Privacy statement

Accueil » Privacy Statement

Privacy statement

Amecha BV, also acting under the brand name ’Amecha’, situated at Korte Dijk 11, 5705 CV Helmond, is responsible for processing the personal data (“Controller”) as set out in this privacy statement.

Contact details:

https://www.amecha.nl

Korte Dijk 11, 5705 CV Helmond – T: +31 492 50 60 10 – E: info@amecha.nl

Amecha BV is managed by and forms part of VINCI Energies Netherlands BV. Ad Schaafsma is the Data Protection Officer of VINCI Energies Netherlands BV and its subsidiaries. He can be contacted on privacy.venl@vinci-energies.com.

Personal data processed by us

Amecha BV processes your personal data, because you use our services and/or because you provided us with those data. Below is a list of the personal data we process:

  • First name and surname;
  • Gender;
  • Address details;
  • Telephone number;
  • Email address;
  • Other personal details that you provided actively, for example by creating a profile on this website, in correspondence or by telephone, such as during job applications and recruitment, and/or details about your activities on our website.

 

Personal data processed by third parties

Third parties process limited personal data by means of social media plugins. We deal with the following parties:

  • LinkedIn;
  • Facebook;
  • Instagram;
  • YouTube;

Below is a list of the personal data they process:

  • Details about your activities on our website;
  • If you have an account with one or more parties they can link your activities to your profile.

Special and/or sensitive personal data processed by us

Amecha BV does not process special and/or sensitive personal data about you.

Minors

Our website and/or service does not intend to collect data about website visitors who are younger than 16 years of age, unless they have permission from their parents or guardians. However, we are unable to check whether a visitor is older than 16 years of age or not. We recommend parents to be involved in the online activities of their children to prevent data being collected about children without parental consent. If you are convinced that we obtained personal data about a minor without consent, please contact us at privacy.venl@vinci-energies.com and will erase that information.

The purpose and lawful basis for processing personal data

Amecha BV processes your personal data for the following purposes:

  • To send our newsletter and/or information about our products and services;
  • To call or email you if this is necessary to implement our services;
  • To inform you of changes to our products and services;
  • If you apply to us for a job and/or approach us in the context of recruitment and selection.

 

For this purpose we base ourselves on your consent as the lawful basis, as you yourself provide us with the data.

 

  • Amecha BV analyses your behaviour on the website in order to improve the website and to match the range of products and services to your preferences;

 

For this purpose we base ourselves on our justifiable interest as controller, because we have a proven interest in improving our websites.

 

Automated decision-making

Amecha BV does not take decisions about matters, which may have considerable consequences for persons, on the basis of automated processing. This concerns decisions that are taken by computer programmes or systems without human intervention, for example an employee of Amecha BV.

How long do we retain personal data

Amecha BV stores your personal data no longer than strictly necessary to achieve the purpose for which your data was collected. We operate the following retention periods for the following categories of personal data:

 

  • Business contact details and activities up to 24 months following the last activity;
  • Applications up to 4 weeks after the end of the application, unless there is consent for 1 year.

Sharing personal data with third parties

Amecha BV shares your personal data with various third parties when this is required to implement the agreement or to comply with any statutory obligation. We conclude a data-processing agreement with businesses that process your data on our instructions to ensure a similar level of security and confidentiality of your data. Amecha BV remains responsible for this processing.

Our processors are:

  • VESI (VINCI Energies Systeme d’Informatique) https://www.vinci-energies.com
  • Microsoft Ireland Operations

https://www.microsoft.com/nl-nl/trust-center/privacy

  • Bullhorn and Connexys

https://www.bullhorn.com/nl/bullhorns-privacy-en-cookiesbeleid-voor-nederland

 

Otherwise, Amecha BV only provides your data to third parties with your consent or when this is required to comply with a statutory obligation.

—————————————————————————

What should I remember when I wish to report vulnerability?

  • Please provide sufficient information to enable Amecha BV to reproduce the problem. If this can be achieved, it will be quicker to resolve the problem.
  • Please provide contact details so Amecha BV can contact you;
  • Please report the vulnerability as quickly as possible after it has been detected;
  • Do not share the information regarding the security problem with others before it has been resolved;
  • Explain what you did to make the problem visible;
  • Deal carefully and confidentially with the knowledge of the security problem;
  • Do not perform acts that go beyond what is required to demonstrate the security problem.

Do not abuse a weak point in an ICT system

If you have discovered a vulnerability, do not abuse it. For example by:

  • Installing malware or spyware;
  • Copying, amending, or removing data in a system; an alternative is to create a directory listing of a system;
  • Making changes to the system;
  • Repeatedly obtaining access to the system or sharing access with others;
  • Using so-called brute force to access the systems;
  • Using denial-of-service or social engineering.

What does Amecha BV do following a report

Did you report a vulnerability in our ICT system? Amecha BV will deal with this as follows:

  • Within one week you will receive confirmation of receipt from Amecha BV;
  • Amecha BV responds to the report within two weeks. This response contains an assessment of the report, and if possible an expected date of resolution;
  • Amecha BV will keep you, as the reporting person, informed of the progress of resolving the vulnerability.
  • Once it has been resolved, Amecha BV will determine together with the reporting party whether the reported problem will be disclosed.
  • Amecha BV processes your report confidentially. This means that your personal data are not shared with third parties, unless there is a statutory obligation or it is compulsory due to a court decision. If you wish, Amecha BV can state your name as the person who discovered the vulnerability.
  • We do not provide financial rewards for reports.
  • The above procedure for a report is based on the Coordinated Vulnerability Disclosure policy of the Dutch National Cybersecurity Centre (NCSC). More information is available on the NCSC website.