Privacy statement

Summary of our privacy statement

At Rework, we value your privacy and are committed to protecting it. Here is a quick summary of the key points in our comprehensive privacy statement:

  • Why do we collect data? We collect and process personal data to offer our services, provide support, and improve our services.
  • What data do we collect? This can range from your name and email address to technical data such as your IP address.
  • Do we share your data? We only share your data if it is necessary for our services, or if we are legally obliged to do so. We never sell your data to third parties.
  • How do we protect your data? We use modern technologies and strict security practices to ensure that your data is safe with us.
  • What are your rights? You have the right to access the data we process about you, and in certain cases, to have it corrected, restricted, or deleted.

If you want to know more about how we handle your data, please read our full privacy notice below.

Introduction

At Rework, your privacy is very important to us. When you visit our website, use our online application or mobile apps, or otherwise use our services, we may process personal data about you.

In this privacy statement, we explain what personal data we collect, why we do this and how we protect this data.

Who is responsible for your personal data?

We distinguish two different categories of personal data processing:

  1. Personal data processed on behalf of your employer:
    If you are (or have been) employed by an organisation that uses our online application for HR and personnel administration, your personal data may have been or will be processed in this application. In this case, we process your data on behalf of your employer.

    Your employer is responsible for entering and managing your data correctly and in compliance with the law. This means that your employer informs you about this and ensures that your privacy rights are safeguarded in accordance with privacy legislation.

    If you have any questions or complaints about the processing of your data within this application, please contact your employer.

    For the processing of this data, specific agreements are made between Rework and your employer. These agreements are recorded in a data processing agreement, which your employer can sign directly in the app.
  2. Direct personal data:
    Apart from the data we process on behalf of employers, Rework also collects and processes personal data itself. This includes, for example, data from visitors to our website or when we provide support. We are directly responsible for this data processing. We ensure that this data is processed correctly and securely and that we comply with all the requirements of privacy legislation.

Regardless of the category of data processing, we are committed to protecting and securing personal data by means of strict technical and organisational measures.

What personal data do we process?

We process personal data for various purposes, including visits to our website, support requests and use of our online application. We collect this data in order to:

  • offer our services;
  • provide support;
  • give you the opportunity to try out our services;
  • improve our services.

The personal data we may process are:

  • name and e-mail address;
  • company data such as contact person with telephone number and data needed for invoicing;
  • any other data necessary for maintaining proper HR and personnel administration in Rework. This data is described in the data processing agreement between Rework and your employer.

In addition, we collect behavioural and technical information about your use of the website and the online application. This helps us to make our platforms more user-friendly and provide support. It also helps us to solve any problems that may arise.

This data includes information such as:

  • your IP address;
  • your operating system and browser;
  • pages visited and time of visit.

With whom is personal data shared?

We do not share your personal data with third parties unless necessary for the purposes described in this privacy statement.

We may use third-party services to process personal data. In these cases, we carefully select partners and ensure that they also follow strict rules to protect your privacy and use that personal data only for the tasks we have asked them to perform.

In certain situations, we may be legally obliged to share data, for example in the case of court orders or fraud investigations. We take these obligations seriously and ensure close cooperation with the relevant authorities.

Although Rework operates as much as possible within the European Union, a situation may arise where we share data with parties outside the EU. In such cases, we take extra measures to protect your personal data. When doing so, we use model contracts and agreements, approved by the European Commission, to ensure a high standard of data protection.

How long do we keep your personal data?

We keep your personal data for as long as necessary for the purpose for which it was collected. The exact retention period may vary depending on the nature of the data and the reason for processing. For example:

  • For data related to services, such as accounts, we use the retention periods as agreed in contracts or data processing agreements.
  • Data for marketing purposes will be retained for as long as you have given your consent and will be deleted or anonymised once you withdraw your consent.
  • If there are legal requirements that dictate how long data must be kept (such as tax laws), we will comply with them.

Our principle is always to keep data no longer than necessary, and always in line with applicable laws and regulations.

How is personal data secured?

We consider the security of your data extremely important. That is why we use several layers of security:

  • Modern technologies: We use advanced technologies to protect your data from unauthorised access, loss, modification or disclosure.
  • Secure connection: Our applications are only accessible via a secure connection using TLS/SSL (SHA-256 bit), which protects the transfer of data between you and our systems.
  • Two-factor authentication for internal systems: We implement two-factor authentication for access to our core systems and infrastructure, so that only authorised personnel with the appropriate authentication means can access them.
  • At-rest encryption: All data we store is protected with at-rest encryption. This means that even if the data is on a storage medium, it is still encrypted and cannot accidentally be read.

In addition, we constantly monitor our systems and perform regular updates to ensure that we continue to meet appropriate and up-to-date security standards.

What rights do you have when it comes to your privacy?

The privacy legislation grants you several rights regarding your personal data:

  • right to access the personal data we process about you;
  • right to correct, limit or supplement your personal data;
  • right to transfer the personal data we have recorded;
  • right to object to the way we process your personal data;
  • right to be forgotten.

To exercise these rights, please contact us as described below.

Please note that if you ask us as an employee to access, correct, transfer or delete your data that we process on behalf of your employer, we will refer you to your employer who is responsible for processing this personal data for this purpose.

Contact details

Questions, comments or requests regarding this privacy statement can be addressed to:

Rework Apps B.V.
Zuid Hollandlaan 7
2596 AL The Hague
support@rework.nl

Changes

Our privacy statement may change over time. When we make significant changes, we will post the revised version on this page. We therefore advise you to check our privacy statement periodically to keep yourself informed of any changes. Moreover, in case of significant changes, we may inform you through other communication channels, if applicable.

This privacy statement was last updated on 28-08-2023.