Our way of working

Privacy Statement

Tripple B.V. and its group companies. Version September 2023

Clause 1 - About TMC

Triple B.V. and its group companies (hereafter referred to jointly as: “TMC”) is a unique collection of self-starting, highly skilled and almost self-employed technical professionals. We are an international high-tech company, comprised of Employeneurs with more than 30 nationalities who provide services to customers all over the world.

As an employer and partner in the high-tech industry, we are aware of our impact on the lives and careers of our Employeneurs and on the performance of our clients. To do the best we can, we follow, contribute to and invest in topics that matter on industry level as well as organizational and personal level.

In order to do this, we collect personal data. This privacy statement explains which personal data we collect and how it is processed, stored and secured, what your rights are and how to exercise your rights.

Clause 2 - What is personal data?

As defined in Art. 4(1) GDPR, personal data are any information which are related to an identified or identifiable natural person.

This includes objective and subjective information of a person. Personal data which have undergone pseudonymisation, which could be attributed to a natural person by the use of additional information should also be considered to be information on an identifiable natural person, as described in Recital 26 of the GDPR.

Above all, in accordance with Art. 9 GDPR there are special categories of personal data, known as sensitive personal data. Sensitive personal data are subjected to a higher level of protection. These data include biometric, genetic and health data, as well as personal data revealing ethnic and racial origin, religious or ideological convictions, political opinions and trade union membership.

According to Recital 26 GDPR, the principles of data protection do not apply to anonymous information, namely information which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject is no longer identifiable

Clause 3 - Why does TMC collect your personal data?

TMC processes personal data for the following purposes:

  • Recruitment and selection of potential Employeneurs and staff
  • Concluding and carrying out agreements (e.g., contracts of employment or agreements with clients and suppliers).
  • Communication objectives (newsletters, cookies on the website, events, etc.)
  • Complying with regulations
  • Improving our services to our employees, customers and visitors of our website
  • Social gestures

Please read the appendix of this privacy statement to find when we process data for these purposes, what data we collect, and how we collect, store, use and dispose your data.

Clause 4 - What are cookies?

Cookies are small information files that can be automatically stored on or read out from the device (including a PC, tablet or smartphone) of the website’s visitor, while visiting a website. This is done through the web browser on the device. TMC uses cookies for the following purposes:

  • To enable the functionality of our website (technical and functional cookies)
  • To generate overall statistics and gain insights in the use of our website by the public in order to improve and optimize our website and services (analytical cookies)
  • To show personalized advertisements (marketing cookies)

Clause 5 - What are your rights to your personal data processed by TMC?

TMC respects the rights of data subjects with regard to their personal data. Some rights can be exercised at all times; other rights can be exercised under certain conditions only. For example,we cannot grant the request of a data subject to delete its personal data if there is a legal obligation to retain that personal data for a certain period of time.

Data subjects can exercise the following rights:

  • Right of access to personal data;
  • Right of correction of personal data;
  • Right to deletion of personal data;
  • Right to restrictions on processing of personal data;
  • Right to transfer of own personal data.

The aforementioned rights can only be exercised in respect of the personal data of the data subject and are, in some cases, subject to the basis on which they were collected. Data subjects are not allowed to exercise these rights in respect of the personal data of others. TMC may request data subjects to provide additional identification in this regard.

The aforementioned rights can be exercised by the data subjects on this page.

You may also contact the TMC Privacy Officer using the contact details in the chapter about contact in this privacy statement.

Clause 6 - How does TMC protect yur personal data?

We take technical and organizational measures to protect the privacy of those involved and the confidentiality of their personal data:

Information security

TMC data can be divided into 4 categories: Confidential (HRM confidential, Management), Private limited (Personnel), Private internal (Employeneurs) and Public. Highly sensitive/confidential data is mainly stored in the ERP system or in special confidential channels of Microsoft Teams. Internal information is stored in Microsoft Office 365. It is mainly public data that is stored on the website. Extra care is taken in securing sensitive information, such as personal data and customer data.

Infrastructure and devices

The management, maintenance and monitoring of the technical infrastructure is outsourced to a company that is certified for IT security (e.g., ISO 27001) and that has taken sufficient measures, such as physical access security, firewalls, VPN, continuity facilities and monitoring tools, to ensure infrastructure security. All TMC offices have secured networks with advanced firewalls and VPN with active monitoring to safeguard security and continuity. All managed clients have antivirus/antimalware, up-to-date and supported operating systems and disk encryption that is centrally managed and monitored.

Applications

All TMC applications are stored in a secured public cloud environment or in the TMC Azure/Office 365 tenant. Authentication takes place through the TMC’s central user management, including Multi Factor Authentication for all internal staff. Authorization is carried out via security groups for each function group. User management is an automated process, based on HR administration, and it is checked periodically. All TMC data is securely stored on encrypted disks within the EEA (European Economic Area). Logbook use is activated as much as possible for each application, both detective and reactive.

What you can do to help us:

You can contribute to the protection of your personal data by, for example, being careful when disclosing personal data when you respond to jobs and messages posted on social media by TMC. The information that is posted there may be public.

Clause 7 - When does TMC share personal data?

When we share data, we comply with legislation and only provide the necessary information.

Sharing within TMC

This applies to employees who are authorized to access this data. All employees are subject to confidentiality.

Sharing with clients

Personal data of candidates and employees is shared with clients, for example, when introducing candidates and employees to existing and potential clients and/or enabling an employment relationship with these clients.

Sharing with processors

If we share personal data with processors (parties who process personal data on behalf of TMC, such as IT infrastructure or software suppliers, but also parties that provide training courses) or other responsible parties, we ensure that there is either a processing agreement or other contractual provisions in place to guarantee secure processing of the personal data. We can carry out checks on this.

Sharing with other responsible parties

If we share personal data with parties that provide services and that are responsible in this context for determining the purpose and means of processing this personal data (e.g., a pension fund or the Tax and Customs Administration), we will check whether there are clear agreements on the careful handling of these data or make such agreements.

Sharing due to a legal obligation

We only provide personal data at the request of the police and judiciary if there is a legal obligation to do so.

Sharing outsite the European Economic Area (EEA)If personal data is transferred to our group companies based in countries outside the European Economic Area (EEA), we will have made agreements with them regarding the processing and security of this personal data.
If we transfer personal data to external parties based outside the EEA where there is no adequate level of protection, we will continue to monitor the processing of personal data in addition to the agreements made.

Clause 8 - Notification of a (suspected) security breach

In the event of a suspected or confirmed breach of personal data security, data subjects are requested to inform TMC as soon as possible via helpdesk@tmc.nl stating 'security data breach' in the email's subject line.

Clause 9 - Contact

If you have any questions or wish to submit a complaint about the use of your personal data, please contact us using the contact details below.

We will address any questions or complaints internally and communicate this further with you. If you feel like we are not helping you in the correct manner, you have the right to file a complaint against our processing of your personal data with the national supervisory authority responsible for the protection of personal data. For the Netherlands, this is the Autoriteit Persoonsgegevens.

Contact details TMC

Triple B.V.
High Tech Campus 96
5656 AG Eindhoven
The Netherlands

Chamber of Commerce: 74692801

Contact details Privacy Officer TMC

E-mail address: privacy@tmc.nl

Telephone number: +31(0)88 862 2000

Contact details Data Protection Officer

Email address: DPO@tmc.nl
Telephone number: +31(0)6 1594 6142

Clause 10 - Amendments to the privacy statement

We may amend this privacy statement. If substantial changes are made to the privacy statement, this will be communicated on the tmc-employeneurship.com website.

Clause 11 - Appendix

Overview of the purposes of processing, types of personal data processed, and the personal data life cycle of collecting, storing, using and disposing.

Using TMC’s website(s)

Purpose of processing:

  • To respond online to vacancies;
  • To improve the services that TMC provides.

Personal data processed and their life cycle:

  • Responding online : first name, surname, e-mail address. When a data subject gives us their personal data, the data is stored in our CRM system, this data may be used internally for recruitment purposes. We dispose of their data 4 weeks after completing an application process, unless permission has been given for an additional year.
  • Improving the services: cookies and similar technical data that are strictly necessary and/or voluntarily agreed to. When a data subject visits our website for the first time, the site displays a message with an explanation about the cookies we use. We will ask for consent to place the cookies, when we are required to do so. Upon agreement to the use of cookies, these cookies will be placed on the device of the data subject. Our cookie statement gives an overview of the types, purposes and retention periods for the cookies. The consent for cookies can be withdrawn by removing the cookies in the device’s browser settings.
  • To search for and approach potential candidates at TMC’s initiative.
  • Searching for and approaching: contact details, link to social media profile, and messages that are sent to TMC.

In the context of recruitment

Purpose of processing:

Personal data processed:

Personal data life cycle:

The personal data is either found publicly or given to TMC by the data subject. If a data subject consents, TMC may store their personal data in our CRM tool. TMC may process the personal data internally with the purpose of recruitment. We dispose of the personal data 4 weeks after completing an application process, unless permission has been given for an additional year. A data subject may withdraw their consent by requesting deletion of their personal data here, by mailing privacy@tmc.nl with deletion request as subject, or by giving a deletion request to their contact person at TMC.

Via social media and job boards

Purpose of processing:

  • To generate interest in TMC;
  • To enable data subjects to respond online;
  • To respond to questions from data subjects.

Personal data processed:

  • Online response: contact details, vacancies, and comments of the data subjects;
  • TMC’s response to questions from data subjects: contact details and vacancy/comments from data subjects.
  • Personal data voluntarily provided by data subjects on TMC's social media, such as responses to messages/advertisements and private messages via the social media platform.

The personal data life cycle:

This information is either found publicly or given by the data subject. TMC does not process any sensitive data of a data subject. If a data subject consents, TMC may store their personal data provided in our CRM tool and process it internally with the purpose of recruitment. We dispose of the personal data 4 weeks after completing an application process, unless permission has been given for an additional year. A data subject may withdraw their consent by requesting deletion of their personal data here, by mailing privacy@tmc.nl with deletion request as subject, or by giving a deletion request to their contact person at TMC.

Applying at TMC

Purpose of processing:

  • To assess the suitability and availability of a candidate for employment at TMC;
  • To create and share a data subject's CV with clients on the basis of the TMC CV template;
  • To select candidates for vacancies available with TMC and its clients;
  • To create digital files of data subjects;
  • To be able to carry out assessments.

Personal data processed:

  • Personal data: first name, surname, date of birth, gender, nationality;
  • Contact details: residential address, e-mail address, telephone number;
  • Education: education, training courses, diplomas, degrees, certificates;
  • Skills: expertise, language skills;
  • Work history: previous and current employers, functions, and experience;
  • Application details: CV, cover letter;
  • Notes from TMC employees;
  • Assessment of the suitability and availability: education, experience, function and budget-related criteria;
  • For creating and sharing a data subject's CV with clients on the basis of the TMC CV template: first name, surname, date of birth, place of residence, nationality, profile/substantiation, relevant training and courses, relevant work experience, languages, and software knowledge;
  • Selection of candidates: education, experience, skills, references, function-related criteria;
  • Digital file: CVs and other documents, such as interview and meeting notes, notes, etc.
  • The personal data is given to TMC by the data subject or taken from publicly accessible sources. TMC does not process any sensitive data of a data subject. This information is either found publicly or given by the data subject. If the data subject consents, TMC may store the data provided in our CRM tool and process it internally with the purpose of recruitment. We dispose of the personal data 4 weeks after completing an application process, unless permission has been given for an additional year. The data subject may withdraw their consent by requesting deletion of personal data here, by mailing privacy@tmc.nl with deletion request as subject, or by giving a deletion request to their contact person at TMC. In the pre-contractual phase, we process on the legal ground of the execution of agreement. After contracting, we retain personal information 2 years after termination of employment, unless otherwise required by law.

Personal data life cycle:

In the context of employment agreements or contracts for services

Purpose of processing:

  • To register personal data required for compliance with laws and regulations;
  • To implement employment contracts.

Personal data processed:

  • Personnel file: personal data that needs to be processed on the basis of, for example, labor legislation and tax and social security legislation, such as a copy of identity documents or passports, visas, work permits, citizen service numbers and documents necessary for administrative purposes such as contact details;
  • Supplementary documents: certificates of good conduct, non-disclosure agreements, certifications;
  • Financial information: salary, bank account numbers;
  • Financial data in case of an external service provider: company data, rates, and, in case of self-employed workers without employees, data necessary for assessing the employment relationship in the context of the Assessment of Employment Relationships (Deregulation) Act, such as number of assignments, types of assignments, and duration of the assignment;
  • Other information related to preparing the personnel, salary, and absenteeism records, such as registration number of the company car, laptop (if provided by the company), mobile phone (if provided by the company), partner's and/or children's personal data for pension administration;
  • Working abroad: personal data necessary for organizing work permits, visas, taxes, and housing.
  • The personal data is given to TMC by the data subject. TMC does not process any sensitive data of a data subject. We store personal data in our HRM, CRM and other systems within our secure IT environment. We process the data on the legal ground of execution of agreement. We may legally share necessary personal data with third parties. TMC retains personal data for 2 years following termination of employment, unless otherwise required by the law. Financial information is retained for 7 years.

Personal data life cycle:

With regard to other internal purposes

Purpose of processing:

  • To ensure operational safety;
  • To generate management information;
  • To obtain and maintain certifications;
  • To apply for grants, premium discounts, etc.;
  • To comply with legislation TMC is subjected to;
  • To enable audits to take place;
  • To attend socially to our stakeholders.
  • With respect to the processing of personal data for these other internal purposes of TMC, the basic principle is that the use of directly identifiable information is limited to the minimum and that data is anonymized where possible.

Personal data processed:

Personal data life cycle:

The personal data is given to TMC by the data subject or created in cooperation. TMC does not process any sensitive data of a data subject. We store the personal data in our HRM, CRM and other systems within our secured IT environment. We process the data on the legal ground of execution of agreement, legitimate interest, and consent. We may legally share necessary personal data with third parties. TMC retains personal data 2 years following termination of employment, unless otherwise required by the law. Financial information is retained for 7 years.

To inform clients and potential clients about TMC's services and to be able to submit offers

Purpose of processing:

  • To acquire new clients;
  • To gain insight into the demand for labor in the market;
  • To be able to offer services to new clients.

Personal data processed:

  • Acquisition: contact details of representatives of clients;
  • Insight into the assignment: description of the company and its activities, culture, content of the assignment, and desired profiles;
  • Offering services: contact details of representatives of potential clients, information about the sector in which the client operates;
  • Offering/providing information about services: contact details of representatives of potential new clients, information about the sector in which these clients operate.

Personal data life cycle:

The personal data is given to TMC by the data subject or created through cooperation. TMC does not process any sensitive data of a data subject. We store the personal data in our CRM and other systems within our secured IT environment. We process the personal data on the legal ground of execution of agreement. Retention?

Establishing and maintaining business relationships with suppliers

Purpose of processing:

  • To conclude and implement agreements and/or to have them implemented;
  • Communication.

Personal data processed:

  • Concluding and implementing agreements: contact details: name, e-mail address, and telephone number;
  • Communication: contact details: name, e-mail address, telephone number.

Personal data life cycle:

The personal data is given to TMC by the data subject or created through cooperation. TMC does not process any sensitive data of a data subject. We store the personal data in our CRM and other systems within our secured IT environment. We process the personal data on the legal ground of execution of agreement. Retention?