protection Officer.
Security (ISO 27001)
EDM is ISO 27001-certified by Bureau Veritas and operates an up-to-date information security policy in accordance with the ISO 27001 security standard. EDM’s security measures include:
- Access control and authorisation of employees;
- All employees must make a code of conduct declaration and are obliged to maintain confidentiality;
- Own secure server centre in the Netherlands;
- Use of processor agreements;
- In-house Privacy Officer for questions from consumers and structural consultation with and advice from the in-house Data Protection Officer;
- Use of a secure environment for secure exchange of files.
In the context of privacy and security, EDM does not send or receive any data by e-mail. EDM also always uses a secure online transfer environment.
The EDM employees designated for this purpose can create an account for you immediately, after which a username and password are provided to you via various channels. Thank you in advance for your co-operation in maintaining the privacy of your and our data.
For consumers: right of viewing, correction and objection
Day in, day out, data ensures that organisations can adapt themselves to you better. That’s why it’s important for you to know how this happens and how you can view or correct your data or unsubscribe yourself.
EDM has put all the information that’s important to you on its website Evenoverdata.nl. On this website, we inform you about the services we provide to our customers and the purposes for which your personal data is used. You can also use your right to view, correct and object to the use of your data.
The general terms and conditions of EDM apply to the general business operations.