When do we collect information about you?
We only collect your personal data directly from you, when you send it to us in order to attend the information evenings at our Amsterdam office, or when you sign up for the webinars organised to introduce our organisation to individuals interested in working with us.
What information do we collect from you and for what purpose?
We only ask for personal information that will genuinely help us to organise and select the right audience for the information evening and webinars.
- The information you provide us in order to register for an information evening, such as your name and email address and a copy of your CV
- The information you provide us in order to register for a webinar, such as your name and email address
We will use your personal data for the following purposes:
- To process your application for you to attend an information meeting at our Amsterdam office, which includes us carrying an assessment of your suitability to work for us and putting together a group of participants that has similar informational needs.
- To process your registration for the webinars you have signed up for.
- To send you a post-event questionnaire about your potential interest in working for us and to receive your feedback on the event that you joined, so we can learn and improve the experience.
- To provide you with information about our current or future vacancies or job opportunities.
Who has acces to this information?
We use other organizations to help us process personal data and perform certain activities on our behalf. Our partners can use the personal data only for the assignment that they receive from us and are obliged to use your personal data carefully and to secure it. Our partners must keep the personal data confidential and destroy it after it has fulfilled the purpose it was obtained for. We always set this out with any organizations before we share any data with them.
We also use third parties which provides us with a platform to organise our webinars.
We will, in no case, sell your data nor make it available to other organizations or companies. The only cases in which we will share your data with other organizations are the ones mentioned above.
How do we protect your personal information?
We have taken the appropriate technical and organizational measures to protect your personal data. We ensure the safety of your data not only electronically (through measures such as, but not restricted to, encryption at rest and in transit, use of firewalls, use of individually assigned accounts, or updating software and running patches), but also physically (for example by keeping only necessary files on paper, in locked cabinets, and by having access cards), and through organizational measures such as training our staff accordingly, and ensuring that they do their best to protect your data.
How long do we keep your personal data?
We keep your personal data during the registration process until we decide on the event participants. When you are selected for an information evening or you sign up for a webinar, we will delete your personal data one month after the information evening or webinar is carried out. In case your application to our information evening is not successful, we will delete your personal data no later two weeks after we inform you about our refusal.
What is the legal basis for the processing of personal data?
At MSF, we process your personal data relating to your application to attend the information evening or to join our webinars, based on our legitimate interest, as it is necessary for us to understand the participants of our information evenings and webinars in sufficient detail in order to select them appropriately.
How can you access or modify your personal data?
GDRP grants you several rights with regard to your personal data, such as the right to access, modify or delete your data. In order to exercise these rights, please contact us via our online form (link here) and we will provide you with the information you request as quickly as possible, which can take us up to 30 days. In some cases, we will ask you to identify yourself or to answer some identifying questions so we can verify your identity and ensure your data is not shared with anyone else. It may be possible that we may not be able to comply with certain requests, for example because there is a legal obligation to maintain certain information, and if this is the case, we will inform you of the reason why.
Right to access
You have the right to request all the data that we have about you.
Right of Rectification
If you believe that the personal data that we have on you is not accurate or up to date, you are entitled to request the modification of it.
Right to restrict the processing
You are entitled to ask us to stop using your personal data or in some cases to stop or limit the access, for instance when the data is not necessary to fulfil the original purpose for which you gave us the data, or if there is any disagreement about its accuracy or the legitimacy of its usage.
Right to withdraw consent and right to object
When we process the personal data for which you have given us your permission, you can withdraw your consent for this processing at any time. This means that we will no longer process your personal data for that purpose.
If we process personal data for the protection of our legitimate interest, you have a right to object to this at any time.
Right to erasure (“right to be forgotten”)
In certain circumstances, such as when you have given us your consent, you can request us to delete the data we have about you from our systems. If we have a legal obligation to keep your data, such as for example for tax purposes, we will only retain it for as long as necessary to fulfil its purpose.
Right to data portability
You have the right to request us to return the personal data provided to us in a standard format so that you can provide it to another responsible party. You can also request us to pass the personal data directly to the other responsible party.
My question is not mentioned
For other questions about data protection, you can contact our Data Protection Officer via email@example.com. You can also send us a letter: Artsen zonder Grenzen, Data Protection Officer, Plantage Middenlaan 10, 1018 DD, Amsterdam.
Submit a complaint to the Dutch data protection authority (autoriteit persoonsgegevens)
If you are concerned about how your data is being used or if you want to file a complaint, please contact our Data Protection officer via email firstname.lastname@example.org. You also have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) via the form available on their website (link here).
When do we update this privacy statement?
This privacy statement was last updated on: April 30, 2020. We will alter this privacy statement whenever necessary. If we implement any important changes regarding the way we handle your personal data, we will make this clear on our websites or directly contact you. If you have any questions, remarks or suggestions, you can let us know by contacting us.