The Dutch Securitisation Association (hereafter DSA) attaches great importance to the protection of your personal data. In this Privacy Statement, we want to provide clear and transparent information on how we process personal data.
The DSA promotes the common interests of parties active in the securitisation market. The DSA's core tasks are to represent the collective interests of the Dutch securitisation market, to provide a platform for meetings and cooperation and to inform and advise parties in the securitisation market.
The DSA is responsible for the processing of your personal data. If, after reading our Privacy Statement, or in general, you have any questions about it or wish to contact us, you can do so at privacy@dutchsecuritisation.nl.
1. Processing of personal data of (employees of) members of the DSA.
Personal data of (employees of) members of the DSA are processed by the DSA for the following purpose(s):
- Administrative purposes;
- Communication about the work that takes place within the (working) groups of the DSA and/or invitations to meetings and events;
- Fulfilment of legal obligations.
The bases for processing these personal data are:
- Our agreement with you (as an individual);
- Our legal obligations;
- Legitimate interest of the DSA or others, e.g. when we process your personal data for the fulfilment of an agreement with another company (such as the membership contract); we only use a legitimate interest as a processing basis when your privacy interests do not outweigh this interest. To this end, we balance the various interests. You can object to processing based on a legitimate interest in connection with your specific situation;
- Your consent, at least when required by law.
2. Processing of personal data of (employees of) customers or suppliers.
Personal data of (employees of) customers or suppliers are processed by the DSA for the following purpose(s):
- Administrative purposes;
- Communication about the assignment and/or invitations;
- Executing or issuing an order;
- Fulfilment of legal obligations.
The bases for processing these personal data are:
- Our agreement with you (as an individual);
- Our legal obligations;
- Legitimate interest of the DSA or others, e.g. when we process your personal data for the execution of an agreement with another company (such as the contract); we only use a legitimate interest as a processing basis when your privacy interests do not outweigh this interest. To this end, we balance the various interests. You can object to processing based on a legitimate interest in connection with your specific situation;
- Your consent, at least when required by law.
3. Processing of personal data of stakeholder contacts and/or interested parties.
Personal data of stakeholder contacts and/or interested parties are processed by the DSA for the following purpose(s):
- Providing information in the form of newsletters and/or targeted contacts;
- Relationship management and administration;
- Fulfilment of legal obligations.
The bases for processing these personal data are:
- Our legal obligations;
- Legitimate interest of the DSA or others; e.g. our legitimate interest in maintaining contact with you; we only use a legitimate interest as a processing basis when your privacy interests do not outweigh this interest. To this end, we balance the various interests. You can object to processing based on a legitimate interest in connection with your specific situation;
- Your consent, at least when required by law.
4. Processing of personal data of website visitors.
Our website dutchsecuritisation.nl uses cookies. Read more about this in our cookie statement, which can be found at this page.
Sources of personal data
In principle, the DSA receives personal data directly from you, but it may happen that our contact person at your company provides us with personal data about you, such as your name, contact details, position and information about the agreement with you or with your company. In addition, we may obtain such information from public sources such as the trade register or LinkedIn.
Recipients of personal data
Your personal data can be accessed within our organisation by persons who have a valid reason for doing so. Under certain circumstances, your personal data may also be shared with recipients outside our organisation. These include, for example, our service providers, competent authorities and government institutions, courts of law, banks, insurance companies, business partners and consultants. If a recipient processes personal data on our behalf as a 'processor', we will enter into a processing agreement with them.
In principle, we do not share your personal data with recipients outside the European Economic Area (EEA), the area in which the GDPR is directly applicable. However, should the situation arise where we share your personal data with a recipient outside the EEA, we will take appropriate measures to ensure the transfer complies with the GDPR.
Storage period
The DSA does not retain personal data any longer than is necessary for the purpose for which they were provided or is required by law. If we process your personal data in connection with an agreement, we will keep this personal data for the duration of the agreement and thereafter only in the financial administration for 7 years.
Rights concerning your personal data
You have the right to inspect your personal data, the right to have your personal data corrected, deleted, and the right to restrict the processing of your personal data. You can also object to the processing of your personal data (or part thereof) by us or one of our processors. You also have the right to have the personal data you have provided to us transferred to you or on your behalf directly to another party. When we process your personal data on the basis of your consent, you have the right to withdraw that consent at any time. This does not affect the legality of the processing up to the moment of revocation.
You can send a request to exercise your rights in writing to us using the contact details provided in this Privacy Statement. When you make a request, we will verify your identity. In addition, various conditions and exceptions to the aforementioned rights apply on the basis of the applicable privacy legislation and regulations. We assess per specific case whether this is the case.
Complaints
If you have a complaint about the processing of your personal data, please contact us immediately. If we are unable to resolve the matter with you, we are of course disappointed. You always have the right to submit a complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
Children
In principle, we do not process personal data of children (up to the age of 16). Should this nevertheless occur, we will only do this with the consent of (one of) the child's legal representative(s)/parent(s), insofar as the law obliges us to do so. If you are a legal representative or parent of a child whose personal data are processed by us, please let us know if we can help explain the contents of our Privacy Statement.
Contact details
Dutch Securitisation Association (DSA)
Gustav Mahlerplein 29-35
1082 MS Amsterdam
E-mail: privacy@dutchsecuritisation.nl
Amendments
The DSA reserves the right to make changes to the Privacy Statement. We therefore recommend you to check this page regularly to see whether any changes have been made. Should the DSA make a significant change which affects the way in which the DSA processes your personal data, we will announce this by means of a notice on our website(s).
Amsterdam, May 2021