Privacy Policy LTP
1. Who are we and what do we do?
We are LTP Advies B.V and TestNed B.V. (together, LTP). LTP is the oldest HR consultancy in the Netherlands and advises various companies on a wide range of issues. Our core services include assessments for employee selection and development, personal development, performing legally mandated safety assessments, team/organisational development and to performing HR-related analyses (the Services). The latter consists of applying analytics to candidate and employee-related data in order to reveal patterns and make predictions concerning various aspects of recruitment and development (People Analytics). Under the moniker TestNed, we perform safety assessments for companies that are legally required to test personnel with safety duties, such as railway staff (Safety assessments).
For more information on our Services, please see ltp.nl (the Website).
As your privacy is extremely important to us, we consider it our responsibility to protect it. In this Privacy Policy, we explain which types of Personal Data we process through our Services. We also explain the purposes for which we use Personal Data, what role we play in processing Personal Data, and how long we retain Personal Data.
2. Privacy and Privacy Legislation
We process Personal Data. Personal Data refers to any information that can be used to directly or indirectly identify a person. This corresponds with the definitions of the General Data Protection Regulation (GDPR)[1] and other relevant laws and regulations on protecting personal data (collectively: the Privacy Legislation).
[1] https://eur-lex.europa.eu/legal-content/NL/TXT/PDF/?uri=CELEX:32016R0679&from=NL
3. Our position as Controller
We collect and process Personal Data in connection with our Services. We determine the purpose and means of this processing of Personal Data. We do this even when performing our Services on behalf of Customers, as we also have our own relationship with candidates. As such, we act as a controller within the meaning of the Privacy Legislation.
In some cases, we jointly determine the scope of our Services with our Customers, such as the content of the assessments. In these instances, we act as joint controllers. In such cases, we establish agreements with the Customer regarding the fulfillment of our responsibilities under Privacy Legislation. Among other things, we agree that each party will be responsible for complying with their obligations under applicable Privacy Legislation. You can also direct your questions and comments about the processing of your Personal Data and your rights to LTP in these cases.
4. What personal data do we process and for which purposes do we use them?
As a data controller, we may process Personal Data if you are part of our Services as a candidate, if you purchase our Services as an employer (Customers) and/or if you visit our Website. Below, we indicate for each category which personal data we process, for what purpose, and what basis we have for doing so under the Privacy Legislation.
You are subject to an assessment, People Analytics or Safety Assessment:
Personal data: | Purpose(s): | Basis/Bases: |
Contact details: First name and surname, email address, your telephone number (if you contact us by telephone), and your place of residence (if you take the assessment on site). If your prospective or existing employer invites you for an assessment, we obtain your contact details from the employer. | We use these data:
| We may process these data based on a legitimate interest, namely to contact the participant to provide our Services. When performing a Legally Mandated Safety Assessment on behalf of a Customer, we also process this personal data because we have a legitimate interest in our Customer fulfilling its Legal Requirement. |
Profile data: Date of birth, level of education, gender, employer’s name, your current and/or future position, and relevant sector. | We use these data:
| We may process this data based on your consent. When performing a Legally Mandated Safety Assessment on behalf of a Customer, we also process this personal data because we have a legitimate interest in our Customer fulfilling its Legal Requirement. |
Assessment and coaching results:
| We use these data:
| We process the assessment and feedback results based on your express consent. After you complete the assessment, we explicitly ask your express consent to share your assessment data with your prospective or current employer. |
Safety assessments (in addition to the personal data above):
| In addition to the purposes outlined above, we use these data to:
| We process this personal data because we have a legitimate interest in enabling our Customer to fulfil its Legal Requirement. For candidates already in a safety-related role, we share the rationale for Safety Assessment results with their prospective or current employer with the candidate’s express consent. |
Some of our Services are performed via the App:
Personal data: | Purpose(s): | Basis/Bases: |
Contact details: First name and surname, email address, and your telephone number if you contact us by telephone.
If your prospective or existing employer invites you for an assessment, we obtain your contact details from the employer. | We use these data:
| We may process these data based on a legitimate interest, namely to contact the participant to provide our Services. |
Account data: First name and surname, email address, password, gender, and selected language. | We use these data:
| We may process these data based on your consent. |
Assessment and feedback results:
| We use these data:
| We process the assessment and feedback results based on your express consent. After you complete the assessment, you can consent to sharing your assessment data with LTP and/or your prospective or current employer. |
If you purchase our service as a Customer:
Personal data: | Purpose(s): | Basis/Bases: |
Customer’s contact details: Contact person’s first name and surname, telephone number and email address. | We use these data:
| We may process these data because it is necessary for the performance of the agreement with our customer. |
Payment details: Bank details (account number, account holder name, BIC details). | We use these data:
| We may process these data because it is necessary for the performance of the agreement with our customer. We are also legally required to process and/or share all or part of these data for or with the Dutch tax authorities. |
If you visit our Website:
Technical information: Information about the type of device used to access our Website, IP address and information on the type of browser used. | We use these data:
| We may process these data, including Personal Data, because we have a legitimate interestin a properly functioning Website. |
Newsletters: Email address and name. | We use these data: To keep you informed of our Services and any updates to them through our newsletter. | We may process this data based on your consent. Each newsletter has an unsubscribe link. |
Contact details if you contact us through the Website: Your stated name, email address, telephone number, the name of your organisation, and any other personal data contained in the chat message or contact form you have sent. If you contact us by email, we process only your email address and any personal data contained in your email. | We use this information:
| We may process these Personal Data because we have a legitimate interest in contacting and helping prospective or current customers and/or candidates based on their comments or questions. |
Social media data: Information that you make public when you leave a response or otherwise post something on our social media channels. | We use this information: To communicate with you and process your message/feedback on our social media channels. | We may process these Personal Data because we have a legitimate interestin processing these data and because you disclose this information voluntarily. Our social media channels are also managed by the respective social media platforms. Check each social media platform’s privacy policy here to see how they process Personal Data: LinkedIn: Privacy Policy |
5. Automated Decision-Making
In a phased assessment, automated decision-making may be used based on the online test results (self-assessment). This means that the completed questionnaires are evaluated by an automated system to assess suitability for the relevant position. The goal is to ensure greater consistency and fair treatment by reducing the likelihood of bias or human error in the decision-making process. The candidate is given the opportunity to object to this automated decision-making or to request additional feedback. This ensures that, upon the candidate’s request, the outcome is also subject to human review.
If we use this automated decision-making, the candidate will be informed separately.
6. Do we share your Personal Data with others?
Processors
For the purpose of our Services, we work with several parties that process Personal Data on our behalf (Processors). For example, we work with Processors to use third-party services such as software hosting, data storage (AWS), ERP system (AFAS), marketing tools (such as MailChimp and Pipedrive) and email (Outlook). We have made arrangements with all our Processors in processing agreements which – in line with this Privacy Policy – set out what these parties may do with, how they must protect and when they must delete Personal Data.
External Controllers
If we have been granted explicit consent to do so or are legally required to do so in the case of a Safety Assessment, we share personal data of candidates with their prospective or current employers.
Payments can be processed through our external payment provider Mollie. Payments made in this way are subject to the terms and conditions of the relevant service. The Personal Data you provide to this payment provider are processed in accordance with its privacy policy.
We are legally obliged to include some Personal Data in our accounting records that have to be shared with the Dutch tax authorities. The Dutch tax authorities will process these Personal Data as the Controller in accordance with its privacy policy.
Apart from the above cases, we will not share your data with third parties unless we are legally required to do so.
7. How long do we retain personal data?
We retain personal data only for as long as we need them for the above purposes. We apply at least the following retention periods:
Personal Data of candidates (Safety Assessment Candidates excluded) | We retain these data for a period of six (6) years from the moment the Personal Data are provided to LTP, unless you withdraw your consent earlier. In that case, the Personal Data provided based on your consent will be deleted. The insights emerging from this six-year retention period are needed to draw up an accurate trend comparison of the Candidate’s development and to monitor their development. A six-year retention period adds significant value to the assessment and is, therefore, primarily in the interest of the Candidate, in addition to being in the interest of our Customers.
Personal data of Safety Assessment candidates | Pursuant to the legal retention requirements for Safety Assessments, we retain these data for a period of six (6) years.
Personal Data of website visitors | These data are retained for as long as needed for their respective purposes. You are free to modify or delete data you share on our social media channels.
Personal data in our accounting records for the Dutch tax authorities | We retain these data for seven (7) years unless we are legally required to retain them longer.
Personal data for sending newsletters | These data are retained until you unsubscribe from our newsletter.
Other information | We retain other Personal Data only for as long as needed for the purposes of the processing. This means that other Personal Data are deleted as soon as they are no longer needed for the purposes for which we have processed them.
We retain Personal Data for longer than the above periods if we are legally required to do so.
8. Exporting data outside the European Union (EU)
LTP does not intend to transfer personal data to parties outside the EU, and will therefore endeavour to process personal data or have personal data processed within the EU only. However, our processors remain the right to transfer personal data to parties outside the EU in case of exceptional emergencies (such as breakdowns and / or natural disasters). LTP will do everything in its power to ensure that any data transferred transferred outside the EU are transferred accordance with the Privacy Legislation (chapter 5 of the GDPR).
9. How do we protect personal data?
We work hard to protect personal data from unauthorised or unlawful access, alteration, disclosure, use or destruction. Among other things, we have taken the following technical and organisational measures to protect Personal Data:
- We comply with the ISO27001 standard on information security; and
- Secure our network connections with Secure Socket Layer (SSL), Transport Layer Security (TLS) or similar technology;]
- Secure Personal Data in accordance with the ISO 27001/27002 standard;
- Restrict access to Personal Data and other data by customers through two-factor authentication;
- Restrict access to Personal Data and other data by employees and freelancers through two-factor authentication;
- Have an external party perform annual audits of our security measures; and
- Observe mandatory and discretionary delays in sending emails.
10. Your rights
Under the Privacy Legislation, you have the rights described below. We always honour these rights, unless there is a compelling reason not to do so and to retain or refrain from modifying Personal Data. This is always the case with Safety Assessments, as we are legally required to retain the related data and support our Customers in:
- requesting us to rectify or update your data;
- requesting us to remove your data from our database without giving reasons;
- requesting a copy of any of your Personal Data that we have processed. We can also forward this copy to another data administrator at your request;
- withdraw your consent to the processing of your data if the processing is based on consent. This does not affect the validity of processing operations before you withdraw your consent;
- object to our processing of your data;
- lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe that we are unlawfully processing your data.
To exercise these rights, ask questions or comment on how we handle personal data, you can contact us using the contact details below. We aim to answer your message within two working days and honour your request within 4 weeks.
11. Cookies
We use cookies on our Website and Assessment System. A cookie is a small, simple text file that can be set on your computer when you visit our Website or Assessment System. This text file identifies your browser and/or computer. The cookie allows our Website or Assessment System to recognise your browser or computer the next time you visit our Website or Assessment System.
We use the following types of cookies:
Functional cookies | Functional cookies are essential for the functioning of our Website. They enable you to navigate our Website and use its features. We use these cookies to optimise the functionality of certain Website pages.
Analytical or statistical cookies | We use analytical cookies (such as Google Analytics) to examine the quality and effectiveness of our Website and Assessment System. The statistics are kept anonymous. LTP stores only the session ID, browser language and test ID of tests done by candidates. For example, we can see how many users visit our Website and Assessment System and which pages they visit. We use this information to improve our Website, Assessment System and Services.
Tracking cookies | Tracking cookies track the browsing and click behaviour of website visitors. Cookies from external providers, including Google, Facebook, Twitter and LinkedIn, may be used to show users advertisements based on their previous visits to our Website.
We use the lead generation service provided by Leadinfo B.V., Rotterdam, The Netherlands, which recognises visits of companies to our website based on IP addresses and shows us public information, such as company names or addresses. Leadinfo also sets two first-party cookies to identify how our visitors use our website and the tool processes domains found in form inputs (e.g. “leadinfo.com”) to correlate IP addresses with companies and to enhance its services. More information is available at www.leadinfo.com. You will find an opt-out option on this page. If you opt out, your data will no longer be recorded by Leadinfo.
LTP’s Website is also protected by the security cookie ReCAPTCHA: a tool that blocks malicious software and fake visitors from our Website. This privacy policy explains which personal data are collected for this purpose.
If you do not wish to receive cookies on your device when using the Website, you can change your browser’s cookie settings. Bear in mind that some of our Website’s functions or services may not function, or may not function as well, without cookies.
12. Third-party websites
Visitors to our Website may find hyperlinks and other links on our Website to the websites of partners, suppliers, advertisers, sponsors, licensors or other third parties. We have no control over the content or links that appear on these websites and we are not responsible for the practices of websites linked to or from our Website. In addition, these websites, including their contents and links, can always change. These websites can have their own privacy policies, terms of use and customer policies. Browsing and interaction on any other website, including websites linked to or from our Website, are subject to that website’s conditions and policies.
13. Amendments to this Privacy Policy
We may occasionally update our Privacy Policy as we are constantly looking for ways to improve our Website and Services. If we make significant amendments to the Privacy Policy, we will notify those concerned.
14. Contact details for LTP Advies B.V. and TestNed B.V.
De entree 99-197
18th and 19th floor
1101 HE Amsterdam
The Netherlands
+31 (0)20 3050400
info@ltp.nl
ltp.nl/en/
Chamber of Commerce number: 34139534
VAT number: NL8102.84.881.B.01