Privacy Policy   Last updated: May 22, 2020

  1.        Introduction

Welcome to BPI. We respect your privacy, and we will only process your personal data in compliance with the General Data Protection Regulation 2016/679 (“GDPR”).   This Privacy Policy informs you (hereinafter the “User,” “You” or “Your”) of how we collect and process your personal data when you make use of the BPI Services, who we share it with, how long we retain it for and your rights as a data subject.   BPI: Business Psychology International (hereinafter the “Company”, “We”, “Us”, or “Our”) is the owner and operator of the Website located at www.bp-int.com (“Website” or “Site”). Please carefully read this Privacy Policy before proceeding to use the Website or any other Services offered by the Company.   Your continued use of the Website or consent to use the Services will be deemed as your acceptance of our privacy practices. If you do not agree with our privacy practices, please do not access our Website or make use of our Services.  

  2.        The Scope of this Privacy Policy

This Privacy Policy applies when you visit our Website, contact us, or acquire any Services offered by the Company. This Privacy Policy does not extend to your use of any Website/s, or Service/s provided by any third-party.  

  3.        Definitions

Any use of the following terms in this Privacy Policy shall have the meaning as defined hereunder:    
Agreement refers to the Master Service Agreement together with any and all order forms signed or otherwise accepted by the Client.  
Candidate means an individual who is named by the Client as the recipient of the Service in the order form.  
Client means a person or entity who acquires the Services offered by the Company and named as Party in the order form.  
Client Data refers to any data provided by the Client to the Company for the purposes of delivering the Service.  
Data Controller means “the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law” as defined in Article 4(7) of the General Data Protection Regulation;  
Data Subject means a natural person whose personal data is processed by the Company and its processors;  
Order Form refers to a statement of work detailing the Services to be rendered by the Company to the Client, following an indication by the Client that it wishes to obtain the Services from the Company, setting out the details of the Service to be provided by the Company, the Company’s Service Fees and any additional terms and conditions upon which the Company proposes to provide the Services.  
Personal Data means “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” as defined in Article 4(1) of the General Data Protection Regulation;  
Processing means “Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction” as defined in Article 4(2) of the General Data Protection Regulation.  
User means a Data Subject (Clients, Candidates or Website Visitors) who access the Website or acquire/receive the Service.  
 

  4.        Updates to this Privacy Policy

From time to time, we may amend this Privacy Policy to reflect our new privacy practices and for compliance with applicable laws and regulations. We will post the updated Privacy Policy on our Website and notify you of such updates by changing the last updated date on the top. You should review this Privacy Policy regularly to ensure that you are familiar with any changes. You understand and accept that your continued use of our Website and/or Service after the effective date of the update will be deemed as your tacit acceptance of any updated privacy practices.  

  5.        Data Controller

For the purposes of this Privacy Policy, the Company is the data controller for personal data collected by us through our Website, from Clients or directly from Candidates. We can be contacted by email at info@bp-int.com, or you can write to us at the following address:   Business Psychology International Vliegertstraat 2 6005 PR Weert Netherlands  

  6.        What personal data we process and purpose of processing?

  • 1. Prospects
When we receive enquiries from prospects either through our Website, directly by email or over the phone, we collect the contact person’s full name, company name, phone number, and email address.   Purpose We use this information to communicate with the prospect, to understand their Service requirements and to provide a Service proposal to them.   Lawful basis of processing Our lawful basis of processing this personal data is our legitimate interest which does not override the data subject’s rights as set out in Article 6(1)(f) of the GDPR.   Data Retention If the prospect is converted into a Client by entering into an Agreement, the retention period specified in section 6.1.2 below shall apply. However, if the prospect is not converted, we will not retain this data for longer than two years from the date of last communication with the prospect.  
  • 2. Clients
We will collect the full name of the key contact at the Client Company, their contact details such as their email address, phone number, and some other non-personal business information such as Client entity name, billing information and VAT number.   Purpose We process the above-mentioned information to communicate with the Client, to enter into Agreements with Clients, for invoicing and service delivery in accordance with our Agreement with the Client.   Lawful basis of processing Our lawful basis for processing this personal data is the performance of our contract as provided in Article 6(1)(b) of the GDPR.   Data Retention We will retain this personal data for the entire term of our Agreement with the Client and for a maximum period of five years from the date of Service delivery.  
  • 3. Candidates
For Candidates, we collect/receive personal data including but not limited to:
  1. full name,
  2. date of birth,
  3. level of education,
  4. job title,
  5. gender,
  6. email address,
  7. home address,
  8. phone number,
  9. training, coaching and/or other assessment data,
  10. Any relevant personal background information; and
  11. Candidate’s skype/zoom id or similar information of other tools used to deliver the Services.
  Purpose We process this personal data to arrange and deliver our Services to the Candidate in accordance with our Agreement with the Client, to create any deliverables for the Candidate and Client (such as assessment reports) and for our internal business purposes.   Lawful basis of processing Our lawful basis for processing this personal data is the performance of our contract with the Client as provided in Article 6(1)(b) of the GDPR and the candidate’s consent as provided in Article 6(1)(a) of the GDPR.   Data Retention We will retain this personal data for a period of five years after the delivery of our Service unless we receive a specific request for the erasure of personal data from the Candidate, in which case we are only obligated to delete the personal data to render the remaining data unlinkable to the Candidate. We may continue to retain any data relating to the training, coaching and assessment Service rendered by us by anonymising it.  
  • 4. Subscribers
If you subscribe to receive marketing material from us on our Website, we will collect your name and email address.   Purpose We process this personal data to send you direct marketing communication that you subscribed to receive from us.   Lawful basis of processing Our lawful basis for processing this personal data is your consent as provided in Article 6(1)(a) of the GDPR when you opted-in to receive marketing material from us.   Data Retention We will retain this personal data for as long as you are subscribed to receive direct marketing communication from us. We will immediately remove your personal data from our mailing list when you unsubscribe.  
  • 5. Providers
If you are an employee or subcontractor of the Company, we will collect personal data including but not limited to your name, email address, phone number, business address, banking details, qualifications, references, professional license data, VAT number and any other documentary proof or information as and when requested.   Purpose We use this data to assess your suitability to render the Service, to enable you to render the Services, to communicate with you and to pay you for Services rendered by you on behalf of the Company.   Lawful basis of processing Our lawful basis for processing this personal data is our legitimate interest which does not override your rights as a data subject as provided in Article 6(1)(f) of the GDPR.   Data Retention We will retain this personal data for as long as you are part of our Provider Network. If you cease to be part of our Provider Network, we may retain this personal data for a maximum period of seven years from the date you cease to be part of our Provider Network.  

  7.        Disclosure of personal data

We do not sell or rent your personal data to any third party. We may disclose your personal data only as described hereunder:  
  • Clients
Wherever applicable, we will always disclose the results of a Candidate’s psychological assessments and/or coaching services to the Candidate first, and we will only disclose the results of any assessments to the Client with the Candidate’s express consent. Notwithstanding the foregoing, there may be circumstances where the law requires us to disclose the results of an assessment or coaching service to the Client regardless of Candidate’s objections.    
  • Providers
Clients and Candidates’ personal data will be shared with our Providers on a need to know basis to enable them to deliver the Services on our behalf. When Providers collect any personal data from Candidates during the performance of Services on our behalf, such data will also be accessible to the Company and its employees to the extent required.  
  • Merger or Acquisition
In the future, if we undergo a merger or acquisition, all personal data we collect from Prospects, Clients, Candidates, Subscribers and Providers will form part of our business assets and may be transferred to the new entity. Please note that any transfer of your personal data as a result of a commercial transaction will not negatively impact your privacy rights as specified in this privacy policy.  
  • Compliance Obligations
If we are required to disclose your personal data to local and international government authorities, law enforcement bodies, courts of law, or other government agencies, we reserve the right to disclose this personal data for compliance with our legal and regulatory obligations, including but not limited to, for asserting or defending our rights and interests.  
  • Third-Party Services
We may make use of third-party services during the course of our business operations, such as services to host our Website and software tools to manage our business and deliver the Services to you. Such third-party service providers may process your personal data on our behalf. Where we make use of any such Processors, we will ensure that these Processors uphold the highest data protection standards. We will also enter into suitable Data Processing Agreements with such third-party processors in compliance with the GDPR.  
  • Sharing Anonymous User Data
We may share anonymous statistical data we collect from you during the course of your usage of the Service with third parties for business purposes. We aggregate this data to ensure no personal information about any user is disclosed to any third-party that we share it with.  

  8.        Cookies

We may make use of cookies, pixel tags and web beacons on our Website with your consent. We may also use third-party analytics tools on our website such as Google Analytics which use cookies and collect personal data such as your IP address when you visit our website. Cookies are small files that contain data that is used to identify you as a unique user. You can tell your browser to decline all cookies or to indicate when a cookie is being sent. If you decide to decline cookies, you may not be able to use some parts of our website. For more information on cookies, please visit our Cookie Policy.  

  9.        Storage and transfer of personal data

We currently store all personal data on servers that are located in the Netherlands and other member states within the European Economic Area (EEA). We will not transfer any of our Users personal data outside the EEA unless all international data transfer requirements imposed by GDPR can be satisfied and our Users data will have the same level of security outside the EEA as they do within the EEA.  

10.        Security

We are committed to maintaining the confidentiality of your personal data. We take all reasonable and commercially viable measures to protect your personal data. We protect and store your personal data using the latest security measures, including encryption to reduce the risk of any data breach and by complying with the principles of data minimisation. Please note that despite our best efforts, there may be security vulnerabilities that we are not yet aware of, which is why we are unable to offer any guarantees of security.  

11.        Data Subject Rights

As a data subject, you have the right to access, rectify or request deletion of your personal data that is processed by us.   If we are processing your personal data, you will also have the right to access such personal data and receive information regarding the purpose of processing, our retention periods for such personal data (the reasoning behind the set retention period), and the safeguards used by the Company to ensure the security of your personal data.   You will also have the right to request rectification or erasure of your personal data or to restrict our processing, in the event we do not have any lawful basis for processing your personal data.   We will not charge any fees for complying with your personal data access request unless we can demonstrate that your request is excessive in nature. A data access request can be made by you by sending an email to info@bp-int.com. Please note that we may request you to verify your identity before responding to your request.  

12.        Contact us

If you have any other questions, or requests relating to this Privacy Policy, you can contact us by email at info@bp-int.com alternative you can write us a letter at:   Business Psychology International Vliegertstraat 2 6005 PR Weert Netherlands