First of all, we use personal data to keep in touch with our (potential) customers: name, telephone numbers, addresses and email. There is usually no need to provide personal details when you visit our website and pages related to our website. The information on our website and our other channels is organized in accordance with article 7.4 of the GDPR, and in such a way that there is no obligation for visitors to pass on personal details in order to see particular pieces of information.
We process different categories of personal data.
We save and process customer data to be able to carry out the contracts agreed with our customers. For this purpose, we store: name, visiting address, billing address, company incorporation details and information related to the relevant assignment. It goes without saying that we store and process this data safely, in accordance with the regulations set out in the GDPR. To make sure this happens at all times, we have drawn up a binding code of conduct for our employees.
If you send us an email or leave a message in our Customer Service system, we store your name, email address and the contents of your message.
In addition, we store and process data about potential customers, with a view to approaching them in the context of our marketing and sales activities.
Megawatt has its own pages on a range of social media websites such as the Megawatt Facebook page. When someone likes our Facebook page or shares any of our content on that page, this is communicated to us. If we were to place an advertisement on Facebook, it would in all likelihood be shown first to those people who liked our page.
Finally, we store and process data about our own employees. Our policies regarding co-worker data is available only to them and falls outside the scope of this this public document.
We will never collect so-called “special categories of personal data” (as described in article 9 of the GDPR), such as information about race, ethnicity, political conviction, religion beliefs, health or a criminal history. Within our own HR administration, this would only happen if there were a legal imperative.
We process the data listed above for the following purposes:
We use your email address, first name, surname and areas of personal interests to alert you to new content (blogs for example) regarding our offerings. We do this by creating targeted mailings in our CRM tool. On the basis of article 6.1.f (“legitimate interests”) of the GDPR, we believe it is sufficient to seek opt-out consent. This means you may receive an informative mailing from us without having given your express consent, but you can unsubscribe or opt out at any time.
We use your telephone number to give your further information if you have shown an interest in our products and propositions. On the basis of article 6.1.f (“legitimate interests”) of the GDPR, we believe it is sufficient to seek opt-out consent. This means we may telephone you for this purpose and that you have the possibility to indicate that this is against your wishes. If that is the case, we will no longer contact you by telephone for this purpose.
We use your email address, first name and surname to send you information about events in which Megawatt is participating. We do this by creating targeted mailings in our CRM tool. On the basis of article 6.1.f (“legitimate interests”) of the GDPR we believe it is sufficient to seek opt-out consent. This means you may receive an informative mailing from us without having given your express consent, but you can unsubscribe or opt out at any time.
We use your email address, first name and surname to send you information about Megawatt events. We do this by creating targeted mailings in our CRM tool. On the basis of article 6.1.f of the GDPR, we believe it is sufficient to seek opt-out consent. This means you may receive an informative mailing from us without having given your express consent, but you can unsubscribe or opt out at any time.
To prevent fraud or theft. We also use personal data to comply with our legal obligations (in accordance with article 6.1.c of the GDPR), or if we judge in good faith that it is necessary to do so to prevent fraud or to react to fraud, or to protect our websites or our products against attack, or to protect the property and safety of Megawatt, our customers or the general public (in accordance with article 32 of the GDPR).
Megawatt does not use personal data for any other purposes than those outlined here.
Megawatt uses analytical tools to measure the use of its website. In this way, we can determine which parts of the site are the most interesting and user-friendly. The statistics and reports that flow from this analysis cannot be traced back to any individuals. On the grounds of article 21.6 of the GDPR, we believe it is sufficient to seek opt-out consent. This means that your details contribute in principle to the user statistics but that you have the possibility to stop this from happening.
Megawatt continues to develop and optimize its services. We may in future add new functionalities to our online channels. If this impacts the way we process your personal data, we will publish an amended Privacy Statement in good time.
All our clients, prospects and other parties in our systems have a right of access to the data we record (in accordance with article 15 of the GDPR). Where Megawatt is the Controller, we can send you a breakdown of the (personal) data that we hold about you. This record is formatted in ordinary text. We see no reason in our case to also make your personal data available in a machine-readable format. You should submit your request by email.
Are your data incorrect? You can use the same form to pass on your amendments. For both right of access and corrections, we will do our upmost to comply with your request within 30 days, in as far as this is feasible, within the scope of the applicable legislation.
On the grounds of the processing agreements in place with our customers and partners, we are not permitted to use or sell on data that we manage on their behalf (in the role of Processor as defined by the GDPR). If you are a client of one of our customers and are seeking information on the data that we process on their behalf, you need to contact the customer in question directly. We will under no circumstance grant access to data we administer on behalf of our customers.
We store the information in accordance with our data retention policy. Personal data are retained for the processing purposes described above, and for the period of time prescribed by law.
As part of the GDPR, we have the role of Processor in relation to our customers. This means that we process personal data at the instruction of our customers. Because under the terms of the GDPR, our customers are legally liable for such processing, we are obliged to register these instructions in a record of processing activities (described in articles 39 and 30 of the GDPR). Megawatt has automated this record, so customers need to submit their instructions by email when making such a request.
As well as safeguarding your personal data, we also want to keep them as accurate and up-to-date as possible. Megawatt implements all reasonable physical, administrative and technical measures to protect your personal data against loss, theft, misuse as well as unauthorized access, use and publication. For example, we encrypt sensitive personal data such as user names and passwords when we transmit such information via the internet or store it in our database. We demand that our suppliers for their part also protect such information against unauthorized access, use or publication.
Megawatt understands and endorses the importance of protecting the privacy of children, especially in an online environment. Our website is not intended or designed for children under 16. It is our policy never knowingly to collect or store personal data of children under the age of 16. Should Megawatt obtain personal information about any person under 16, we will immediately erase this data from our systems.