Privacy and cookie statement
CaseNine respects your privacy and will do its best to ensure that your personal data is processed in a lawful and transparent manner. We act in conformity with the General Data Protection Regulation, which means that we:
- Clearly explain to you what personal data we process.
- Only collect personal data that is needed for our legitimate purposes.
- Limit our collection of personal data.
- Take reasonable measures to ensure that your data is correct.
- Observe (statutory) storage and deletion periods.
- Take appropriate security measures to protect your personal data.
- Respect your rights.
You are under no statutory or contractual obligation to provide your personal data to us. CaseNine limits the processing of personal data to an absolute minimum. However, we may not be able to process your order or deliver our services when you won’t provide us with your personal data.
CaseNine is the main responsible for processing your personal data.
3817CH Amersfoort (The Netherlands)
Chamber of Commerce No: 58244255
If you have any questions about this privacy and cookie statement or the way we handle your personal data, you can contact us
By email: firstname.lastname@example.org
By phone: +31(0)33 7600060
In writing: Arnhemseweg 6, 3817 CH Amersfoort
Social media buttons, third party websites
We have added social media buttons from Facebook, Instagram, LinkedIn and Twitter to this website. If you click on the button, cookies are being placed.This privacy and cookie statement does not apply to third party websites and links. We encourage you to read the privacy statements of these third parties. CaseNine cannot guarantee that these third parties will handle your data in a secure manner. You can read how these companies handle your privacy in their privacy statements:
How we collect your personal data
CaseNine collects data in a variety of ways. In most cases we will collect personal data directly, for example when you have submitted the contact form. From time to time, we may collect generally known data from publicly available sources, such as social media and the Commercial Register of the Chamber of Commerce.
Why do we collect your personal data?
CaseNine collects, uses and processes your personal data to provide services. We collect your data to enter into a contract with you and execute the contract, to maintain and improve our (contractual) relationship, to send a quotation, to improve the website with analytical tools, to handle complaints, to send an invoice and for direct marketing purposes. We will use your name, email and telephone number to contact you as part of the execution of the contract. If you contact us we will also process data, so that we can respond to your message. Finally, we process data for administrative purposes.
More specifically, we collect your personal data for the following purposes:
You can sign up to receive our newsletter. We will use your information (name and email) to send you our newsletter. We ask your consent for this. We add an unsubscribe link at the very end of every newsletter.
If you make use of our contact/helpdesk form, we will use the provided data (name, company name, telephone number, email, position and personal data you have shared by communicating with us) to contact you or to answer your question. We will keep your personal data until your question has been fully answered by us or you are satisfied with our response to your request.
With our chat widget you can ask your question online and get a direct answer. We use HubSpot to display the chat widget on our website. Read more about the cookies that are set by this widget, in the section “Cookies”. You should also have a look at the website of HubSpot.
When you leave a comment on one of our blogs, your name and email will be processed. Optionally, you can enter the domain name of your website (this will be shown with your comment). We have a legitimate interest in showing these comments on our website. Your comment will remain on the site until we remove the blog from our website.
We regularly post vacancies on this website. When you apply for a position at CaseNine, we ask for your CV and a letter of motivation. We can carry out a background screening, if we consider this to be necessary for the position. We have a legitimate interest to subject a candidate to a screening, because we would like to know if a candidate could be a trustworthy employee. This means that we check the data from the CV and view publicly available information about the candidate (such as social media and github/stack overflow profiles).We will always discuss the outcome of this screening with the candidate. We will delete your data no later than 4 weeks after the application procedure has ended, in case you didn’t get the job. Only with your consent will CaseNine safe your application data for a period of 1 year after the end of the application procedure.
Lawful basis for processing personal data
We must have a valid legal basis in order to process your personal data:
- Consent. In some cases we process your personal data based on your consent. You can withdraw your consent whenever you want.
- Necessary for executing a contract.
- Legitimate interest. We rely on the legal basis of ‘legitimate interest’ when the processing of your personal data is necessary for our legitimate interest (for example: direct marketing, or to improve the website with analytical tools) and this does not affect someone’s fundamental rights and freedoms. Additionally, we will delete the data when the data is no longer needed for the processing purpose.
- Legal obligation. We are legally obliged to keep records and to retain them for at least 7 years (the fiscal retention obligation).
Storage period of your personal data
Sharing personal data with third parties
We may use third parties, including data processors, for certain services. We may share your personal data with the following parties:
- IT- suppliers and service providers
- Google Analytics
- Phone service providers
- Payment service providers
CaseNine has signed data processing agreements with (sub) processors. If possible, we use processors established within the EEA. You should be aware of the fact that your data may be transferred and otherwise processed to a location outside of the EEA. We will only transfer your data to third parties outside of the EEA, if the third party is located in a country that’s considered “adequate” by the EC and/or if there is a Privacy Shield.
CaseNine has implemented a variety of technical and organisational security measures to prevent unauthorised access of your personal data.
We have taken the following measures to protect the safety of your data:
- Physical security measures
- Access to personal data is protected with a username and password
- Encryption of digital files
- Anti-virus software and regular software updates
- Secure connections (Transport Layer Security, before SSL)
The cookies that our website uses are:
This website uses strictly necessary cookies that are essential for the operation of this website:
- __hs_initial_opt_in: this cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode. It expires in seven days.
- hs-messages-is-open: this cookie is used to determine and save whether the chat widget is open for future visits. It expires in 30 minutes.
- __cfduid: used by the content network, Cloudflare, to identify trusted web traffic. It expires in 30 days.
- hs-messages-hide-welcome-message: this cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed. It expires in 1 day.
- JSESSIONID: preserves users states across page requests (domain nr-data.net). It expires at the end of the session.
- CookieConsent: stores the user’s cookie consent state for the current domain. It expires in 1 year.
- rc::a - b- c- d: these cookies are used to distinguish between humans and bots. rc::a and d are persistent, b and c expire after the end of the session.
- _ga: registers a unique ID that is used to generate statistical data on how the visitor uses the website. Expires after 2 years.
- _gat: used by Google Analytics to throttle request rate. Expires after 1 day.
- _gid: registers a unique ID that is used to generate statistical data on how the visitor uses the website. Expires after one day.
This website uses marketing cookies:
- __hssc: this cookie keeps track of sessions and is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp. It expires in 30 minutes.
- __hssrc: whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. It expires at the end of the session.
- __hstc: the main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session). It expires in 13 months.
- __hmpl: collects information on user preferences and/or interaction with web-campaign content. This is used on CRM-campaign-platform used by website owners for promoting events or products. Persistent cookie.
- __ptq.gif: sends data to the marketing platform Hubspot about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels. Session cookie.
- HUBLYTICS_EVENTS_53: collects data on visitor behavior from multiple websites, in order to present more relevant advertisement. Persistent cookie.
- hubspotutk: this cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts. It expires in 13 months.
- messagesUtk: this cookie is used to recognize visitors who chat with you via the chatflows tool. If the visitor leaves your site before they're added as a contact, they will have this cookie associated with their browser. It expires in 13 months.
- _gcl_au: used by Google AdSense for experimenting with advertisement efficiency across websites using their services. It expires in 3 months.
- _hjid: sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes. It expires at the end of the session.
- GPS: registers a unique ID on mobile devices to enable tracking based on geographical GPS location. It expires after 1 day.
- IDE: used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user. It expires in 1 year.
- NID: registers a unique ID that identifies a returning user's device. The ID is used for targeted ads. It expires in 6 months.
- PREF: registers a unique ID that is used by Google to keep statistics of how the visitor uses YouTube videos across different websites. It expires in 2 years.
- VISITOR_INFO1_LIVE: tries to estimate the users' bandwidth on pages with integrated YouTube videos. It expires in 179 days.
- YSC: registers a unique ID to keep statistics of what videos from YouTube the user has seen. It expires at the end of the session.
- test_cookie: is used to check if the user's browser supports cookies (doubleclick.net). It expires in 1 day.
- yt-remote-cast-installed, yt-remote-connected-devices, yt-remote-device-id, yt-remote-fast-check-period, yt-remote-session-app, yt-remote-session-name: stores the user's video player preferences using embedded YouTube video. yt-remote-connected-devices and yt-remote-device-id are persistent, the other cookies expire at the end of the session.
Under the General Data Protection Regulation, you have a number of important rights that you can exercise. To appeal your rights, please contact us through email (email@example.com), by telephone or in writing.
These are your legal rights:
- The right to data portability. This right gives you a higher degree of control over your own personal data. You have the right to receive your personal data in a structured, commonly used, machine-readable and interoperable format so that it can be transmitted to a different party, if this is possible.
- The right of access to your personal data. This enables you to receive a copy of the personal data we hold about you and to verify if we process your personal data in a lawful manner.
- The right of rectification and erasure of your personal data. You can request us to rectify your (incorrect) personal data or have it removed.
- The right to restrict the processing of your personal data. In some cases you have the right to limit the processing of your personal data.
- The right to object against the processing of your personal data. You can request that we no longer use your personal data. If you object to the use of your personal data for commercial purposes, we will always respect this.
- The right to withdraw consent at any time. When you have given your permission to process your personal data, you can withdraw your consent whenever you want. The easiest way to do this is to send an email to us.
Read more about your legal rights here.