Privacy statement Zaurus B.V. – Add-in Microsoft Office
Version October 2021
We have drawn up this privacy statement to make it clear that we take the privacy of all personal data with which we come into contact within Zaurus very seriously. For that reason, the personal data collected by us is carefully processed and secured. We adhere to the General Data Protection Regulation (GDPR).
In this statement we want to inform you about our privacy policies. If you have any questions or would like more information, please contact our data protection officer at email@example.com.
Protection of privacy is very important. After all, you do not want your data to just end up on the street. In the European Union, the General Data Protection Regulation (GDPR) applies to protect your and our personal data. Under this regulation, an organization that works with personal data has certain obligations and the person from whom the data originates has certain rights. The regulation speaks of “processing personal data”. This term includes everything that can be done with personal data: from collection to destruction. In addition to this general privacy legislation, specific rules apply to privacy in healthcare. These rules are included in the Medical Treatment Contracts Act (WGBO). This privacy statement is intended to inform you about your rights and our obligations that apply under the law.
Your privacy is for Zaurus B.V. very important. We therefore adhere to the privacy law. This means that your data is safe with us and that we always use it properly. In this privacy statement we explain what we do with information that we learn about you through our add-in.
PURPOSES OF THE DATA PROCESSING
We process various types of information, based on consent, from and about users of our add-in, including:
You can withdraw your consent at any time by removing the add-in from your computer or mobile device.
Zaurus takes precautions to protect personal information from loss, misuse, unauthorized access, disclosure, altercation and destruction. To protect your privacy, Zaurus and our contracted third parties take appropriate organizational and technical measures including:
- physical access control. Zaurus uses measures to prevent unauthorized persons from gaining access to data processing systems in which personal data is processed.
- access to personal data is protected with a username, password and, where necessary, a login token.
- using secure connections (TLS) that protects all information between you and our websites and apps when submitting personal data and sharing personal messages.
- using firewalls, intrusion detection systems, intrusion prevention systems and virus scanners to ensure your data is always safe.
- data backup.
- standard data encryption on the Zaurus communication platform: in addition to the TLS connection, we also apply standard AES-256 encryption to all data in transit as well as user information, messages and attachments at rest.
- paperless office: we work digitally as much as possible. Paper is avoided and destroyed via the shredder if it no longer serves a purpose. The digital documents are secured and backed up.
- purpose-based access restrictions and data storage within the European Union.
Zaurus discourages the use of unsecured WiFi-networks or other unprotected networks while using the service.
If Zaurus finds out that a high-risk security breach has occurred, we will notify you and, if necessary, ask you to take appropriate action.
THE RESPONSIBILITIES OF ZAURUS B.V.
Zaurus B.V. is legally responsible for the processing of personal data which takes place within Zaurus B.V. We fulfil the obligations arising from this as follows:
- Your data is only collected to support the provision of care and is used for the following purposes:
- so you can register as a user of Zaurus and can make use of the Zaurus add-in;
- so you can use the Zaurus Outlook Add-In (a connection is made between the Zaurus Messaging Platform and the add-in);
- so you can schedule Zaurus meetings (which automatically leads to the creation of a consulting room with the guests you have invited) in your Outlook agenda;
- When downloading the add-in, you will be informed of the fact that personal data is processed. This is indicated by referring to this privacy statement;
- All employees of Zaurus B.V. have signed a confidentiality statement;
- Your personal data is well protected against unauthorized access;
- Your personal data is not kept longer than is necessary to provide good service and care;
- The personal data we collect through your registration for and use of our add-in is used solely by us. We do not sell your personal information to third parties.
YOUR RIGHTS AS A STAKEHOLDER
Regarding your personal data you have the following rights:
- the right to know if your personal data is processed;
- the right to inspect and ask for a transcript of the data that is processed (insofar as this does not harm the privacy of another);
- the right to request correction, addition or deletion of your data;
- the right to block the transfer of your data to third parties (one or more of the aforementioned care providers);
- the right to request deletion of personal data. This can only be done if the retention of the data is not of significant importance to another and the data does not have to be retained on the basis of (a) statutory regulation(s);
- the right to oppose the processing of your data.
If you want to exercise one or more of your rights, you can contact the Data Protection Officer of Zaurus B.V., who represents your interests. Your rights can also be represented by an appointed representative. Make sure that you always clearly indicate who you are, so that we can be sure that we do not change or delete data from the wrong person.
In principle, we will comply with your request within one month. However, this period can be extended by two months for reasons related to the specific privacy rights or the complexity of the request. If we extend this term, we will notify you within the first month.
In addition, you can inform us in writing if you do not wish to be contacted with information about our products and services. See the contact details of the data protection officer later in this document.
TO FILE A COMPLAINT
If you have any questions or wish to submit a complaint about the use of your personal data, you can contact us using the contact details at the bottom of this privacy statement. We handle every question and complaint internally and communicate this further with you. However, if you think that we are not helping you in the right way, you can contact the Dutch Data Protection Authority to file a complaint.
For example, the Dutch Data Protection Authority can engage you to mediate in the dispute or to request advice. As a last option, you can lodge an appeal with the civil court.
AMENDMENTS TO THIS PRIVACY STATEMENT
This Privacy Statement may be amended from time to time. Please review it periodically. Changes to this statement will be effective upon posting to this website. Your use of the add-in following these changes means that you accept the revised statement.
DATA PROTECTION AUTHORITY
For questions and complaints, you can contact the data protection officer of Zaurus B.V. This employee ensures that personal data is carefully used and secured and that privacy is guaranteed.
If you feel that we are not helping you in the right way, you have the right to file a complaint with the supervising authority. This is called the Dutch Data Protection Authority (i.e. “Autoriteit Persoonsgegevens”).
Data Protection Authority (Autoriteit Persoonsgegevens)
PO Box 93374
2509 AJ THE HAGUE (The Netherlands)
Telephone: +31 900 – 200 12 01, available on workdays from 09:30 AM to 12:30 PM (€ 0.05 per minute)