Services
Security monitoring Risk services Security Advisory
Inspiration
About us
Working at defenced Jobs Sustainability
contact

Privacy Policy

At Defenced we take privacy and information security seriously, it’s an essential part of what we do. This Privacy Policy outlines our commitment to protecting the privacy of personal information collected about individuals in accordance with the General Data Protection Regulation (GDPR). We respect the privacy of all individuals and are committed to protecting the personal information that we collect, store, and process. This policy explains what personal information we collect, how we use it, and the rights and options available to individuals in relation to their personal information.

Data collection and processing

We process personal data based on one or more of the following legal grounds:

• performance of a contract;

• compliance with legal obligations;

• consent (for example, in recruitment processes).

We collect personal information from individuals through various means, including but not limited to:

• Information provided by individuals through this website, mail, in person or through any other means of communication.

• Data emerging from our security services including but not limited to SOC monitoring.

We process this information for the following purposes:

• Provide our services and support.

• Execute and administrative handling of our agreements.

• Protect sensitive personal, company owned or customer data.

• Improve our services and to better understand our needs.

• Communicate with individuals and respond to inquiries.

• Comply with legal, contractual or compliance obligations.

Data retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy and to comply with applicable legal, contractual, or regulatory requirements.

Data storage

All personal data processed by Defenced is stored and handled within the European Economic Area (EEA). We do not transfer or store data outside the EEA.

Data sharing

We do not sell, rent, or share personal information with third parties for their own marketing purposes without obtaining individual's explicit consent. We may share personal information with third-party service providers for the purpose of providing our services, but only to the extent necessary for the performance of their duties. Data is stored in the European Economic Area (EEA).

Data security

At Defenced, information security is at the core of our operations. Our information security management system is certified in accordance with ISO 27001. We have implemented technical, administrative, and physical controls to protect the confidentiality and integrity of the data we collect and store.

We regularly evaluate and update our security measures to ensure they remain effective and appropriate in light of changing threats and technologies. We also conduct regular security audits and risk assessments to identify and address potential vulnerabilities.

In the unlikely event of a data breach, we have established a robust incident response plan to promptly contain, investigate, and remediate any potential security incidents. We will promptly notify affected individuals and regulatory authorities, as required by law.

Rights of individuals

Under the GDPR, individuals have certain rights in relation to their personal information, including the right to:

• Access their personal information.

• Rectify any inaccuracies in their personal information.

• Request the deletion of their personal information.

• Request restriction of processing of their personal information.

• Receive their personal information in a structured, commonly used and machine-readable format.

• Object to processing of their personal information.

Individuals can exercise these rights by contacting us at the address provided in the contact section of this Privacy Policy. A request must be accompanied by a copy of a valid ID. Validation of your identity takes place to ensure the request comes from the correct person.

Infringement of any law or regulation

In case of infringement of any law or regulation, of which an individual is suspected and for which the authorities require the personal data collected by Defenced, they will be provided to them after an explicit and reasoned request of those authorities, after which these personal data do not fall anymore under the protection of the provisions of this privacy policy.

Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.

Contact Defenced

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at info@defenced.nl.