Privacy
Privacy Policy Archipel Academy B.V.
In this statement, we would like to explain to you what we at Archipel Academy B.V. do with your personal data: where and how we obtain them, why and how we use them, how long we keep them and how we keep them secure.
At Archipel Academy B.V. we receive personal data from our customers and from our visitors and interested parties. We consider it our duty to handle this with care. Applicable to all of our platforms and data collected, we process personal data in accordance with applicable laws and regulations (the General Data Protection Regulation (GDPR) in particular), contracts with clients and suppliers, agreements with employees and policies within Archipel Academy and its companies.
If you have any questions after reading this statement, please do not hesitate to contact us at +31(0)418 688 674 or privacy@archipel.academy.
This policy is applicable to Archipel Academy B.V. and her subsidiaries:
- EPG B.V. (Class Platform)
- PJA Online B.V. (Edubookers / DeLeerRekening Platforms)
- Springest B.V. (Springest Platform)
Your rights
In accordance with the General Data Protection Regulation (GDPR), you have several rights concerning your personal data that we collect and process. These rights include:
Right to be Informed (Art. 12)
You have the right to be provided with clear, transparent, and easily understandable information about how we use your personal data and your rights. This is why we’re providing you with the information in this privacy policy.
Right of Access (Art. 15)
You have the right to obtain access to your personal data (if we’re processing it) and certain other information (similar to that provided in this privacy policy). This is so you’re aware and can check that we’re using your information in accordance with data protection law.
Right to Rectification (Art. 16)
You are entitled to have your data corrected if it is inaccurate or incomplete.
Right to Erasure (Art. 17), also known as the ‘Right to be Forgotten’
In certain cases, you have the right to have your personal data deleted or removed without the need for a specific reason as to why you wish to discontinue.
Right to Restrict Processing (Art. 18)
You have rights to ‘block’ or suppress further use of your data. When processing is restricted, we can still store your data, but may not use it further.
Right to Data Portability (Art. 20)
You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
Right to Object (Art. 21)
You have the right to object to certain types of processing, including processing for direct marketing (which we can only do with your consent).
Rights in relation to automated decision-making and profiling (Art. 22)
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
To exercise any of these rights, please contact us at +31(0)418 688 674 or send a mail to privacy@archipel.academy.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Complaints
As an organisation based in The Netherlands, our independent privacy regulator is the Dutch DPA called Autoriteit Persoonsgegevens. If you have any complaints, we would like to refer you to their website: https://www.autoriteitpersoonsgegevens.nl/een-tip-of-klacht-indienen-bij-de-ap
What data do we collect?
Develop Yourself
We obtain your personal data through our Develop Yourself Portal (LMS). This is a cloud solution for searching and booking learning and development activities (trainings, coaching, e-learnings, certifications etc.),planning, and purchasing these activities. The Develop Yourself Portal is fully owned by Archipel Academy B.V. and is managed and developed in-house.
In this portal we, depending on the configuration which may differ per customer, register the following personal data:
Collected Data
- Personal Details:
- Full name;
- Address details;
- Phone number(s);
- Email address;
- Date and place of birth;
- Gender;
- Employment information;
- Work contact details (email address, phone number(s), address)
- Employee number
- Department
- Branch
- Business unit
- Cost Centre
- Job Title
- Date of entering/leaving employment
- Employment type
- Manager name
- Training history;
- Registrations
- Completed learning objects
- Achieved scores
- Required and obtained certifications and (copies of) certificates;
- Test and scan results (e.g. competence or personality scans);
- User Generated Content;
- Preliminary questions
- Evaluations, reviews and ratings
- Areas of interest
The personal data is collected when your employer provides us with your details to create your user account for Develop Yourself, when you register and complete a training via the platform, and when you complete a scan, e-learning and/or certification.
Personal data is kept no longer than necessary for the purpose for which it is used. Your personal data is being retained throughout the contract period with our customer, your employer, following the agreed upon data deletion requirements. At the end of the retention period, all personal data will be returned to your employer.
Class
We obtain your personal data through our Class LMS. Class is a digital learning platform that lets you easily create, promote and manage learning experiences for employees. The Class LMS is fully owned by Archipel Academy B.V. and is managed and developed in-house.
In this portal we, depending on the configuration which may differ per client, register the following personal data:
Collected Data
- Personal details
- Full name;
- Address details;
- Phone number(s);
- Email address;
- Date and place of birth;
- Gender;
- Employment information;
- BIG registration number
- Cost centre
- Date of employment / departure
- Employee contact details
- Employee number
- Job title
- Manager name
- Name of organisational unit
- Organisation of employment address details
- Organisation of employment contact
- Organisation of employment name
- RIN number
- SAP number
- Team name
- Term of employment
- Workplace location
- Financial information of organisation;
- Payment manager
- Necessary invoice information
- Personal budget
- Required and obtained certifications and (copies of) certificates;
- Training history;
- Registrations
- Applications
- User Generated Content;
- Newsletter subscription
- Areas of interest
The data is collected when you use our services and/or when you or your employer provide it to us. This is for example when you register an account on the Class platform, register for a training on the platform, when you follow a booked course, and when your employer has an HR system integration.
Personal data is kept no longer than necessary for the purpose for which it is used. Your personal data is being retained throughout the contract period with our customer, your employer, following the agreed upon data deletion requirements. At the end of the retention period, all personal data will be returned to your employer.
Edubookers
We obtain your personal data through our Edubookers Portal. This is a cloud solution for searching and booking learning and development activities (trainings, coaching, etc.) and planning and purchasing these activities. The Edubookers Portal is fully owned by Archipel Academy B.V. and is managed and developed in-house.
In this portal we, depending on the configuration which may differ per client, register the following personal data:
Collected Data
- Personal details;
- Full name;
- Address details;
- Phone number(s);
- Email address;
- Date and place of birth;
- Gender;
- Employment information;
- Branch;
- Business unit;
- CAO;
- Cost Centre;
- Date of entering/leaving employment;
- Department;
- Employee number;
- HR Manager ID;
- Job Title / Role;
- Manager ID;
- Work contact details (email address, phone number(s), address);
- User Generated Content;
- Reviews;
- Explanation of contribution to career (training registration);
- Study agreements;
- Obtained Permanente Educatie (PE) points
The data is collected when you register an account on the Edubookers platform, directly provided by your employer (f.i. imported via AFAS, SAML, Excel), register for/book a training on the platform, and when you follow a booked course.
Personal data is kept no longer than necessary for the purpose for which it is used. Afterwards, your data will be deleted or anonymised with the purpose of internal analysis and reports.
Naturally, we will retain your personal data for the time you attend a training/education course through Archipel Academy, thereafter we will only retain your personal data for as long as your employer has a contract with us. At the end of the contract period, all personal data will be delivered back to our client, your employer.
LevenLangOntwikkelen (LLO Platforms)
We obtain your personal data through one of our Leven Lang Ontwikkelen platforms. This is a cloud solution for searching and booking learning and development activities (trainings, coaching, etc.) and planning and purchasing these activities. The LLO Portals are fully owned by Archipel Academy B.V. and are managed and developed in-house.
In one of these portals we, depending on the configuration which may differ per client, register the following personal data:
Collected Data
- Personal details
- Full name;
- Phone number;
- Company
- Region
- City of Residence
- Description of current situation
These platforms may send users to the Edubookers or Leersubsidie webpage. The data collected on those platforms is described in their respective sections in this policy.
Personal data is kept no longer than necessary for the purpose for which it is used. Afterwards, your data will be deleted or anonymised with the purpose of internal analysis and reports.
Naturally, we will retain your personal data for the time you attend a training/education course through Archipel Academy, thereafter we will only retain your personal data for as long as our client has a contract with us. At the end of the contract period, all personal data will be delivered back to our client.
De Leerrekening
We obtain your personal data through our De Leerrekening platform. This is a cloud solution for searching and booking learning and development activities (trainings, coaching, etc.) and planning and purchasing these activities. The De Leerrekening portal is fully owned by Archipel Academy B.V. and are managed and developed in-house.
In one of these portals we, depending on the configuration which may differ per client, register the following personal data:
Collected data
- Personal details;
- Full name;
- Address details;
- Phone number(s);
- Email address;
- Preferred language;
- Education level;
- Date and place of birth;
- Personal banking details;
- Employment information;
- Start/end date of employment;
- Business email address;
- CAO-code;
- Contract hours;
- Contract type;
- Department;
- Company;
- HR identifiers;
- Payroll tax number (‘loonheffingennummer’);
- User Generated Content;
- Learning interest;
- Fiscal test answers/results;
The data is collected when you register an account on the De Leerrekening platform, directly provided by your employer (f.i. imported via AFAS, SAML, Excel), register for/book a training on the platform, and when you follow a booked course.
Springest
We obtain your personal data through our Springest Platform. This is a cloud solution for searching and booking learning and development activities (trainings, coaching, etc.) and planning and purchasing these activities. The Springest Platform is fully owned by Archipel Academy B.V. and is managed and developed in-house.
In this portal we, depending on the configuration which may differ per client, register the following personal data:
Collected Data
- Personal details;
- Full name;
- Address details;
- Phone number(s);
- Email address;
- Date and place of birth;
- Gender;
- Employment information;
- Job Title;
- Profession;
- Company name;
- User Generated Content;
- Reviews;
- Study agreements;
- Interests;
- Targeted amount of Permanente Educatie (PE) points
- Study history
- Study activities
The data is collected when you register an account on the Springest platform, register for a training on the platform, and when you follow a booked course. Data about your browsing behaviour is collected when you make general use of the platform. When you use our platform via your employer, your data may be imported from their identity provider.
We will keep your data in your account for as long as it is active. You decide when to cancel your account. At that time, we will remove all your personal data from our systems. Under no circumstances do we store more personal data than is necessary to achieve the purpose for which it was collected.
Archipel Events
When you participate in any of our events, you may be asked to provide the following information:
Collected Data
- Personal details;
- Full name;
- Address details;
- Phone number(s);
- Email address;
- Employment information;
- Company name;
- Job title;
- Contact details;
Archipel may also share your data with speakers and co-organizers for the purpose of discussing potential collaborations.
If you do not wish to share your data anymore, you have the option to object and we will stop processing your data. Additionally, by participating in our events, you give us permission to use images of you in expressions published on social media after the event.
Website
Collected Data- Personal details;
- Full name
- Address details;
- E-mail address;
- Phone number;
- Gender;
- Type of contact (customer, supplier, etc.);
- Employment information;
- Job title;
- Organisation;
- Service requests;
- Visit reports;
- Phone calls;
- E-mails;
Job Applications
Under the ‘Vacancies’ section of our website, we offer you the opportunity to apply for one of our vacancies or to submit an unsolicited application. For this purpose, we will ask you to provide the necessary information, such as:
Collected Data
- Personal details;
- Full name
- Address details;
- E-mail address;
- Phone number;
- Curriculum vitae;
- Letter of motivation;
- Lists of grades;
- Letters of reference;
- Diplomas;
We will not keep your data for longer than is necessary for the above-mentioned purposes. If you are not employed by Archipel Academy B.V. at the end of the application process, we will keep the data for a maximum of six weeks after the end of the process. This allows us to contact you if the previous candidate turns out to be unsuitable after further consideration. If you have given us permission to keep your data for longer, we will keep your data for a maximum of one year after the end of the application process.
How do we collect your data?
Each previous chapter describes for each specific service how we collect your data. What follows is a non-exhaustive summary of how generally collect and process your data:
- Register an account on one of our platforms;
- Register for a training using one of our platforms;
- Request a demo through our website;
- Fill in the contact form on our website;
- Become a partner of Archipel Academy B.V.;
- Contact Customer Support using one of our contact channels;
- Voluntarily complete a customer survey or provide feedback via one of our contact channels;
- Apply for one of our vacancies;
- Visit one of our events;
- Use or view our website via your browser’s cookies;
How will we use your data?
Archipel Academy B.V. collects your data so that we can:
- Process customers’ training registrations
- Offer trainings provided by our partners on our platforms
- Provide billing towards partners and customers
- Manage customer and partner accounts
- Provide a personalised experience on our learning platform
- Support customers, visitors, prospects and partners with questions regarding our platforms, trainings and services
- Keep you up to date regarding our events and marketing material
We only provide your personal data to other companies or institutions if it is necessary for our services or if we are required to do so by law (e.g. if the police require it in case of suspected crime). We will notify you, or the organisation you work for (if it concerns a customer), in advance which other companies will receive and process your data and, if necessary, we will ask for your consent.
How do we store your data?
Security of your information
We prioritize the security of your personal data and are committed to protecting it from unauthorized access, alteration, disclosure, or destruction. As a testament to our dedication to data security, we are ISO 27001 certified.
Our security practices align with internationally recognized best practices, including those outlined by the National Institute of Standards and Technology (NIST).
Data storage and transfer
Your personal data is stored on secure servers located within the European Economic Area (EEA). We do not send any data outside the EEA or to countries without adequacy decision made by the European Commission, ensuring that it remains within jurisdictions with robust data protection laws. This means your data is subject to the same high standards of privacy and security wherever it is stored.
In compliance with these principles, we ensure that any data processing and storage are conducted in accordance with the stringent data protection and privacy regulations applicable within the EEA. Our commitment to keeping your data within the EEA helps to safeguard it from jurisdictions that may not offer the same level of protection.
We store your data with proven cloud service providers known for their security measures. These providers are selected based on their ability to meet industry standards for data security and protection, ensuring that your information is handled with care and security.
Data retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. After this period, your data will be securely deleted, anonymized and/or returned to you.
Data encryption
When your data is being transmitted to or from our systems, it is protected using encryption protocols such as Transport Layer Security (TLS). TLS is a widely recognized and trusted standard for secure communication over the internet. It ensures that any data you send to us, or we send to you, is encrypted during transit, making it unreadable to unauthorized parties who might intercept it. For data at rest, we utilize robust encryption methods to secure your personal information stored on our servers. This includes encrypting the underlying storage, database-level encryption, and when necessary, file-level encryption.
Access to your data
Access to your personal data is limited to employees, agents, contractors, and other third parties who have a business to need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.
Regular audits
To ensure data security and compliance, we conduct regular audits of our security measures. These audits are a critical part of our commitment to protecting your personal data. In addition to our internal review processes, we engage in yearly external audits conducted by an independent third-party. These external audits are comprehensive and designed to assess our compliance to industry standards and other regulations. They provide an objective evaluation of our security practices, ensuring that we consistently meet or exceed the best practices in data protection.
Marketing
Archipel Academy would like to send you information about products, services and events of ours that we think you might like, as well as those of our partner companies.
If you have agreed to receive marketing, you may always opt out later.
Changes to our privacy policy
Archipel Academy B.V. keeps its privacy policy under regular review and places any updates on this web page. This policy was last updated on 27-02-2024.
How to contact us
If you have any questions about Archipel Academy B.V.’s privacy policy, the personal data we collect, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.
Email us at: privacy@archipel.academy
Call us: +31(0)418 688 674