Privacy & Security

We process and secure your personal data in accordance with the General Data Protection Regulation (GDPR). You can find out all about our privacy policy on this page. 

You decide

Let’s start with the important part; your personal data belongs to you. That includes the data you share with us. This means you can ask us to delete, rectify and transfer your data, and to provide you with access to your data. You can also ask us to limit the processing of your data, and you can object against processing. Send an email with your request to privacy@springest.com and we will deal with your request. Please feel free to mail any questions, advice and complaints to this address. In addition, you always have the right to file a complaint with the Dutch Data Protection Authority. You are never required to share your personal data with Springest.

Who is responsible for your data?

If you provide us with your data, we are responsible. When we share your data with providers, they are responsible. In that case, Springest is processor of the data. Springest processes your personal data in accordance with the GDPR. Our responsibilities and obligations are clearly stated in an agreement we have entered into with the providers on Springest. For instance, it states how your data are secured, and what happens in case of a data leak. If you are interested in learning more about the privacy policy of the providers on Springest, please contact them directly.

How do we handle your personal data?

We only process personal data if we have a justified reason, in other words, if we have a legitimate basis within the meaning of the GDPR. Usually this legitimate basis is to carry out an assignment. So if you fill in a contact form, we will use your data to contact you. If you request a brochure, or if you apply for a course, we will share your data with the provider in question, so that your application can be processed. We do not share your data with other parties without your permission.

Furthermore, we store your data for our own operations and administration. This enables you to use all the functionalities of our site, and gives you access to your own requests for information and applications. This way we can offer you the best and most personalised user experience. In some cases, we also process your data based on your permission, for example when you write a review. We can use or publish your review, or part of it, on our website. It can also be included in our emails to other users and be shared with our review partners.

Finally, we collect analytical data to determine how our visitors reached Springest, or to measure the effectiveness of advertisements. These data are collected on an aggregated level, and are not visible on individual level. When we collect these analytical data, we do not store personal data. We will store your IP-address only for technical reasons, such as detecting problems on the site and to prevent misuse.

We never store more personal data than necessary for the purpose for which these data have been collected, and we save your data in your account as long as it is active. You decide when you close your account. When you close it, we delete all your personal data from our systems.

Cookies

We use temporary cookies, including technical, functional, analytical and commercial cookies. A cookie is a small piece of data that is stored on the hard drive of the computer. These cookies do not contain personal data and are only used to improve the use of the website. Our cookies insure for example that:

  • you stay logged in to My Springest;
  • the courses you viewed and saved and your lists will be stored;
  • you may write a review;
  • improvements to our website can be tested and measured (for more information on this, please read the privacy policy of Mixpanel and Google Analytics);
  • recommendations are relevant to you, based on earlier requests;

Many cookies of Springest disappear when you close the browser. Some cookies stay stored for a few days, others for a few years. You can remove them yourself via your browser at any time.

Other technologies

Our website also uses other technologies with a similar functionality to cookies, such as web beacons and tracking URL’s, to obtain personal data of users. We may use these technologies in our messages to you, so that we can determine if the message was read or a link was opened.

Security

If you provide us with your personal data, it is our responsibility to store these safely. We accomplish this in several different ways, but first of all it is good to know that Springest is ISO 27001 certified. This means that we comply with certain requirements concerning Information Security and that we have an Information Security Management System. You can rest assured that your data is secure with us. The following contains some of the most important measures we have taken:

  • Secured connection Springest can only be reached via an SSL secured connection. That means that all data is sent encrypted, and cannot be read be third parties. Passwords are also encrypted, meaning that neither we nor others are able to uncover them.
  • Secured internal infrastructure After data has been sent from the user to Springest, the data enter the Springer server network. This is being hosted by Amazon Web Services, the most renowned web hosting provider and very experienced in the field of security. Within that network, all connections are SSL encrypted as well. Also, this internal network is not externally accessible. Furthermore, our own servers can only access the data they need for their specific tasks. This means that a test or email server cannot access data that is required for the live website. See also:  Amazon Web Services Security Center
  • Data storage within the EU All Springest servers are physically located within the EU, meaning that the American Patriot Act does not apply. For more information on European law and Springest security, please go to:  Amazon Web Services EU Data Protection FAQ.
  • Encrypted database hard drives The hard drives on which the databases and personal data are stored are also encrypted. To decrypt the database data, an encryption key is required which is only stored on our servers in the secured network. The data in the databases cannot be read without that key.
  • ISO 27001 We use strict safety procedures to prevent action such as unauthorised access to personal data. All these procedures are part of our ISO 27001 Information Security Management System.

Privacy Officer

To ensure privacy is given all the attention it deserves, Springest has appointed a Privacy Protector. If you have any questions after reading this policy, if you require additional information, or if you are interested in our internal privacy policy, you can contact our Privacy Protector via privacy@springest.com. We will answer your questions as quickly and as clearly as possible.