Privacy statement

Privacy statement

Green Rock Consulting is responsible for the processing of personal data, as described in this privacy statement.

Postal address: Jan van den Doemstraat 89 3515 XP Utrecht
Chamber of Commerce number: 60786272
VAT number: NL854059428B01

Green Rock Consulting draws up this privacy statement to provide insight into the use of personal data on www.greenrock.nl (hereinafter referred to as "the website"), and all domains related to the website.

Personal data is understood to mean all data with which an individual can be identified, such as the name, customer number and personal contact details. Data that is not personal, but in combination with personal data leads to identification of the user, also applies as personal data.

This privacy statement applies to everyone who visits the website, or communicates with the website in any other way (hereinafter referred to as "the user").

Green Rock Consulting undertakes to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and the General Data Protection Regulation Implementation Act.

Green Rock Consulting ensures appropriate measures to protect the collected and processed personal data.

In the event of questions regarding this privacy statement, or other privacy protection-related questions, please contact us.

If there are any questions or requests regarding the processing of personal data or complaints regarding compliance with the privacy statement, please use this form. This form is intended for submitting objections, correction requests and other questions in the context of the GDPR.

1. Which data is processed

When using the website or services of Green Rock Consulting, the following personal data may be collected and processed:

Green Rock Consulting processes in any case the personal data that users provide voluntarily, such as initials, first and last name, job title, (work) address details, telephone number(s) and e-mail address(es). This data can be used to contact the user in the context of service provision, relationship management and commercial processes. In addition, information is collected based on the privacy settings and the use of the website, including IP addresses, cookies and via social media widgets (for example when you log in with your LinkedIn or Google account). Preferences or other content (such as a curriculum vitae sent by the user) are also processed, insofar as these are necessary or are entered voluntarily by the user, for example for entering into or managing an employment relationship or agreement. Furthermore, statistical data is stored via Google Analytics and similar tools, often anonymized or merged, but also based on the IP address or any other cookies that are placed on the website.

2. Purpose of processing the data

With due observance of privacy legislation, the personal data of users are used exclusively for the following purposes:

Green Rock Consulting processes the personal data of users of the website in order to provide them with information and services for which they have provided this data themselves, such as leaving an e-mail address or registering interests for certain services. This data is also used to send messages and answers to questions or to make further agreements in the context of a (future) agreement.

In addition, personal data is processed to personalize and optimize the user experience on the website(s). This allows preferences to be remembered or specific content to be shown that is tailored to the user's interests. Marketing also plays a role: existing customers or relations can be approached with targeted messages and invitations to events, provided they have consented to this or there is a legitimate interest.

Furthermore, Green Rock Consulting complies with requests in the field of recruitment and selection when users send their data (for example a curriculum vitae). The processing of personal data may also be necessary to comply with legal obligations or to provide for security and integrity requirements of the IT environment. Finally, Green Rock Consulting may store personal data for relationship management, account management and efficient business operations, as long as the applicable retention periods and the rights of the data subjects are taken into account.

In accordance with Article 6 of the General Data Protection Regulation, the processing of personal data for the above-mentioned purposes has the following basis:

  • The user has given consent to the processing of his personal data. (paragraph 1 sub a) The given consent can be withdrawn by the user at any time.
  • The processing is necessary for the performance of an agreement with the user. (paragraph 1 sub b)
  • The processing is necessary due to a legal obligation of the controller. (paragraph 1 sub c)
  • The processing is necessary to protect vital interests. (paragraph 1 sub d)
  • The processing is necessary for the protection of the legitimate interests of the controller or of a third party. (paragraph 1 sub f) The legitimate interests concern the following:

Personal data are processed that are necessary for direct marketing purposes and to execute an (existing or intended) agreement with you.

3. Recipients of the personal data

Personal data may be provided by Green Rock Consulting to third parties, if this is compatible with the purpose stated in this privacy statement for which the data was collected.

Personal data are only provided for the period and scope that is necessary for the execution of the assignment given by Green Rock Consulting to the recipients.

In all cases of provision of personal data to third parties, Green Rock Consulting ensures that the data are only used for the intended purposes and are stored in accordance with the legally guaranteed level of protection.

Green Rock Consulting never sells user data for commercial purposes.

4. Data retention period

The personal data will not be used or stored by Green Rock Consulting for longer than is necessary to achieve the purposes for which the data is collected in accordance with this agreement.

The retention period is in any case no longer than:

Based on the information in the privacy statement of Green Rock Consulting, the general standard is that personal data is retained for one year after the end of the contact or the (customer) relationship. This period consists of two phases: within three months after the start of the retention period, the data is archived (so that it is no longer actively used), and at the latest within twelve months after archiving, it is completely deleted.

There are, however, some exceptions, for example when there are:

Legal obligations (such as tax regulations) that require a longer retention period. In that case, the retention period can increase to several years (usually 5 to 7 years).
Cookies and similar techniques: some cookies are automatically deleted after closing the browser (session cookies) or have a fixed shelf life (for example 90 days or two years).

Specific permission or special situations: if you have given explicit permission to store data for a longer period for a specific purpose (for example an ongoing legal procedure), the storage period may differ.

After the period described above, the personal data will be anonymized or destroyed.

5. Rights of users

The user of the website can exercise his rights with regard to Green Rock Consulting at any time.

The user can make his request to exercise one or more of his rights known to Green Rock Consulting by using one of the contact details of Green Rock Consulting mentioned in this privacy statement.

Green Rock Consulting will comply with the user's request, unless the request is unfounded or excessive.

Green Rock Consulting will respond to the user's request within one month of the request, even if the request is not complied with.

The response to the request must be clear to the user and must be provided to the user in writing or by other (electronic) means.

a. Right to information about the processing

The user of the website has the right to a clear and transparent explanation of the data processing.

By means of this privacy statement, Green Rock Consulting provides information about the source of the data, the data recipient(s), the objectives, necessity and basis of the data processing, the guarantees for data protection, the retention period, the contact details for complaints, the rights of the user.

b. Right of access

The user of the website has the right to, at reasonable intervals, view his personal data that has been collected.

Green Rock Consulting provides the user, if requested, with access to an overview with at least the following data relating to the user:

  • the objectives for the data processing;
  • the categories of personal data that are processed;
  • the recipients or categories of recipients to whom the personal data are passed on;
  • the retention period of the personal data;
  • the right to change, delete, limit, or object;
  • the right to file a complaint.

When the user requests access to his collected personal data, the identity of the user is established by Green Rock Consulting before access is granted.

If a copy of the data is provided to the user, no costs will be charged for the provision of the copy, unless the user wishes to receive multiple copies and a reasonable fee can be requested for this based on administrative costs.

The copy is provided in writing, including in electronic form.

If the user submits the request for access electronically, the copy of the data is also provided in electronic form, unless the user requests otherwise.

A copy of the personal data is provided to the user within one month of the request.

c. Right to rectification

The user of the website has the right to correct or supplement his personal data if it is not accurate.

If the user does not have the possibility to correct or supplement his personal data himself, the user can instruct Green Rock Consulting to correct or supplement his personal data.

Green Rock Consulting informs all recipients of the personal data of the changed data, unless this proves impossible or requires a disproportionate effort in relation to the interests of the user. Green Rock Consulting provides the user with information about these recipients if the user requests this.

d. Right to erasure

The user of the website has the right to have his collected personal data erased by Green Rock Consulting, if one of the situations mentioned in article 17, paragraph 1 General Data Protection Regulation applies.

The user also has the right to be 'forgotten' if Green Rock Consulting has made personal data of the user public and the user requests erasure of his data. In this case, Green Rock Consulting must take the necessary measures to inform other controllers that the user wishes to erase his personal data or any copy thereof.

A request for erasure of personal data does not have to be complied with if the processing of the data is necessary for one of the reasons mentioned in article 17, paragraph 3 General Data Protection Regulation.

e. Right to restriction of processing

The user of the website has the right to restrict the processing of his personal data if one of the situations mentioned in article 18, paragraph 1 General Data Protection Regulation applies.

In the event of exercising the restriction of the processing of personal data, the data may only be processed:

  • with the consent of the user;
  • for the establishment, exercise or defence of legal claims;
  • to protect the rights of third parties or for reasons of important public interest of the European Union or a Member State.

Green Rock Consulting will inform all recipients of the personal data about the restriction of data processing, unless this proves impossible or involves a disproportionate effort in relation to the interests of the user. Green Rock Consulting will provide the user with information about these recipients if the user requests this.

f. Right to data portability

The user of the website has the right to obtain his personal data from Green Rock Consulting in a structured, common and machine-readable format and to transmit it to another controller, without Green Rock Consulting hindering him in doing so, if one of the situations referred to in Article 20, paragraph 1 of the General Data Protection Regulation applies.

If the user exercises his right to data portability, the user also has the right to have the personal data transmitted directly from one controller to another, unless this is not technically possible.

The exercise of the right to data portability does not affect the right to erasure. This right does not apply to processing that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in Green Rock Consulting.

The exercise of the right to portability shall not prejudice the rights and freedoms of third parties.

g. Right to object

The user of the website has the right to object at any time, due to his specific situation, to the processing of his personal data by Green Rock Consulting.

In the above case, Green Rock Consulting will cease processing the user's personal data, unless Green Rock Consulting can demonstrate compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the user, or that relate to the institution, exercise or substantiation of a legal claim.

When processing personal data for direct marketing purposes, the user has the right to object at any time to the processing of his personal data.

If the user objects to data processing for direct marketing purposes, the data will no longer be processed for these purposes.

h. Right to complain

The user of the website has the right to file a complaint regarding the processing of his personal data by Green Rock Consulting with the Dutch Data Protection Authority.

Complaints regarding the processing of the user's personal data, as well as complaints regarding incorrect compliance with the applicable legislation, can be submitted.

The Dutch Data Protection Authority has been appointed to supervise the processing of personal data in the Netherlands. Information regarding the Dutch Data Protection Authority can be found on the website.

6. The use of cookies

Green Rock Consulting uses cookies.

Cookies are small amounts of data that are placed on the user's browser when the user visits the website, and are sent back to the website's server when the user visits the website again.

By placing cookies, users can be distinguished from each other and the users can be recognized when the website is visited again. This allows the user's use of the website to be tracked.

The placing of cookies serves to improve the performance and functioning of the website.

For more information about the use of cookies, please consult:

In the privacy statement of Green Rock Consulting you will find information about the cookie policy.

7. Changes to the privacy statement

This privacy statement may be changed in connection with new developments of the website or an adjustment of the legal obligations.

The most recent version of the privacy statement can be consulted on the website. The last modification date is stated here.

This privacy statement was last updated on: April 3, 2025.

 

 

Contactdetails

Green Rock Consulting
Jan van den Doemstraat 89
3515 XP Utrecht

Alex van Dam
Jurgen van de Donk


Chamber of Commerce:
60786272

Contact us!

We would love to get in touch with you! Fill out the form below and we will get in touch with you!

Please type your full name
Please type your email address
Please type your mobile number
Please enter your question
Please select a date when we should contact you
Ongeldige invoer

By using this website, you agree to our privacy statement and the use of cookies for an optimal user experience.
Click 'Accept' to continue

Read more