Privacy Policy
NSI N.V. and its subsidiaries, operating under the names NSI and HNK, (“NSI”) highly value your privacy. We process your personal data in accordance with the European General Data Protection Regulation, hereafter: "GDPR." Below, we explain what data we use and how we process and protect it.
1. What Personal Data Do We Collect and Why?
Personal data refers to information that can be linked to an identified or identifiable natural person. The personal data processed by NSI include, but are not limited to:
-
Basic information, such as your name, address, and place of residence.
-
Contact information, such as your email address, postal address, and telephone number.
-
Copies and/or details of identification documents, with the provision that copies of identification documents are securely stored with the BSN number and photo made unrecognizable. BSN numbers and other ID details are not recorded in our systems.
-
Contact details provided by you for attending a seminar or event and/or receiving a newsletter or other communications.
-
Contact details provided by you during a job application process.
2. Purpose and Legal Basis
NSI processes personal data for various purposes based on legal grounds, including:
-
To establish a rental agreement with you:
We need these details to assess whether we can accept you as a tenant. This may include verifying if you are authorized to represent your company or providing a copy of your identification at the start of the relationship. -
To provide quality service:
If you rent business space in one of our buildings, your contact details are required to provide operational information, such as maintenance updates. Additionally, we secure our buildings through surveillance cameras. -
For promotional and marketing purposes:
Occasionally, we process personal data to inform you about new products, seminars, or events of interest. If you do not wish to be contacted for commercial purposes, you can indicate this in your contract or via the opt-in email you receive. -
To provide accurate information:
We keep our shareholders, investors, and other stakeholders informed through annual and quarterly reports, press releases, and presentations. -
For the sale or purchase of real estate:
To facilitate agreements involving real estate transactions, we may require personal data to assess acceptance or verify authorization. -
To meet legal obligations:
Laws such as the Anti-Money Laundering and Anti-Terrorist Financing Act (Wwft) require us to perform client acceptance checks, identify unusual transactions, and determine the Ultimate Beneficial Owner (UBO) of a company. -
Job applications:
The data you provide is used to evaluate your suitability for employment.
In these instances, NSI processes your personal data based on one or more of the following legal grounds:
-
Performance of a contract.
-
Compliance with legal obligations.
-
Legitimate interest.
-
Your consent.
3. Data Retention Period
We handle your personal data with care and store it only as long as necessary for its intended purpose. Specific laws, such as the Tax Act or the Wwft, may require us to retain certain data for up to 7 or 5 years, respectively. Data collected during job applications is kept for no longer than four weeks after the conclusion of the application process unless it results in employment, in which case it is retained for up to two years.
4. Sharing Personal Data
NSI does not share personal data for promotional or commercial purposes. However, it may be necessary to share data with:
-
Contractors or suppliers for maintenance or other services.
-
Third parties, such as IT providers, as part of operational requirements.
-
Buyers in the event of property or subsidiary sales, where data may be made available in a virtual data room.
-
Government authorities, when required by law, such as under the Wwft.
Where a third party acts as a data processor on behalf of NSI, a processor agreement is signed to meet GDPR requirements.
5. How Do We Protect Your Data?
NSI has implemented robust technical and organizational measures to safeguard your personal data against unauthorized or unlawful processing, as well as against loss, damage, alteration, or disclosure. Measures include:
-
Physical access control for the data center.
-
Purpose- and role-based access restrictions for server-stored data.
-
Data encryption in certain processes.
-
Secure (SSL or TLS) connections for communications.
-
Firewalls and VPNs.
-
Confidentiality agreements with staff.
If you have questions about data security or suspect misuse, please contact us at complianceofficer@nsi.nl.
6. Cookies
A cookie is a small text file stored on your hard drive by our web server. You can enable or disable cookies through your browser settings. NSI only uses cookies for Third Party Analytics by Google. These cookies are exclusively owned by NSI and are not used for advertising or commercial purposes. Analytics provide essential statistics about visitor numbers, page visits, traffic sources, and other vital metrics, helping us enhance the website for users. No behavioral targeting is conducted, and all data remains anonymous.
7. Your Rights / Compliance Officer
Under the GDPR, you have several rights, including:
-
Access: Request access to your personal data.
-
Correction: Request rectification or completion of incorrect or incomplete data.
-
Deletion: Request deletion of your personal data when it is no longer required. Note that legal obligations may require retention.
-
Objection/Restriction: Object to or request the limitation of data processing.
-
Data Portability: Receive your personal data in a structured, machine-readable format for transfer to another controller.
-
Lodging a Complaint: File a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) via www.autoriteitpersoonsgegevens.nl.
For inquiries, contact our Compliance Officer at complianceofficer@nsi.nl.
8. Changes to the Privacy Statement
We reserve the right to update this Privacy Statement periodically. The latest version can be viewed at www.nsi.nl.