1. DUTCH GAMES ASSOCIATION
Vereniging Dutch Games Association (‘DGA’) is a Dutch company. We are active in the European Economic Area (EEA) and we keep our data on servers in the EEA, unless stated otherwise.
We process your personal data when you use our services, applications, websites and software. We call this the “Service”. In this privacy statement we summarize when and how we collect, use and secure your personal data with regard to our Service.
2. GENERAL
We may change provisions of this privacy statement from time to time. If we do that, we will inform you of the changes. However, we also advise you to check for yourself from time to time whether the privacy statement has been changed.
3. WHICH PERSONAL DATA DO WE COLLECT?
There are a number of ways in which we can collect your personal data. In this section we explain which personal data we may collect from you. The personal data is sorted according to the different processing goals. The data retention period also differs depending on the processing goal. This period will also be mentioned below. Note that should there be any legal changes to the possible data retention periods, these legal changes will take precedent over the periods mentioned in this privacy statement.
PERSONAL DATA COLLECTED DIRECTLY BY US OR PROVIDED DIRECTLY TO US BY YOU
3.1 Processing on the basis of a legal obligation
Administrative obligations: we retain this personal data for a maximum of 7 years:
- your name
- your address
- your purchases and purchase orders (if applicable)
- your tax identification number (btw)
If you wish to use our Service, you must provide this personal information to us. The reason for this is that this data need is needed to comply with our legal and fiscal obligations.
3.2 Processing necessary for the performance of a contract between you and us, or you and third parties on the platform (delivering the Service)
1. DGA membership and partnership: we will retain this data for as long as the agreement lasts, and for up to 2 years after the agreement has ended.
- company name and company details (company information, location, contact details)
- contact name, position and contact details
- your invoice details, purchases and purchase orders (if applicable)
- private and/or business e-mail address (for contacting you in regard to the Service)
- your private and/or business telephone number
- other personal information that you provide to use with regard to our Service
- other personal information you provide when contacting us
- voting qualification
If you wish to use our Service, you must provide this personal information to us, otherwise we will not be able to provide our Service.
2. Visitors of DGA events or visitors to events where DGA performs operational and administrative tasks: we will retain this data for as long as the agreement lasts, and for up to 2 years after the agreement has ended.
- if you visit on behalf of a company: company name and company details (company information, location, contact details)
- name, function, address details and visitor’s contact details
- in case of a paid event, the Invoice data
- the visited event
- DGA membership status
- other personal information you provide when contacting us
If you wish to use our Service, you must provide this personal information to us, otherwise we will not be able to provide our Service, personal data can be shared with the organizer of the event.
3. Users of the DGA job board as an organization: we will retain this data for as long as the agreement lasts, and for up to 2 years after the agreement has ended.
- company name and company details (company information, location, contact details)
- contact name, position and contact details
- invoice data
- vacancy data
- available job listings
- credentials
If you wish to use our Service, you must provide this personal information to us, otherwise we will not be able to provide our Service.
4. Event-speakers provided by DGA: we will retain this data for as long as the agreement lasts, and for up to 2 years after the agreement has ended.
- company name and company details (company information, location, contact details)
- contact name, position and contact details
- name, function and contact information speaker
- invoice data
If you wish to use our Service, you must provide this personal information to us, otherwise we will not be able to provide our Service.
5. Operational and administrative services provided by DGA: we will retain this data for as long as the agreement lasts, and for up to 2 years after the agreement has ended.
- company name and company details (company information, location, contact details)
- contact name, position and contact details
- invoice data
- visitor data (if you buy tickets through DGA)
- DGA membership status
- other personal information you provide when contacting us
If you wish to use our Service, you must provide this personal information to us, otherwise we will not be able to provide our Service.
3.3 Processing necessary for defending our legitimate interests
1. Improving our services: we retain this personal data up to 2 years after we collected the personal information.
- your name
- a number to identify you on our services (user or session ID)
- IP-address
- visitor behaviour on our website
- studies to improve the membership (name, company, membership and answers to questions)
2. Keeping the Service safe: we retain this personal data up to 6 months after we collected the personal information.
- your IP-address
- a number to identify your device on our services ( device -ID)
- a number to identify you on our services ( user or session ID)
- the operating system you are using
- the time, date and place of login
- credentials (if applicable)
3. The contact form on our website(s)
- company name and company details (company information, location, contact details)
- the information you enter in the fields intended for this
4. Applicants
- your name and contact details
- LinkedIn profile
- letter of application
- other personal data that you provide to us in the context of the application
5. Marketing and promotion (if you are a member or partner of DGA)
- company name and company details (company information, location, contact details)
- contact name, position and contact details
- your (business) e-mail address
- DGA membership status
We process this personal data on the basis of a weighing of interests. If you do not want to provide the data mentioned in 3.3.1. or 3.3.2 please let us know your reasons for objecting. We will take your reasoning into account and weigh it against our interests. If we come to the conclusion that you will need to provide your personal data, you cannot use our Service if you refuse to provide the personal data. More information about your rights can be found below under the heading ‘Your rights’.
You can unregister (‘opt out’) from our mailing list for the processing mentioned under 3.3.3. by following the cancellation instructions that are included with each marketing e-mail. If you opt out, this will not affect our ability to send you important e-mails about the Service and your account. In addition, it does not affect our ability to use your personal data as described in this privacy statement.
3.4 Processing with your consent
1. To inform you (at your request) about the Service we have rendered to you or other services offered by us: we will retain this personal data until you indicate that you no longer wish to receive marketing information.
- your name
- the organization at which you are employed
- your e-mail address
2. To inform you at your request and to answer your questions: we retain this personal data for up to 2 months after your request or question has been processed.
- your name
- the organization at which you are employed
- your email address
- other personal data that you enter when contacting DGA
3. Recipients of our newsletters
- your name
- the organization at which you are employed
- your email address
- interests
4. Pictures and recordings at events
- your name
- the photo(s) and/or recording(s)
You are not obliged to provide this personal information to us. If you do not provide this personal information to us, this will not have any negative consequences for your use of the Service and you can continue to use the Service. We will only process this personal data if you have given permission for this and the data will only be processed once you have actually given your consent or have provided the personal data yourself.
4. SHARING PERSONAL DATA
We only share your personal data in the way, and with the parties, mentioned in this privacy statement.
4.1 SHARING WITH PROCESSORS FOR WHICH YOUR CONSENT IS NOT NECESSARY
We use other parties to help with the provision of the Service. It is possible that these third parties process your personal data. These third parties are referred to as “Processor” in this privacy statement. We conclude processing agreements with these processors.
We use the following types of processors:
- companies that provide storage of (personal) data and database management and maintenance;
- research firms and providers of analytical software to improve our services (e.g. privacy-friendly Google Analytics that does not share personal data with Google);
- hosting provider(s);
- providers of customer management software;
- providers of video software and storage.
In some cases, the Processor may collect your personal data on our behalf. We contractually agree with the Processors that they may only use personal data that they obtain from us to enable the provision of the Service. Processors may not use this information for advertisement purposes.
If you provide additional information to these processors yourself, we are not responsible for this. It is wise to inform yourself properly about the Processor and his company before you provide your personal data.
4.2 SHARING DATA WITH YOUR CONSENT
We may also share personal data with others if you give us permission to do so. For example we can cooperate with other parties to offer you specific services or offers. If you register for these services or marketing offers, we may provide your name or contact details if they are necessary to provide that service or contact you. Before we do this, you will always be expressly asked for your consent.
4.3 OUR LEGAL RESPONSIBILITY
We may also share personal data with third parties if this is:
- reasonably necessary or appropriate to comply with our legal obligations;
- necessary to comply with legal requests from authorities;
- is required to respond to any legal claims;
- necessary to protect the rights, property or safety of us, our users, our employees or the public;
- is required to protect ourselves or our users against fraudulent, abusive, inappropriate or unlawful use of the Service.
We will immediately notify you if a government agency makes a request that relates to your personal data, unless we are not allowed to do so on the grounds of the law.
4.4 MERGER OR SALE (PART) OF THE COMPANY
It may happen that we disclose, share or transfer your personal data when we transfer part of our business. Examples include (negotiations about) a merger, sale of parts of the company or obtaining loans. We will of course try to limit the impact for you as far as possible by transferring personal data only when necessary.
5. PROTECTION OF PERSONAL DATA
Protecting your personal data is of the utmost importance for us. We have therefore taken appropriate technical and organizational security measures in order to protect your personal data. These measures include, but are not limited to:
- Physical and electronic measures designed to prevent unauthorized access, loss or misuse of personal data as far as possible.
- We use TLS (Transport Layer Security) technology to encrypt sensitive information or personal data, such as account passwords and other identifiable information about payments.
- SSL connection.
- Where reasonably possible, backups of personal data will be made.
- Sensitive information is only stored encrypted if possible.
- Vulnerabilities in the software are dealt with as quickly as reasonably possible.
We would like to point out that absolute security for sending personal data via the internet or storing personal data cannot always be guaranteed. We advise you to take this into account when deciding whether or not to give consent for processing your personal data.
6. LINKS TO THIRD PARTY SITES
Our platform may contain links to other websites and services. In addition, our platform can also provide advertisements from third parties. Third party websites and services can collect and retain information about you. If you provide your personal data to third parties, then we are not involved. We have no control over this sites or the activities of the third parties. In that case, the privacy policy of the third party applies. We are not responsible for the content of the privacy policy of these parties and the way in which these parties deal with personal data. We encourage you to review their privacy and security practices and policies before you provide personal information to them.
7. COOKIES
We will make use of cookies when you visit our website. Cookies are small pieces of software that are installed on your device. Cookies can have several functions, below we will describe which cookies we use and for what purpose.
- Functional cookies: these are cookies that are necessary for using the website. We don’t need your permission for these cookies.
- Analytical cookies: these cookies are used for analytical purposes, such as tracking the number of visitors to our website, the links they click on and so on. We don’t need your permission for using these cookies, but we will provide you with the ability to opt-out.
- Tracking cookies: these cookies are used to track your ‘behaviour’ on our website. By using these cookies we can make a digital profile of you and the way you use our website. We can also link that to the Services we provide to you. These cookies make use of your personal data and we need your explicit consent for using the cookies. You are free to refuse to let us install the cookies on your device.
8. YOUR RIGHTS
You can check, update, change, correct or delete the personal data collected by us and you can request us to limit the processing of your personal data.
You can ask us to transfer the personal information we process about you to another entity. If you wish to do so, we request you to indicate which information you wish to see transferred. We will comply with such a request when it concerns information processed on the basis of article 3.2 or 3.4 of this privacy statement, unless this information also contains personal data about other persons or another reason prevents this.
When you wish to make use of the aforementioned rights, please contact us. Our contact details can be found in article 8 of this privacy statement.
We will review your request to see if the legal requirements have been met and to check if your request does not violate our legitimate interests. For example, we have a legitimate interest if we need the personal data to be able to provide our Service to others, to resolve disputes, to maintain the applicable terms of use, for technical and / or legal requirements and / or if required by the Service or law.
To access your own personal data, you must provide sufficient proof of your identity in the manner that we ask of you. If we are not sure whether you are the person whose personal data it involves, we may refuse your access to the personal data.
We will respond within 4 weeks to all your requests as described in this article. For complex applications, we can extend the period for a further four weeks. If we extend the term, we will notify you within 4 weeks of the submission of the request.
You have the right to file a complaint with the competent privacy authority about how we handle your personal data . For the Netherlands this authority is the Dutch Data Protection Authority, which you can reach at https://autoriteitpersoonsgegevens.nl.
9. CONTACT
If you have questions, concerns or comments about this privacy statement or our data processing, please contact us via e-mail through privacy@dutchgamesassociation.nl.