Data Protection and Privacy
What we do with your data
Incitus is a company based in the Netherlands. Our company is registered in the Dutch Chamber of Commerce under the number 01125670 and with the Dutch Tax authorities with the number NL259073301B01. You can reach us per email or per mail by writing to Incitus, Zwartweg 2, 9717 HR Groningen, the Netherlands.
We only collect data needed to produce an invoice and send you this information. The data collected includes name, address, postal code, country of residence, phone number and email address. If applicable to you we also collect your professional relations number of the professional organization you are connected to so that we can apply for your professional development credits. You can also request us to collect your VAT number for tax reasons. This data is encrypted on our website.
We do not share your information with 3rd parties except for the organization you sign up for a course with (e.g. Anatomy Trains, Anatomy in Motion). This is done so that the companies can keep track of the practitioners having done their courses. When transferring data to these companies we use secure servers and encrypt the documents.
We do not otherwise share your data except if we are obliged to do so by law.
If granted permission we also share this information with your professional organization so that you can receive the credits for your continuing education. You grant us permission to do this if you register for points and sign the presence sheet at the course.
Third parties receiving the data from us are bound to the same laws and jurisdiction as we are according to the General Data Protection Regulations.
We collect and process personal data under the following lawful bases:
- Contractual necessity (e.g., to provide the requested course services and invoicing)
- Legitimate interest (e.g., to track course attendance and verify professional development credits)
- Consent (e.g., marketing emails)
Data Subject Rights (Your Rights Under GDPR)
Under the General Data Protection Regulation (GDPR), you have specific rights regarding your personal data. You can exercise these rights at any time by contacting us at [insert contact email]. We will respond to your request within one month as required by GDPR, and we will notify you if an extension is needed due to complexity or volume of requests.
Your rights under GDPR include:
Right to Access (Article 15 GDPR)
- You have the right to request a copy of the personal data we hold about you.
Right to Rectification (Article 16 GDPR)
- If your personal data is incorrect, incomplete, or outdated, you can request us to correct or update it.
Right to Erasure ("Right to be Forgotten") (Article 17 GDPR)
- You can request that we delete your personal data under certain circumstances, such as when the data is no longer necessary for the purpose it was collected.
Right to Restrict Processing (Article 18 GDPR)
- You can ask us to limit the processing of your personal data in certain cases, for example, if you contest its accuracy or object to its processing.
Right to Object (Article 21 GDPR)
- You can object to the processing of your data based on our legitimate interests. If you object to direct marketing, we will immediately stop processing your data for this purpose.
Right to Data Portability (Article 20 GDPR)
- You have the right to receive your personal data in a structured, commonly used, and machine-readable format and request us to transfer it to another data controller.
Right to Withdraw Consent (Article 7(3) GDPR)
- If we process your data based on consent, you have the right to withdraw your consent at any time. This does not affect the lawfulness of processing before withdrawal.
Right to Lodge a Complaint (Article 77 GDPR)
- If you believe we have violated your data protection rights, you have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at https://autoriteitpersoonsgegevens.nl or the supervisory authority in your country of residence.
To exercise any of these rights, please contact us using the contact form on the website.
Website
Account
When you sign up for a course, lecture, think tank or want to view our free content you have to make an account on our website. This information is not used in any commercial manner unless you have given us explicit consent to do so. You can edit the information in your account or delete your account at any time. All data is encrypted on our website.
Cookies
We use the following cookies on our website:
- Google Analytics (Analyses data)
Some of our third-party providers (Google, HotJar, MailChimp, Facebook) process data outside the EEA. These transfers are safeguarded by Standard Contractual Clauses (SCCs) approved by the European Commission.
Log Data
Like many site operators, we collect information that your browser sends whenever you visit our Site ("Log Data").
This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics. This data is encrypted and can not lead us back to you or identify you in any way.
In addition, we may use third party services such as Google Analytics that collect, monitor and analyze this information.
Google Analytics
Our website uses Google Analytics to collect data. We use this data to understand how our users use our website, how effective our Adwords ads are on Google. The data collected by Google Analytics is processed by Google. We do not grant Google any rights to use this data in any other way. To read more about how Google protects your data please follow these links
Consent
- When signing up for a course, lecture or think tank you give us consent to send you information regarding the course. According to regulation 22 of the GDPR “if you are an existing customer who bought (or negotiated to buy) a similar product or service from us in the past, and we gave you a simple way to opt out both when we first collected your details and in every message we have sent you, we can send you marketing emails.” You have the possibility to opt out of our emailing at any point in time. You have the right to withdraw your consent at any time by contacting us through the contact form on the website. This does not affect the lawfulness of processing before withdrawal.
By using our services you declare that you are of legal age in the Netherlands and in the country you reside.
MoneyBird
When you sign up for a course, lecture, think tank, or buy a product an account is made in MoneyBird. MoneyBird is a software used to create invoices and keep track of payments. We only collect the data needed to send you the invoice. MoneyBird B.V is a Dutch company (address Moutlaan 35, 7523 MC, Enschede, the Netherlands and registered in the Dutch Chamber of Commerce with registration number 58209344.
When using MoneyBird you have the option to use iDeal or a regular SEPA Bank Transfer. We are not responsible for the data collected from these organizations. The responsibility lies with iDeal and/or your own bank and our bank. We do not use your IBAN or bank account number in any way, other than to refund your paid amount in case of a cancellation.
The data in MoneyBird is kept for 5-7 years as legally required by the tax authorities.
The following data is processed in MoneyBird:
- Company name
- First and last name
- Name if other than the one paying the invoice
- Address
- Postcode
- City
- Country
- Email address to which we send the invoice
- VAT number if applicable to you
- Phone number
- You will receive an individual identification number within MoneyBird
- IBAN or Account number for accountancy and tax purposes and refunds
MoneyBird follows the rules and regulations required when processing your data. MoneyBird will not use your data in any way without your explicit consent. If we stop using MoneyBird as our accountancy software all your data will be deleted. No payment information is stored on servers other than MoneyBird and ABN Amro. The data stored in MoneyBird is stored within the European Economic Area (EEA) on a server operated by Amazon in Frankfurt, Germany. MoneyBird uses the latest technology to protect your data.
Incitus and MoneyBird will only share your data incase of a breach in the contract between Incitus and the customer, examples of this is in case of a legal dispute or a breach of our terms and conditions. The data (limited to the name, address, and phone number) will then be transferred to a collection company or legal entity of our choosing.
You are entitled to receive all data collected by MoneyBird if you wish to. This can be done by contacting Moneybird directly.
MailChimp
The data containing your email address is stored in MailChimp. We use MailChimp to send you the practical information regarding courses like dates for the course, start and stop times for the course, location of the course, tips for accommodation and transportation to the venue.
We further use your data to send you promotional emails about new courses if you grant us permission to do this. You can withdraw this permission at any point in time by using the opt out link at the bottom of the email.
Once you opt out of MailChimp you risk missing out on the practical information regarding courses.
Google Suits
To communicate within the Incitus team we use Google Suits. Class lists are uploaded on Google Suits to keep track of the participants, make sure the correct information is given to the participants having signed up for a course. This is a secure platform and let’s us share information with minimal risk of loss of data. Our email is also hosted by Google to offer you a secure way of communicating with us. To read more about how Google protects your data please follow this link https://gsuite.google.com/terms/mcc_terms.html
We do not have plug-ins from Facebook on our website. We use Facebook paid advertisement services, in this case Facebook is the company using and storing your data. We are not responsible for how Facebook uses this information and we do not share any information about your data with Facebook. Facebook has to obey strict industry standards on privacy, data collection and protection like EU-US Privacy Shield Framework Certification when transferring data from the EU to the US.
Links
If you click on links provided on our website we are not responsible for how these companies use your information. These website are however bound to the same laws, regulations and jurisdiction as we are according to the General Data Protection Regulations.
Securing your data
We do everything in our power to secure any data retrieved when you visit our website or sign up for a course, lecture, think tank or buy a product. We only use software from trusted companies like Google and MoneyBird. These companies have to obey strict industry standards on privacy, data collection and protection like EU-US Privacy Shield Framework Certification when transferring data from the EU to the US.
Changes to the privacy policy
This Privacy Policy is effective as of 15th of July 2021 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.
If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.
If you have any questions about our privacy policy please do not hesitate to contact us.