Privacy & Cookie Statement

Archipel privacy and cookie statement

In this statement we would like to explain to you what we at Archipel Academy B.V. do with your personal data: Where and who obtains them, why and how we use them, how long we keep them, and how we secure them. Furthermore, in this statement you can read which cookies we use on our website and on our Develop Yourself portal.

At Archipel Academy B.V.  we receive a lot of personal data from our customers, visitors and interested parties. We consider it our duty to handle these data carefully and in doing so we observe the GDPR and all other laws and regulations.

If you have any questions after reading this statement, please do not hesitate to contact us at + 31 (0)418 688 674 or privacy@archipel.academy.

 

PRIVACY

DEVELOP YOURSELF PORTAL

First, we obtain your personal data through our Develop Yourself portal. This is a cloud solution for searching and booking learning and development activities (training courses, coaching, etc.) and planning and purchasing these activities. The Develop Yourself portal is fully owned by Archipel Academy B.V. and is managed and (further) developed in house. In this portal, depending on the configuration that may vary from one customer to another, we may record the following personal data:

  • Name of participant/employee
  • Contact details at work (email address, telephone number(s), work address)
  • Private contact details (email address, telephone number(s), address)
  • Employee number, department, branch, business unit and cost centre
  • Position
  • Date of commencing/leaving employment
  • Gender
  • Date and place of birth (for certificates)
  • Manager
  • PE points (required, obtained)
  • Training history (enrolments, applications, completed learning objects, scores achieved)
  • Required and obtained certifications and (copies of) certificates
  • Results of tests and scans (such as the competency scan)
  • User Generated Content (this is entered by participants themselves):
    – Preliminary questions
    – Evaluations, reviews and ratings
    – Areas of interest

We do not keep personal data longer than necessary for the purpose for which they are used. Naturally, we will retain your personal data during the time you are attending a training/course through Archipel; after that we will only keep your personal data for as long as your employer has a contract with us. At the end of the contract period, all personal data will be returned to our customer, your employer.

The Develop Yourself portal uses only cookies that are necessary for the correct operation of the portal. You can find more information about this in the cookies section.

ARCHIPEL WEBSITE

In addition, we make use of cookies on our website www.archipel.academy (more about this later). On the website, we use a contact form that stores your personal data in our CRM system. The following personal data are used for this purpose:

  • Name and address details (leads, customers)
  • Contact information (telephone, email)
  • Gender
  • Type of contact (customer, supplier, etc.)
  • Position
  • Organisation
  • Phone calls
  • Emails
  • Visit reports
  • Service requests

EVENTS ORGANISED BY ARCHIPEL

When participating in an event organised by Archipel Academy, you share your business information (name, position, email address and telephone number). Your name, the organisation where you work, and your position can be shared in a participant list. Your information may be further shared by Archipel with speakers and co-organisers for the purpose of contacting and discussing possible collaboration. If you do not want to share your data (any longer), you always have the option to object and we will no longer process your data.

FINANCIAL ADMINISTRATION

In addition, customers sometimes ask us to include names of their employees in our training/courses, possibly including a staff number, on the invoice.

And when we purchase training or courses from our suppliers, we list the name, address, place of residence, contact information of the participant and relevant training/course on the purchase order for our supplier.

In addition, we always make agreements with our customers, the organisation where you work, about the processing of the personal data. This is usually included in the contract or separately in a Processing Agreement.
We keep financial data for 7 years, in accordance with the statutory guideline.

JOB APPLICATIONS

Under the heading ‘vacancies’ on our website, we offer you the chance to apply for one of our vacant positions or to apply by sending an open application. For this purpose, we ask you to provide the necessary information, such as your name, contact details, CV, lists of grades, reference letters (if any), diplomas (if any) and a cover letter.

The grounds for processing your data for the purposes listed above may be: Your consent, to the extent necessary to ultimately enter into a contract with you, and our legitimate interest in assessing whether we will employ you based on your application.

If we need assistance from external HR consultants regarding your application, we may forward your information to them. If your application is relevant to other companies affiliated with Archipel B.V. we may send your application to them.
We do not keep your data any longer than necessary for the above purposes. Should you not be employed by Archipel Academy B.V. at the end of the application process, we will retain the data for no longer than six weeks after the procedure has ended. This allows us to still approach you if, on further consideration, the earlier candidate proves unsuitable. If you have given us permission to keep your data for a longer period of time, we will keep your data for a maximum of one year after the end of the application process.

TRANSFER TO OTHER ORGANISATIONS

We only give your personal data to other companies or institutions if this is necessary for our services or if we are legally obliged to do so (for example, if the police demand them in the event of a suspected crime). We will notify you, or the organisation where you work if that is our customer, in advance as to which other companies will receive your information and, if necessary, we will ask for your permission.

SECURITY

We take appropriate technical and organisational measures to prevent loss, misuse and/or unauthorised access to your personal data.

The server environment of the Develop Yourself portal is hosted by Interconnect in Den Bosch (www.interconnect.nl). All equipment used for the Develop Yourself portal, such as servers, SAN environment and network equipment (firewall, switches), is the property of Archipel Academy B.V. The data centre is ISO 27001, ISO9001 and ISO14001 certified. Interconnect has a list of authorised employees who are allowed access to the server environment. These authorised employees need a pass from the data centre and must identify themselves on entry.
For technical management and securing back-ups, a site-to-site VPN connection is available between the infrastructure of Archipel Academy in Zaltbommel and Interconnect in Den Bosch. The Develop Yourself portal is accessible via HTTP but this traffic is always redirected to the secure HTTPS protocol. The database server has no external IP address and cannot be accessed from the Internet. The servers are equipped with a virus scanner that is updated at least once a day. An encrypted back-up of the entire environment (application and database) is made daily and stored off-site.

Administrators, suppliers and employees must log in with a username and password. If desired, it is also possible to have employees log in via Single Sign-On (SSO). At the request of the customer organisation, a check on the IP address range is also possible when logging in.

The Develop Yourself portal is periodically audited by an external party (at least twice a year, usually coinciding with major releases). This audit is conducted based on the guidelines of the Dutch National Cyber Security Centre.
The development of the Develop Yourself portal uses an OTAP street with separate environments for development, test, acceptance test and production. Strict procedures and guidelines are in place to ensure maximum protection of stored data.

 

COOKIES

GENERAL

We use cookies on our website and the Develop Yourself portal. A cookie is a simple, small file that is sent with pages of this website and stored by your browser on your device’s hard drive so that you can be recognised. When you visit our website or the Develop Yourself portal, cookies are placed on your PC for various purposes. These cookies can be functional or analytical and some track your browsing habits. For the latter type of cookies we request your explicit consent. With the placement of these cookies, personal data, such as the IP address, are processed.

When you visit our website or the Develop Yourself portal for the first time, we display a notification explaining cookies. Here you can also specify which cookies you want to be placed on your computer.

We have made agreements about the use of cookies with other companies that place cookies. However, we do not have full control over what they themselves do with the cookies. So please also read their privacy statements if you think this is important and possibly also the various informational links.

WEBSITE COOKIES

Google Analytics: We use Google Analytics to track how users use the website. Cookies are placed for this purpose. Google uses this information to keep track of how our website is used, in order to provide us with reports on the website. We have set the maximum retention period of the cookies used through this service at 24 months. This means that after this period expires, the data cannot be read. Processing of your personal data through Google Analytics is based on our legitimate interest in obtaining general statistics about our website visitors.

This information is transferred to and stored by Google on servers in the United States. We have entered into a processing agreement with Google where the most recent (4 June 2021) Standard Contractual Clauses also apply. This means that there is an appropriate level of protection for the processing of any personal data.

Hubspot: Cookies required to display external forms from our CRM application Hubspot on the website.
We use HubSpot as our CRM system, but also to fill out and link forms on the website. HubSpot uses several types of cookies for this purpose, which remember your preferences, but also enable us to create a link to the system. Hubspot uses the Standard Contractual Clauses and has included the additional guarantee in its Privacy Statement not to move Personal Data of EU citizens outside the EEA and to seek prior consent if it has to do so. This means that there is an appropriate level of protection for the processing of any personal data. See https://knowledge.hubspot.com/reports/customize-your-cookie-tracking-settings-and-privacy-policy-alert

Finally, a cookie is also placed to save the current session (codeigniter framework). This is a cookie purely for the correct functional operation of the website.

DEVELOP YOURSELF PORTAL COOKIES

Google Analytics: We use Google Analytics to track how users use the website. Cookies are placed for this purpose. Google uses this information to keep track of how our website is used, in order to provide us with reports on the website. We have set the maximum retention period of the cookies used through this service at 24 months. This means that after this period expires, the data cannot be read. Processing of your personal data through Google Analytics is based on our legitimate interest in obtaining general statistics about our website visitors.

Finally, a cookie is also placed to save the current session. This is a cookie purely for the correct functional operation of the website.

SOCIAL MEDIA BUTTONS

Our website includes buttons to promote or share pages on the LinkedIn social network. This button will not become active until you click on it. The buttons work on the basis of pieces of code that come from LinkedIn itself. Through this code, cookies are placed when you click on the button.

Please read LinkedIn’s privacy statement (which may change regularly) to see what it does with your personal data that it processes using this code. The information is transferred to and stored by the social media networks on servers in the United States. LinkedIn uses the Standard Contractual Clauses and has included the additional guarantee in its Privacy Statement not to move Personal Data of EU citizens outside the EEA and to seek prior consent if it has to do so.  This means that there is an appropriate level of protection for the processing of any personal data.

 

Book a demo

Consent
Dit veld is bedoeld voor validatiedoeleinden en moet niet worden gewijzigd.