Kiwa aims to create trust, which is why your privacy is important to us. In this privacy statement, we will explain to you what kind of personal data we collect, how we collect it and what we use it for.
Kiwa offers a wide range of products and services, to all of which this statement applies. This statement is regularly reviewed and updated as our products and services may evolve.
Kiwa invests in securing your privacy by enhancing knowledge, professionalism and ethics among its employees and contractors, and takes steps to ensure adequate protection for your personal data.
We are one of the major global players in the TIC market (Testing, Inspection, Certification). Together with you, we would like to create trust, quality and progress.
Kiwa collects personal data to enable us to provide you with our products and services. Personal data collected vary with the nature of the product or service we provide or may provide you with. Commonly, this includes among others your name, contact data such as email address, phone or mobile phone number, (business) location, your age or date of birth and the country you live in. Sensitive information is only processed when explicitly required and within the constraints of the law.
You provide some of this data to us directly by subscribing to newsletters or other regular information from Kiwa, by requesting offers for products or services from us or by taking delivery from products or services we offer. We also get some of your data by using tracking cookies on our public websites. Incidentally we may also receive data from third parties, e.g. when your employer registers you for certain training sessions or certifications.
Kiwa has a policy of collecting only personal data which are necessary for processing. We will process your personal data only with your consent or in cases of necessity, such as the execution of a contract, legal obligations, carrying out a task in the public interest or for our own legitimate interests.
We need your personal data for one or more of the following business purposes:
If and when the processing of your personal data is based on your consent, you have the right to withdraw this consent at any time.
Kiwa makes use of three main ways of processing your personal data: on-site by Kiwa in our datacenter, on-line with major providers, and for specific products and services using applications (cloud) provided by selected third parties. Kiwa has a strict security policy to ensure adequate security of your personal data. When we use an on-line provider we choose to work with industry leaders – or other parties who comply with EU law and who have extensive security and privacy measures in place.
The storage period of your personal data depends on the type of process for which it is needed. For many of our products and services, your personal data are part of a continuous process, which is why your personal data will be stored until that process terminates. In all other cases, your personal data will be deleted without undue delay when it has served its purpose, unless any kind of legal storage period is applicable.
Kiwa generally does not share data with others that collect and use personal data for their own (business) purposes. If needed to provide you with products and services by Kiwa, third parties may receive data from us about you. We may share your personal data with others who are related to our products and services. Personal data of a sensitive nature is generally not shared unless the strict exemptions of the law are followed or in case of emergency where your vital interests are best served by sharing relevant information.
Kiwa provides limitation of access for Kiwa internally, and we expect third parties to equally limit access to your personal data on a ‘need to know, right to know’ basis. That is, only those who actually actively need to process your data are allowed to do so. Right to know means we only entrust working with personal data to persons we can put trust in, and being entitled to access such data. We extend this towards our suppliers or third-parties we work with.
The General Data Protection Regulation (GDPR) provides you with a set of rights. These individual rights are stated in the GDPR and will be respected by Kiwa.
These rights include the right to be informed where personal data are collected, the right to access and the right to rectification of your data if and when it is inaccurate. Also, under specific circumstances mentioned in the GDPR, you may request erasure of your personal data or restrict the processing of it. Furthermore, you have the right to object to the processing of your personal data, or to being subject to automated decision making and profiling. Lastly, you have the right to data portability.
In addition to these rights, you have the right to lodge a complaint with the Data Protection Authority.
The version of this Kiwa Privacy Statement was created in February, 2018.
We will update this privacy statement if any changes apply. If there are any material changes to the statement or in how Kiwa will use your personal data, we will either notify you by prominently posting such changes on our website or by directly sending you a notification.
In the event of a conflict between this Kiwa privacy statement and the terms of any agreement(s) between a customer and Kiwa, the terms of those agreement(s) will control.
For certain Kiwa entities, a more specific privacy statement may be applicable and will be offered to you in case of personal data processing.