Privacy statement Vivace-CTC

This privacy statement informs you about how Vivace-CTC handles your personal data. We process personal data confidentially and in accordance with the General Data Protection Regulation (GDPR). This statement was last updated in September 2025.

1. Controller and contact details

Vivace-CTC

Kooilaan 5
8501 CS Joure
Attn: G. Nobel (owner)
Mobile: 06 20 41 95 91
E-mail: g.nobel@vivace-ctc.nl

2. What personal data do we process?

  • Contact details
  • Contact details (e-mail, phone number)
  • Date and place of birth (e.g. for certificates)
  • Gender
  • Data in offers or action plans
  • Content of communication (such as e-mails or app messages)

3. How do we obtain your data?

We receive your personal data directly from you (website, email, phone, app) or through third parties to the extent necessary for our services.

4. Purposes of processing

  • Contact and communication
  • Implementation of services and guidance
  • Client management and planning
  • Provision of education and training
  • Administration, quotations, invoicing and debt collection
  • Meeting legal obligations
  • Improve services, analytics and reporting
  • Benchmarking and quality improvement
  • Information and (personalised) communication (see also paragraph 9)

5. Principles

  • Execution of an agreement
  • Legal obligation
  • Justified interest (efficient service provision, protection of financial interests, improvement of services, security and system management)
  • Consent (if applicable; may be withdrawn at any time)

6. Disclosure to third parties

We provide personal data to third parties if necessary for our services or because of a legal obligation, such as IT suppliers, hosting providers, external trainers/testing agencies/zzp'ers and administrative service providers. They process data only on our behalf (with processor agreement where necessary).

When processing outside the EEA, we provide appropriate safeguards, for example through the EU-US Data Privacy Framework or by using Standard Contractual Clauses (SCCs) approved by the European Commission.

7. Security

We take appropriate technical and organisational measures to protect personal data, including access protection, encryption, authorisation on a need-to-know basis and periodic monitoring of security measures.

8. Retention periods

  • Administrative and invoice data: 7 years (tax retention obligation)
  • Other client or training data: maximum 2 years after completion of services, unless longer retention is necessary (e.g. for certificates or disputes)

9. Profiling and direct marketing

We may use personal data for personalised information or offers via website, email or social media. You have the right to object to this at any time; if you object, we will stop this processing.

10. Your rights

  • Right of inspection
  • Right of rectification
  • Right of removal
  • Right to restriction of processing
  • Right to portability (data portability)
  • Right to object (against legitimate interest and direct marketing)

You can submit a request using the contact details listed in paragraph 1. We will respond within one month at the latest. In case of complaints, you can contact us and, if necessary, the Personal Data Authority (www.autoriteitpersoonsgegevens.nl).

11. Changes

Vivace-CTC may amend this privacy statement. New versions will be published on the website. Please check this statement regularly for the latest version.

Vivace-CTC
G. Nobel