Privacy policy

Knowledge, expertise, and trust are crucial pillars of the service by all group companies affiliated with the PNO Group holding B.V. We are committed to giving you clarity on how we handle your personal data. PNO operates under the names ARTTIC, ARTTIC Innovation, PNO Consultants, CiaoTech, PNO Chemistry, Cloudselling, EGEN, ffiqs, INNFLOW, InnovationEngineering, InventiveNL, InnovationPlace, Nehem, ttopstart , WheesBee and AdoptIdee. In this Privacy Statement, we inform you about our approach to handling and processing personal data.

Rijswijk, March 1st, 2021

1. Contact details

PNO Group holding B.V. (PNO Consultants B.V. / PNO) is the controller and is located at Laan van Zuid Hoorn 15, 2289 DC in Rijswijk. You can contact us by at +31 (0) 88-838 13 81, by e-mail at gdpr[at]pno[dot]group.

2. Who is this Privacy Statement applicable to?

This Privacy Statement applies to all persons whose personal data PNO processes, with the exception of persons working at PNO. Personal data means any data that contains information about persons through which those persons are identifiable. This Privacy Statement applies to:

This Privacy Statement does not apply to employees, temporary workers, temporary workers, student trainees, and applicants.

3. Which personal data do we process?

By processing personal data we mean: collecting, recording, organizing, storing, updating, modifying, retrieving, consulting, using, providing by means of forwarding, distribution, or any other form of posting, bringing together, linking together, and to protect, erase or destroy your personal data. We process personal data that you have provided to us, personal data generated during your visit to our website and reading newsletters, and personal data that we have derived from other sources, such as business social media platforms and business cards. Personal information provided by you:

Personal data obtained through- or generated by our website, electronic newsletters, commercial e-mails, or related technologies:

See our cookie policy Personal data obtained from other sources:

Our website may contain hyperlinks to websites of other parties and ‘social media buttons’. Nor is PNO responsible for the content of those websites or the services of referred platforms. Neither is PNO responsible for the privacy policy and the use of cookies on those websites and platforms.

4. What do we use your personal data for?

We use your personal data for different purposes. These are listed and elaborated on below:

If you hand over an assignment to a consultant your contact details will be requested. Other personal data may also be necessary for the handling of the assignment, depending on the nature of the assignment. Furthermore, the data is used for invoicing for the services provided.

Your contact data are kept in EU located relationship management system and may be used for the purpose of sending newsletters, updates, invitations to events and seminars, and sending information you requested from us.

Part of our service is to keep you informed with information that is relevant to you and your business. To make this possible, we combine and analyze the personal data available to us. On that basis, we determine which information and channels are relevant and which moments are most suitable for providing information or establishing contact. In marketing campaigns, we do not process special personal data or confidential data. If we would like to create a personal, individual customer profile, we will ask for your prior permission. Withdraw of consent is always possible. We analyze the following information:

5. Security level

We protect personal data through technical and administrative security measures to minimize the risk of loss, misuse, unauthorized access, disclosure, and modification. You can think of security software such as a virus scanner and firewalls, a secure internet connection, encryption of data, and physical and administrative access controls to data and servers. The PNO IT and HR departments are ISO 27001 certified for the EGEN, ffiqs and Nehem processes where PNO processes sensitive, or large volumes of data.

6. Storage of personal data

We do not store your personal data for longer than is strictly necessary for the execution of the purposes. If legal regulations apply to the storage, the personal data will not be kept longer than prescribed by law.

We process personal data on the basis of one of the following legal grounds:

A controller may only process personal data if this can be based on one of the limited enumerated legal grounds in the General Data Protection Regulation (AVG). The legal bases on which PNO Consultants relies are:

8. Processors

We may use service providers (processors) for the processing of your personal data that only process personal data in our order. We conclude a processing agreement with these processors that meets the requirements set by the General Data Protection Regulation (AVG). For example, we work with service providers that offer SaaS solutions (software as a service) or provide hosting services. Furthermore, there are ICT service providers who offer us support in keeping our systems safe and stable. We also use third-party services for sending newsletters and commercial e-mails. These are examples of parties that can be designated as (sub) processors as referred to in the General Data Protection Regulation (AVG).

9. Share personal data with third parties

Sometimes it is necessary to share your personal data with third parties, which – depending on the circumstances of the case – are necessary for the handling of your dossier. We also share a basic set of contact details with our subsidiaries within Europe with the aim of generating consultancy opportunities. There are also legal obligations that lead to personal data being passed on to third parties. In the following cases personal data will be provided to third parties:

We never sell your personal data to third parties and do not make automated decisions that could have significant consequences for you.

10. Transfer outside the (European Economic Area) EEA

Under the General Data Protection Regulation (AVG), personal data may only be passed on to parties outside the EEA when an appropriate level is guaranteed for the protection of personal data or when a specific deviation applies. We may pass on personal data to a party outside the EEA when necessary for the execution of the contract on provision of innovation- or financing consultancy services.

11. If you have questions about your personal data

Every person can exercise certain rights with respect to his or her personal data on the basis of the law. This gives you the right to inspect, rectify and delete personal data. You can also object to the use of your data or request that the use be restricted. In certain cases, you can request your data and take it to another party. For all these questions contact us on +31 (0) 88-838 13 81 or by email via gdpr[at]pno[dot]group.

12. Complaints

If you have complaints about how we handle your personal data, you can contact us by sending a mail to gdpr[at]pno[dot]group or call +31 (0) 88-838 13 81. We are happy to help you find a solution within a period of four weeks after receiving your request. If that does not work, you can always contact the Dutch Data Protection Authority.

13. Changes

Developments go fast and as a result, there may also be changes in the personal data we request from you and the way in which we use your personal data. Regulations can also change. In that case, we will update this Privacy Statement. We, therefore, invite you to regularly check the Privacy Statement so that you are kept informed. In the event of major changes, we will also make you aware of this via our website. Last check by DPO, May 1st, 2022