This privacy statement was last updated on 12 June 2018
This is the General Data Protection Regulation Statement of Blue10 (Corporation name of Blue10 B.V.), registered in Commercial Register of KvK (Dutch Chamber of Commerce), number 27195343. Blue10’s office is located at Oude Middenweg 17, 2491 AC in The Hague and is governed by Dutch law.
Explanation of General Data Protection Regulation (GDPR)
As of 25 May 2018, the General Data Protection Regulation (GDPR), which is a centrally regulated privacy legislation within the European Union (EU), has come into effect. Due to rapid developments in cloud technology and various digital informatics, new channels of data transference have and continue to open up. In order to protect the privacy and use of personal data of its citizens, The European Union wishes to strengthen its data protection legislation by introducing stronger enforcement measures. In doing so the EU aims to improve your confidence and security in the emerging digital economy.
Blue10 as a processor of personal data
Privacy-sensitive data is processed via the website (www.blue10.com) and the Blue10’s SaaS service. These data are also called personal data. At Blue10, we attach great importance to the privacy of our employees, customers and users and do everything in our power to secure the privacy of data and protect personal data.
In this privacy statement, we explain which personal data we process, for what purpose we do this and how we protect it.
In compliance with the privacy legislation in our handling of data, we hereby declare our intention of the use of your personal data;
- Through this privacy statement, clearly state the purposes for which we process personal data;
- Limit the collection of personal data to that which is necessary for the defined purposes;
- Ask you first for explicit permission to process your personal data in cases where permission is required;
- Blue10 takes appropriate security measures to protect your personal data and also requires parties who process personal data on our behalf to do so;
- Respect your right to, on your request, give insight to, correct or delete your personal data.
In this privacy statement, we explain which personal data we process, for what purpose we do this and how we protect it. We recommend you to read this statement carefully.
Use of personal data
When using our website (www.blue10.com) we offer the possibility to request information and/or ask questions. In doing so, you leave certain information with us. Often it will be company data, but in some cases it will also be personal data.
We process your personal data for the provision of our service and the purposes associated therewith, such as providing support, securing the Blue10 service, detecting and combating fraud or abuse and sending invoices in the Blue10 approval workflow in case of using our service. We may also process your personal data to contact you, because you have made a request for this via our website.
More specifically, we process your data for the following purposes:
- The registration process you go through to use the Blue10 service and subscribe for an subscription;
- Providing access to the Blue10 service;
- The (daily) use of the Blue10 service in the form of notifications, routing and authorisation of invoices and other documents;
- Processing the (contact) form you have filled in on our website;
- Sending newsletters, tips & tricks or other product related messages, when you are registered for this;
- Answering support questions asked in relation to the use of the Blue10 service by e-mail;
- In addition to the service messages displayed in the service, we may also send service messages to your email address with regard to our service;
- Sending out invitations to participate in surveys about satisfactions and loyalty or to think about new functionalities in the Blue10 service.
- In order to contact you (again) (call, e-mail, LinkedIn InMail) now or in the future for a first acquaintance with Blue10 and / or your application procedure at Blue10.
By doing so, we process the following data:
- Registration: Name, position, gender and contact details (telephone number(s) and e-mail address). Company details (contact-, payment details and VAT-, chamber of commerce number)
- Access: Login data, consisting of an e-mail address and a password;
- Usage: Name and e-mail address. This information is required to be able to send you a notification when documents are ready, to be able to speak to you personally in the Blue10 service, to send and authorise documents and to distinguish between various users in the Blue10 service;
- Website form(s): Company name, name, e-mail address, telephone number and any information you enter in the message on your own initiative.
- Newsletters: Name and e-mail address. Each newsletter consists of an unsubscribe option.
- Support questions: Name and e-mail address;
- Service messages: Name and e-mail address;
- Marketing objectives to improve our services: Name, position and e-mail address.
- Application procedure: Name, e-mail address, telephone number, link to your LinkedIn profile and CV.
Blue10 does not store your personal data for longer than is necessary to realize the purposes for which your data is collected.
Data provision to third parties
Blue10 provides your personal data to third parties if this is necessary for the use of the Blue10 service, or if we are legally obliged to do so.
On the website of Blue10, general visitor information is kept, including the IP address of your computer, the time of request of a page and other information that your browser provides. This data is used to analyse visitor- and click behaviour on the website with the aim of improving the functioning of the website. These data will be anonymised as much as possible and will not be provided to third parties.
This privacy statement does not apply to third party websites that are linked to our website. We cannot guarantee that these websites deal with your personal data in a reliable and/or secure manner. Always read the privacy statement of this website carefully before using the website in question. In this way you can make sure in advance that you are aware of the way in which the website deals with your (personal) data.
Blue10 attaches great importance to the protection of your (personal) data and takes appropriate measures to protect your personal data against unauthorised access, abuse and other forms of unlawful use.
Blue10’s website uses a reliable SSL Certificate to ensure that your personal data is not accessible to unauthorised persons/parties. We have also taken various technical and organisational measures to ensure the Security and Availability Policy of the Blue10 service. You can find these measures in the Security and Availability polocy of Blue10 In addition, Blue10 has an SOC2 statement in which the internal control of our processes has been tested.
Access, modify or delete data
You have the right to access your personal data, to correct it or to have it deleted. A request for review, correction or deletion can only be taken into consideration if it is submitted in written form. Hereby you may be asked to identify yourself in order to prevent abuse.
You are responsible for the consequences of removing your personal data. However, please bear in mind that by doing so, for example, you will no longer be aware of system updates and developments, you will not be able to receive responses to any support requests you make and/or you will no longer be able to access Blue 10 service log in.
If you have applied for Blue10, it is possible that your data will be saved, so that we can approach you in the following application rounds. If you want us to delete your data after your application, please send an e-mail to firstname.lastname@example.org. Then your data will be deleted.
Changes in this privacy statement
This privacy statement can be adjusted in the meantime. The most recent version of the privacy statement can always be found on our website. We advise everyone to regularly consult our privacy statement, so that you are always up to date with the latest changes.
Data Protection Authorities
We will, of course, be happy to help you if you have any complaints about the processing of your personal data. Should we really not be able to find a solution together, you also have the right, in accordance to the privacy legislation, to submit a complaint to the privacy regulator of your country, the ‘Autoriteit Persoonsgegevens’.
If you have any questions about your privacy, this privacy statement and/or the processing of your personal data, please contact us at email@example.com.