This Website collects some Personal Data from its Users. Among the types of Personal Data that this Website collects, by itself or through third parties, there are: Cookies; Usage Data; first name; last name; phone number; email address. Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
This Privacy Policy outlines how NextWave Consulting Limited, Infinium Consulting B.V and NextWave Italia S.R.L. (“we”, “us”, or “our”) may collect personally identifiable data from you through this website. Please read the terms of this policy carefully. If you do not agree to these terms, please do not continue to use this website. NextWave Consulting, Infinium Consulting B.V and NextWave Italia process personal data of current, future and ex-employees, (customers and employees of) customers, suppliers and other parties. We may receive information from you, for example via our website, e-mail, telephone or app. In addition, we can obtain your personal data in the context of our services via third parties (e.g. your employer). We process your personal data according to the rules of the General Data Protection Regulation (‘AVG’). This privacy statement provides you with information as to how we deal with your personal data.
Nextwave Consulting, Infinium Consulting (trading as NextWave-Infinium) and NextWave Italia are committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. You can unsubscribe at any time.
The Data Controller is the person or business that determines the manner in which personal data is processed, and is responsible for the security of any personal data that has been collected. For the purposes of data protection legislation in force from time to time the data controller is NextWave Consulting or Infinium Consulting (or “we”), while the Data Subject is any individual we process personal data for (referred to throughout as “you”). The nominated data protection representative at NextWave Consulting is our COO/CEO, and can be contacted at the following:
Email: HR@Nextwave.co.uk
Address: 71-75 Shelton Street, Covent Garden, London WC2 9JQ
The nominated data protection representative at Infinium Consulting B.V is Jeanette Zeilmaker, and can be contacted at the following:
Email: operations@infinium.consulting.
Address: Fred Roeskestraat 115, 1077 EE, Amsterdam, The Netherlands
The personal data we process depends on the exact service and circumstances. Often this concerns one or more of the following types of data:
• name and address details;
• Contact function;
• Birthdate and place;
• Sex;
• Contact details (e-mail addresses, telephone numbers) and name and function of contacts;
• Copy of identity documents;
• Citizen service number (only if necessary);
• Passport photo (only if strictly necessary, for example for personnel file);
• Salary and other information required for tax returns, salary calculations and the like;
• Marital status, data partner and possibly. information about children; insofar as necessary, for example, tax returns);
• Bank account number;
• Information about your activities on our website, IP address, internet browser and device type.
When you register to download a report, register to view a document or submit a CV via our website, certain personal data will be requested from you, such as your name, email address and phone number. If you opt in to receiving job alerts via our website, additional data may be requested from you, such as your job search criteria and salary expectations.
NextWave Consulting and Infinium Consulting B.V are committed to all aspects of data protection and takes seriously its duties, and the duties of its employees. When you submit personal data via our website, you understand that NextWave Consulting and Infinium Consulting B.V may store your information on our secure server in accordance with our data Retention and Destruction policy. If you would like to review this policy, please contact our Data Controller by emailing HR@Nextwave.co.uk or operations@infinium.consulting.
Should any of the personal data you submit to us change, please notify us without delay so we can ensure your details are kept up to date and accurate.
Among the types of Personal Data that this Website collects, by itself or through third parties, there are: Cookies; Usage Data; first name; last name; phone number; email address.
Sources we collect personal data from include, but are not limited to, the following:
Our legal basis for the processing of personal data is our legitimate interests, although we will also rely on contractual obligations to which you are subject, legal obligations and consent for specific uses of data. We will rely on contractual obligations if we are negotiating or have entered into a placement agreement with you or your organisation or any other contract to provide services to you or receive services from you or your organisation. We will rely on legal obligation in some cases, where we are required by local laws or regulations to process your data. We will in some circumstances rely on consent for particular uses of your data. Where we rely on consent, you will be asked for your express consent.
In a number of cases we process the personal data in order to comply with a legal obligation, but usually we do this in order to be able to implement our services or an employment contract. Some data is recorded for practical or efficiency reasons, which we assume is also in your interest, so as to enable:
• communication and information provision;
• Infinium to be able to perform our services as efficiently as possible;
• the improvement of our services;
• invoicing and collection of cash.
The above also means that we use your personal data for marketing purposes or to send you advertising materials or messages about our services, if we think that these may be of interest to you. [It may also happen that we contact you to request feedback on services provided by us or for market or other research purposes.]
In some cases it may be that we want to process personal data for reasons other than those mentioned above, and in these cases, we will explicitly ask you for permission. In such a situation, we will make a request on each occasion that we do this.
Finally, we may also use your personal data to protect the rights or property of ourselves and those of our users and, if necessary, to comply with legal proceedings.
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Website (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
You can also connect to us through LinkedIn via the links on our home page. Please note that we are not responsible for the content or privacy practices of non-NextWave Consulting or non-Infinium Consulting B.V webpages to which this site may link.
In the context of our services, we can make use of the services of third parties, for example if these third parties have specialist knowledge or resources that we do not have in house. These can be so-called processors or sub-processors, who will process the personal data on the basis of your exact order. Other third parties who, strictly speaking, are not processors of the personal data but have access to them, are for example our system administrator, suppliers or hosting parties of online software, or advisors whose advice we obtain regarding your assignment. If engaging third parties has the effect that they have access to the personal data or that they themselves record and / or otherwise process, we will agree (in writing) with those third parties that they will comply with all the obligations of the AVG. Of course, we will only involve third parties from whom we can and may assume are reliable, that deal adequately with personal data and, moreover, can and will comply with GDPR. This means, among other things, that these third parties may only process your personal data for the aforementioned purposes.
Of course, it may also be that we have to provide your personal data to third parties in connection with a legal obligation.
We will in no case provide your personal data to third parties for commercial or charitable purposes without your explicit permission.
We will not process your personal data for longer than is useful for the purpose for which it was provided (see the section on ‘Goals of and bases for processing’). This means that your personal data will be kept for as long as it is necessary to achieve the relevant goals. Certain data must be retained for a longer period of time (often 7 years) because we have to comply with statutory custody obligations (for example the fiscal retention obligation) or in connection with instructions from our professional association.
We have taken appropriate organisational and technical measures for the protection of the personal data insofar as these can reasonably be required of us, taking into account the interest to be protected, the state of the technology and the costs of the relevant security measures. We oblige our employees and any third parties who necessarily have access to the personal data to secrecy.
Furthermore, we ensure that our employees have received a correct and complete instruction on the handling of personal data and that they are sufficiently familiar with the responsibilities and obligations of the AVG. If you appreciate this, we will gladly inform you about how we have designed the protection of personal data.
A recent ruling (July 2020) by the EU, invalidates the EU-US privacy shield. As such we have recently amended our privacy statement to align with this new ruling. In the EU we work with several parties; Siteground (web-site), Microsoft, Freshteams, Scoro and Surveyanyplace. Google Analytics is US based and there are on-going privacy discussions with the EU. We have taken measures to anonymise user IP addresses and to remove any Personal Identifiable Information (PII) that is passed to Google from our web-site. All users to the web-site also now have to consent to the Cookies prior to using the site.
It is possible that our privacy policy needs further amendment and improvement in the future. We, therefore, reserve the right to make changes to this privacy statement. The most recent version of the privacy statement can always be found on our website.
Finally, we hope that with this privacy statement we have given you a clear picture of our privacy policy. If, however, you have questions about how we handle personal data, please let us know. The first point of contact for privacy aspects at our organisation is our nominated data protection representative, and can be contacted at the following:
HR@Nextwave.co.uk or operations@infinium.consulting.
You have the right to inspect, rectify or delete the personal data that we have from you (except, of course, if this would interfere with any legal obligations). You can also object to the processing of your personal data (or a part thereof) by us or by one of our processors. You also have the right to have the information provided by you, transferred by us to yourself, or directly to another party if you so wish.
If there is an incident (a so-called data leak) regarding the personal data concerned, we will inform you without delay, subject to compelling reasons, if there is a real chance of negative consequences for your privacy. We will aim to do this within 72 hours after we have discovered this data breach or have been informed about this by our (sub) processors.
If you have a complaint about the processing of your personal data, we ask you to contact us about this. If this does not lead to a satisfactory outcome, then there is always the right to file a complaint with the Dutch Data Protection Authority; the supervisory authority in the area of privacy.
We will only process the personal data within the European Economic Area, unless you agree on this with our other written agreements. Exceptions to this are situations in which we want to map contact moments via our website and / or social media pages (such as Facebook and LinkedIn). Think, for example, of visitor numbers and requested web pages. Your data will be stored by third parties outside the EU when using Google Analytics, LinkedIn or Facebook. These parties are ‘EU-US Privacy Shield’ certified, so they have to comply with European privacy regulations. Incidentally, this only concerns a limited number of sensitive personal data, in particular your IP address. Two other companies that Infinium uses for its’ website (Go-daddy) and for its’ data storage (Google) are also listed within the EU-US Privacy Shield.
It is possible that our privacy policy needs further amendment and improvement in the future. We therefore reserve the right to make changes to this privacy statement. The most recent version of the privacy statement can always be found on our website.
A recent ruling (July 2020) by the EU, invalidates the EU-US privacy shield. As such we have recently amended our privacy statement to align with this new ruling. In the EU we work with several parties; Siteground (web-site), Microsoft, Freshteams, Scoro and Surveyanyplace. Google Analytics is US based and there are on-going privacy discussions with the EU. We have taken measures to anonymise user IP addresses and to remove any Personal Identifiable Information (PII) that is passed to Google from our web-site. All users to the web-site also now have to consent to the Cookies prior to using the site.
Cookies are files containing a marginal amount of data, stored on a user’s computer by their web browser. Most websites use cookies, and these are not considered to be harmful to your system. We use functionality cookies to facilitate easier use of our website, and when you view our website, cookies are not used to track your visit. Session cookies are used when signing into a registered account on our website, so the user can remain signed in. Our servers may log your computer’s IP address, to maintain system security and prevent unauthorised access.
By registering on our website, you are giving your consent to the use of cookies as outlined above. You can review your cookie settings via your internet browser. Disabling your cookies may prevent certain functions of our website from operating correctly.
Should you decide to change your preferences later through your browsing session, you can click on the “Privacy & Cookie Policy” tab on your screen. This will display the consent notice again enabling you to change your preferences or withdraw your consent entirely.
In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. To find out more about how to manage and delete cookies, visit wikipedia.org, www.allaboutcookies.org.
We hope that with this privacy statement we have given you a clear picture of our privacy policy. If, however, you have questions about how we handle personal data, please let us know. The first point of contact for privacy aspects at our organisation is Jeanette Zeilmaker: Jeanette.Zeilmaker@infinium.consulting