Privacy policy
This Privacy policy applies to the Portal-blocks website, which can be reached at https://www.portal-blocks.com.

Last updated: 14/05/2024

Portal-blocks cares deeply about your privacy. Therefore, we only process data that we need for (improving) our services and we never provide your data to third parties for commercial purposes.

This privacy policy applies to the use of the website and the services provided by Portal-blocks. The effective date for the validity of these terms is 14/05/2024, and with the publication of a new version, the validity of all previous versions expires. This privacy policy describes which data about you is collected by us, the purposes for which this data is used, and with whom and under what conditions this data may be shared with third parties. We also explain how we store your data, how we protect your data against misuse, and what rights you have regarding the personal data you provide to us.

By accessing or using Portal-blocks, you consent to the practices described in this Privacy policy.

If you have any questions about our privacy policy, you can contact us using the contact details provided at the end of our privacy policy.

1. The personal data we collect and the basis/purpose for processing that personal data
1.1 Authentication data: to provide you access to our service (the intranet), we collect and process your email address and (hashed) password for authentication purposes.
1.2 Payment information: if you choose to subscribe to our paid plan, we will collect and process your bank account details for the retention obligation (by law we need to save payment information for a period of 7 years).
1.3 When using the contact form we collect your email address to be able to respond to your messages.
1.4 When using the live chat we collect your email address and full name to personalize our responses, provide efficient support, and maintain a record of our interactions for better follow-up and service quality.
1.5 When you call us, we may collect your telephone number and full name to facilitate effective communication, offer personalized assistance, and, if necessary, enable us to call you back to address your needs.
1.6 Other personal information which you actively provide, for example by adding users to the intranet with firstnames, lastnames, emailaddresses etc. This is then processed for the purpose of facilitating the functionality of the intranet.

The processing of personal data is subject to Dutch data protection laws and the AVG (Algemene Verordening Gegevensbescherming) where applicable. the AVG is the Dutch data protection law that is essentially equivalent to the General Data Protection Regulation (GDPR) in the European Union.
We also observe other legal terms if they apply.

2. Purpose limitation
We commit to the principle of purpose limitation. This means that we collect and use personal data solely for specific, pre-defined purposes. Your personal data will not be used for any other purposes without your consent.

3. Who gets this personal data
We only use the user's personal data for the business operations as described above. Portal-blocks does not provide any personal data from the user to third parties, unless the user has given permission for this, or in the event of a legal obligation to which Portal-blocks must comply. Additionally, personal data may be disclosed to third parties when necessary to fulfill a contractual agreement, such as in the provision of services covered under a paid plan chosen by the user.

4. Data transfer outside the European Union
We do not transfer your personal data outside of the European Union (EU).
Furthermore, data is stored 100% on European servers at our hosting provider, Strato, which is ISO/IEC 27001 certified and only uses green power.

5. How long do we store personal data
When storing user's personal data, our basic principle is that we do not store data longer than is necessary for the purpose for which we have processed it.

5.1 Billing data we save for 7 years to conform to the retention obligation.
5.2 After deletion of the account (which can be manually done after logging in) all other personal information is deleted instantly, except for billing data, see 5.1 and back-ups, see 5.3.
5.3 Back-ups can take (at most) 4 weeks to be cleared of all personal information excluded the personal data needed for the retention obligation as stated in 5.1.
5.4 When during the trial period there is no activity present for 1 months time (31 days) Portal-blocks is allowed to delete your account and all of it contents.
5.5 'Activity' as used in 5.4 means: no newsitem or article has been created in that timeperiod.
5.6 When, after the trial period ends at the end of August 2024, no paid plan is chosen for over 1 months time (so before the 1st of October 2024) Portal-blocks is allowed to delete your account and all of it contents.

6. Obligation to provide personal data and consequences of non-consent
We want to clarify the necessity of collecting your personal data for two primary purposes:
6.1 User account creation and login: to use our services, you are required to provide certain personal information (an email address and a password) during the account creation process. This data is essential for setting up and securely accessing your user account.
6.2 Contractual agreements: we may need your personal data to fulfill contractual agreements with you, for example billing for a paid plan.

If you choose not to provide the required personal data for these purposes, it prevents us from providing you with access to our service or fulfilling contractual obligations.

7. Revoking consent for data processing, viewing, changing and deleting personal data
You have the right to withdraw your consent for the processing of your personal data at any time. The withdrawal of your consent does not affect the lawfulness of processing based on your consent before its withdrawal.

To revoke your consent or to exercise other rights related to your personal data, you can log in to your account.
In the "General settings" page which can be found at portal-blocks.com/generalsettings after logging in to your account:
1. you can revoke your consent for processing personal information;
2. view all the personal data that Portal-blocks has of your company;
3. changing personal data can be exercised at the "personsCRUD" page which can be found here after logging in: portal-blocks.com/personscrud
4. and delete all personal data Portal-blocks has of your company (with the exception of the billing data required as mentioned under 5.1).

If you need assistance or have questions regarding revoking of your consent or other aspects of data protection, please contact us using the contactform or at info@portal-blocks.com. Each request for access, correction, deletion and objection will always be responded to within four weeks.

8. Data from other organizations
Portal-blocks does not receive any data from other organizations relating to the personal data and privacy of the users.

9. Security measures
We take the privacy and security of your personal data very seriously. We have implemented strict technical and organizational measures to ensure that your data is protected from unauthorized access, loss, or misuse. Servers, databases and code are held to the highest security standards and only employees who need access to personal data can see personal data.

10. Content review and monitoring
At Portal-blocks, we are dedicated to maintaining a secure and legally compliant environment. In pursuit of this commitment, we engage in the practice of content review and monitoring to proactively prevent and identify any unlawful activities that may compromise the integrity of our intranet. This monitoring can involve, but is not limited to, viewing text, images, pdf's and other content.

User consent
By utilizing our services, you willingly grant Portal-blocks the authority to conduct a thorough review and monitoring of the content you produce, upload, or share on our platform. This encompasses, but is not restricted to, textual content, images, and other digital forms of content. We hold your privacy in the highest regard, and any monitoring undertaken is solely for the purpose of maintaining an intranet free from any illicit activities.

11. Cookies
At Portal-blocks we only use 2 necessary cookies. Because they are necessary we don't have to show a pop-up asking for permission to place those 2 cookies.
They are the following cookies:
portal_blocks_session (used to maintain user sessions, are deleted when the user closes their browser)
XSRF-TOKEN (CSRF tokens are security measures used to prevent Cross-Site Request Forgery attacks)

12. Automated decision making
Portal-blocks.com does not make decisions based on automated processing on matters that can have (significant) consequences for people. These are decisions taken by computer programs or systems, without involving a person (for example an employee of Portal-blocks).

13. Applicable legislation
The processing of personal data by Portal-blocks is governed by the relevant data protection laws and regulations in the Netherlands. In particular, Portal-blocks adheres to the AVG (Algemene Verordening Gegevensbescherming) and other applicable Dutch privacy laws. These laws are designed to protect the privacy and rights of individuals with regard to the processing of their personal data. By using Portal-blocks, you acknowledge and consent to the application of Dutch data protection laws to the processing of your personal information.

14. Changes to our privacy policy
We may update this privacy policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any changes we make will be posted on this page. We encourage you to review this privacy policy periodically to stay informed about how we are protecting your information. Your continued use of our service after any changes to this privacy policy signifies your consent to the updated terms.

15. Submit a complaint
If you have a privacy complaint about Portal-blocks, you have the option to contact Portal-blocks directly using the contactform or emailing to info@portal-blocks.com.
You can also submit it to the national supervisory authority, the Dutch Data Protection Authority. You can do that via the following link: autoriteitpersoonsgegevens.nl

Portal-blocks