Privacy

Naturally, we consider privacy our highest priority, and personal data will be handled with the utmost care in all cases. Rules regarding the handling of personal data are laid down in the General Data Protection Regulation (GDPR).

In this privacy statement, you will find information about how we handle your personal data.

1. What are personal data?

If you or your company purchases one of our products, we will at some point ask for personal data such as name, date of birth, address, and possibly Citizen Service Number (BSN). Personal data refers to all information that can be traced back to an individual. This also includes data that indirectly says something about someone, such as information about psychological complaints and insurance details. We also receive personal data if you respond to a job vacancy. Collecting, storing, and using your data is what we call the ‘processing’ of your personal data.

2. For what purpose do we process personal data?

We need the personal data we request to provide you with the services or care you have asked for and to account for the content of the products and/or care and billing.

3. How do we process personal data?

PSY Business maintains an electronic client file for each client. Employees systematically record every client-related activity and other data that are important for good and safe assistance/care and advice, as well as for accountability and verifiability of (medical) actions and financial accountability.

Technical and organizational security measures are in place to protect this linkage and your electronic file against unauthorized access, alteration, and destruction.

PSY Business does not share client data with third parties unless there is explicit and specific written consent from the client. Data that need to be provided to third parties for quality monitoring are only supplied if they cannot be traced back to individuals.

4. How long do we retain your personal data?

In our client registration system, we apply the retention period that we are obliged to follow based on legal provisions. The medical file is kept in accordance with the legal term of 15 years, or longer if required by the care of a good healthcare provider. For individual guidance trajectories, a retention period is applied that corresponds with the legal retention period for medical records. Data related to a job application are only retained after an application procedure and/or a response from our side with your consent.

5. Modification and deletion of your data

A client has, within the term of the legal retention obligation, the right to access and obtain a copy of his or her file. You can request this from the client manager or the secretariat. To ensure that the request for access is made by the relevant client themselves, we ask you to send a copy of your identity document with the request. Please black out the passport photo and the Citizen Service Number in this copy to protect your privacy. PSY Business will respond to the request as soon as possible, but within four weeks.

Furthermore, the client has, by law, the right to correct factual inaccuracies in the recorded data. Finally, the client can submit a request for the destruction of the file. The organization may refuse this last request with substantiated reasons when there is a justified interest. Even if a request for destruction of a file is submitted, a minimum amount of data will still need to be retained.

6. Your consent

Correspondence to third parties only takes place within the framework of the assignment agreed upon with you and/or your employer or the client and with your explicit written consent.

7. Secured communication

Privacy-sensitive communication is always communicated securely by PSY Business; we ask you to do likewise.