Good Grief (the 'Company') takes the privacy of your personal information seriously.
Any personal data we collect will be used for the following purposes:
· To support us in servicing you as a client, including being able to invoice appropriately, and account for such.
Our legal basis for processing for the personal data:
· We need the information in order for us to be able to provide our services to you.
The special categories of personal data concerned are:
· Data related to business affairs, customer lists, financial information, personal information, and other private information.
The legitimate interests pursued by us, or third parties we use, for utilising the personal data and/or special categories of personal data are as follows:
· To provide the services of the Company, including coaching and consultancy work.
Privacy by default
The Company attempts to utilize the concept of 'privacy by default'. As a result, we will only ask such information as we require in order to assess whether to offer providing our services and to provide our services, including billing and receiving payment for such services, and retain your data for as long as required by law, regulation, or in order to otherwise meet the obligations of the Company to the relations laid out below under 'Disclosure'. Subsequent to the expiration of such term, we will destroy, or anonymize your personal data.
The Company is required to keep a register of all the processing operations on personal data carried out by the Company. The register, which must contain information explaining the purpose and conditions of all processing operations, is accessible by the relevant authority upon request.
The notifications kept in the register provide at least the following information:
· Name and address of the Company
· Purposes of the processing
· Description of the categories of data subjects and of the data relating to them
· Legal basis of the processing operation for which the data are intended
· Recipients to whom the data might be disclosed
· General indication of the time limits for erasure or anonymization of the different categories of data
· Proposed transfers of data to third countries or international organisations
· General description allowing a preliminary assessment to be made of the appropriateness of the measures taken to ensure security of processing.
Protection of personal data
The Company attempts to safeguard your data. It does so using a combination of technical and organisational measures. These can include the following:
· Logical and fiscal access limits
· Limiting authorized access to a 'need-to-know' basis, and registering such
· Implementation of patches from time to time
· Keeping software, such as browsers, virus scanners and operating systems up to date
· Regular information back-ups
· Removal or anonymization of obsolete personal data
· Designation of those responsible for information security
· Periodic review of the access register
· Having appropriate non-disclosure agreements in place
· Periodic review of ability to achieve the same outcomes with less personal data.
By consenting to this privacy notice you are giving us permission to process your personal data - including special categories of personal data - specifically for the purposes identified, including disclosure as per the below under 'Disclosure'. The Company may receive or retrieve personal information about you from public sources or from sources mentioned under 'Disclosure' below. Consent is required for the Company to process both types of personal data, but it must be explicitly given.
You have the right to review, amend, request the destroying of, and receive all registered data, and you may withdraw your consent to process your data at any time by emailing us at the address mentioned on the Company’s website. Upon a request for the amendment or the destroying of personal data, or the withdrawal of consent, the Company may cease its services. However, it will retain and disclose the personal data as laid out under 'Privacy by default'.
Please note that if you have a complaint related to the privacy of personal data matters, you may lodge a complaint with the relevant authority (in the Netherlands, the Autoriteit Persoonsgegevens).
The Company does not utilize automated decision-making based on your personal data.
The Company will not pass on your personal data to third parties without first obtaining your consent. The following third parties will receive your personal data for the following purpose(s) as part of processing activities, and by consenting to this privacy notice you are giving us permission to do so: the Company accountant (in order to establish, determine, or advise on the books, records and accounts of the Company, and coordinate with the relevant authorities thereon), the Company tax advisor (in order to determine fiscal requirements, advise thereon, determinate fiscal accounts and fiscal profits, and coordinate with the relevant tax authorities thereon), the relevant regulatory and legal authorities to the extent required under law, regulation, or order, the Company's Business Partners (as defined below, to the extent required in order for the Company to deliver services to the Business Partners and/or their clients and relationships as laid out in the agreements with such parties), and with other editing services professionals (anonymized for training or consultation purposes).
From time to time third country (non-EU) relations may be entered into by the Company, whereupon the organisation name and geographic location, as well as safeguards in place to protect your personal data will be made known, as how to retrieve a copy of the safeguards in place.
There are no business partners.
In case of any questions related to the above mentioned, please contact Good Grief using the email address on the Company’s website.