This Privacy Statement applies to all forms of processing of personal data by Bee Agency, established at Hortensiastraat 20 in (1032 CJ) Amsterdam, hereinafter referred to as ‘BEE’.
By personal data, hereinafter referred to as ‘Personal Data’, BEE refers to all information about a person. This includes data that indirectly identify something about someone or can be traced back to an individual.
BEE can process Personal Data of a person, hereinafter referred to as the ‘Data Subject’, within the framework of its business operations, such as, amongst others, organising events, producing audiovisual works and/or developing concepts. BEE ensures that the Personal Data that are provided or otherwise obtained, are treated confidentially, and are protected as prescribed by the applicable legislation: the General Data Protection Regulation, hereinafter referred to as the ‘GDPR’.
If a Data Subject is younger than 16 years old, BEE will only process their Personal Data if the parents or legal representatives give their consent after reading this Privacy Statement. This only applies to the extent that consent is the basis for the processing. With due regard for the available technology, BEE shall make every effort to verify that the parents or legal representatives have indeed given their consent to the processing.
Details of processing
How are the Personal Data obtained? This is possible because, among other things:
- they were provided by the relevant Data Subject on their own initiative, either orally or in writing, for example through the BEE website, through a Bee customer or through any other registration channel;
- they have been obtained in the framework of the execution of an agreement;
- they have been disclosed to BEE by third parties, for example, by app providers or within the framework of a business transaction;
- have become known through public sources, such as social media pages in connection with the data of the Data Subject.
What Personal Data can be processed?
- Name and address;
- Contact details such as e-mail address or telephone number;
- Bank details, invoice details, VAT number, if necessary for the payment of a fee;
- Date of birth, age, gender;
- Photo, user name, interests and preferences;
- Any surfing/clicking behaviour on apps and/or websites used especially for projects, provided that prior permission has been obtained via the (cookie) notification and/or pop-up;
- Possibly the current location via apps and/or websites, provided that prior permission has been obtained via the (cookie) notification and/or pop-up;
- Other information, which may include special Personal Data, but only if they are provided by the Data Subject themselves and after obtaining their prior consent.
BEE does not always use all data, only if this is necessary for the purpose for which they are processed.
Purposes of processing are:
- recording the cooperation or participation of a Data Subject in a project;
- obtaining copyright permission for the use of a photograph or other work;
- analytical purposes, whether or not on the instructions of a customer, including the ability to conduct surveys, customer research, interactive (game) components;
- executing an agreement, e.g., a contract for services, a participation agreement, quitclaim and/or providing certain services;
- promotional purposes for BEE and/or the customer.
BEE applies the appropriate basis in accordance with the GDPR, namely a. the execution of the agreement, b. consent, c. a legitimate interest of BEE (whereby BEE will always weigh its interests against the privacy interests of the Data Subject) or d. compliance with a legal obligation.
BEE only shares Personal Data with other parties where and to the extent necessary for the purpose for which they are collected. Personal Data may be shared with the customer and/or with suppliers of BEE with whom BEE concluded a processing agreement to the extent required to protect the Personal Data and to ensure compliance with the GDPR. If BEE shares Personal Data with a party outside the EU, it will enter into a standard contract with the receiving party which has been approved by the European Commission.
Personal Data will not be kept longer than necessary.
BEE, considering the state of the art, ensures appropriate organisational and technical measures to guarantee a risk-adjusted security level.
Rights of a Data Subject
The Data Subject has, inter alia, the right to make a request for access and information to, inspection, rectification, restriction, deletion of their Personal Data and/or withdrawal of previously given consent, in accordance with the provisions of the GDPR. Such a request can be submitted via the contact details as stated on the website.
The Data Subject also has the right to submit questions and/or complaints about the processing of their Personal Data to BEE and/or the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
BEE shall respond to any request as soon as possible and at the latest within four weeks from receipt of the request.
Circumstances may arise whereby BEE cannot or may not be able to fully implement the Data Subject’s request. For example, in the event of statutory retention periods and/or on the basis of the statutory exceptions for processing for journalistic purposes or for the purpose of academic, artistic or literary expression.
BEE only deals with requests which are related to their registration and/or their own Personal Data. In order to be certain that BEE can provide the Personal Data concerned to the correct person, BEE may, for verification purposes, ask the Data Subject to identify themselves (by sharing only the strictly necessary ID/passport data: with at least a blacked-out passport photo and citizen service number (BSN)).
BEE reserves the right to amend this Privacy Statement.
If there are any questions and/or comments about the Privacy Statement and/or the processing of Personal Data, these can be submitted via the contact details on the website.
Version 1 February 2022