When you visit our website, digitalknowledgeinstitute.com, or contact us, we will receive information about you or your organization. This data privacy statement explains what we do with that information. We always handle this information with care and store it securely. If you have any questions or want to know what information we have on you or your organization, please get in touch with us. We may amend this privacy statement if necessary. Please review this privacy statement occasionally to be aware of these changes. This data privacy statement was last modified on 03 April 2023.
- When do you apply this privacy statement?
- Who uses your data?
- Whose data do we use?
- How do we get your data?
- What data of you do we use?
- What do we use your data for?
- How long do we store your data?
- Who do we share your data with?
- Where do we store your data?
- How safe is your data with us?
- What are your rights?
- Which rules apply to this privacy statement?
- Which cookies do we use?
- What do we do with the data of minors?
1. When does this privacy statement apply?
This privacy statement applies to all personal and corporate data we process and all domains related to us. This concerns the personal data of everyone who has ever contacted us or visited our websites, such as members and business contacts. Personal data can be traced back to you as an individual, such as your name, telephone number, IP address, member number, or surfing behavior. To learn more about personal data, please visit the Dutch Data Protection Authority website.
2. Who uses your data?
Stichting Digital Knowledge Institute is responsible for the website digitalknowledgeinstitute.com and, therefore, the organization responsible for using your personal data as described in this privacy statement. The full details are as follows:
Stichting Digital Knowledge Institute
5211KL Den Bosch
Kamer van Koophandel 89501950
3. Whose data do we use?
We process the personal and corporate data of everyone who has filled out any individual or corporate data on our website.
4. How do we get your data?
We receive the data directly from you when you fill in your or your organization’s data on our website.
5. What data of you and your organization do we use?
We use the following data:
- Full name
- Email address
- Telephone numbers
- Organizational contact information
- Payment details
- Use case details
- Assessment details
6. What do we use your data for?
We only use your personal data for the purpose we are allowed to use it. We use your data to give you the best service as a member.
7. How long do we keep your data?
We keep your personal data for as long as we are required by law and as long as necessary for the purpose we use your data. For example, as long as you are a member, we store your data according to the statutory retention period of seven years. After that, we only keep your data for statistical purposes and to handle any complaints or legal matters. If you want to know more about how long we store specific data about you, please get in touch with us.
8. Who do we share your data with?
We may give your personal data to others. We only do this if you are a member of ours and if we received your prior consent.
9. Where do we store your data?
We process your data within the European Economic Area. This means that we also store your data within the EEA. If you have any questions about this, please get in touch with us.
10. How safe is your data with us?
We have done much to protect your data as well as possible, both organisationally and technically. We have secured our systems and various means of communication to ensure that your data does not end up in the hands of others. Your data is, therefore, safe with us. We also ensure that your data is only used by people who have received our permission. For more info about the specific method of securing, please see below at Platform security.
When we share your data with others, they must treat it with the same care. Please let us know if you notice this is not the case.
11. What are your rights?
Because we use your personal data, you have various rights. We have listed these rights for you below.
Right to information
We must explain to you understandably and clearly what we do with your data and what control you have over it. In this data privacy statement, we explain in detail what data we collect from you and how we handle your data.
Right to access
You may always ask us to view the data we hold about you or your organization.
Right to correction
You may ask us to correct your data if it is incorrect or incomplete.
Right to object
You may object to processing your data if you disagree with the way we handle your data. This right applies to the data we use for direct marketing. You can indicate that you no longer wish to receive emails from us. This also applies to personalized recommendations on our website.
Right to data portability
If you are a member or have given permission to use your data, you may ask us to send you the digital data we have about you.
Right to restriction
You may ask to limit the use of your data. This means that in some instances, we may only store your data but not use it.
Right to be forgotten.
You may ask us to delete all data we have about you. We will then delete all data that can be traced back to you. Sometimes, we cannot or may not yet delete your data. For example, we must keep some data for seven years for the tax authorities.
Right to submit a complaint.
You may submit a complaint about how we handle your data. If you have a complaint, we will be happy to resolve it for you. To do so, please get in touch with us. You may also submit your complaint to the Dutch Data Protection Authority. Of course, we hope it does not come to that, but you can also go to court if necessary. In that case, the court in the place of business of Stichting Digital Knowledge Institute is the one which will handle your complaint.
How do I submit a request or complaint?
You can submit your request or complaint to us by emailing email@example.com. We process every request or complaint within 30 days. Submitting multiple applications or complaints or a complex request or complaint may take longer. In that case, we will contact you within 60 days at the latest. We may ask you to identify yourself. In that case, we will ask you to submit certain information to ensure that you are the correct person whose personal data has been compromised.
12. What rules apply to this privacy statement?
Our data privacy statement must meet several conditions. These conditions can be found in the Dutch General Data Protection Regulation (AvG). In addition, the general rules under Dutch law apply to our privacy statement.
13. Which cookies do we use?
You can indicate what data we may use from you. Suppose you have given us permission to personalize your profile based on your surfing and search behavior. In that case, we can set up our website specifically for you so that its use becomes more accessible and more personal. We do this using cookies. A cookie is a small text file placed on your hardware when you visit our website. We use functional cookies, like session and login cookies, to collect session and login information.
14. What do we do with the data of minors?
We neither target nor serve minors with our website or as an organization. We have no intention to store any personal information from visitors under 18. If we discover data from persons under 18, it will be destroyed immediately.
Use case confidentiality
We ensure the confidentiality of use cases through confidentiality agreements that members who make use of a use case must sign. Use case documents cannot be printed, downloaded, exported, or shared in any way. Apart from that, platform access restrictions are in place to curtail the unauthorized sharing of credentials. Read more on the protections that we have in place below.
Our use case and assessment platform, accessible at platform.digitalknowledgeinstitute.com, uses the following features to ensure the safety of your personal and corporate data.
All resources hosting the services and residing data run on the AWS cloud. There are four main components/services in the system:
- Front-end application
- Back-end application
- Authentication service (KeyCloak)
- Persistence layer (Database)
All communication among these services is run through an HTTPS protocol. All requests sent to the API service will be authenticated via an authentication server.
Detailed security information
- Communication via HTTPS.
- CORS (cross-origin resource sharing) is activated on all web services.
- All internet-facing services are shielded by AWS ALBs and their security configuration against DDoS or other attacks.
- Authentication works through Oauth2-based access and refresh tokens generated by KeyCloak.
- Code quality checks via SonarQube or a similar tool will be integrated.
- Comprehensive pen tests based on industry standards such as OWASP.