General Data Protection Regulation (GDPR)

Since the introduction of the GDPR in May 2018, uniform privacy rules apply throughout the EU, and HeadFirst aims to handle personal data with the utmost care. Via HeadFirst Select, independent professionals, suppliers and clients are efficiently connected to each other, while compliance with the GDPR is guaranteed by security measures and clear agreements. Customers can manage their own data and contact us in case of complaints.

The General Data Protection Regulation (GDPR) has been applicable since 25 May 2018. The GDPR has replaced the Personal Data Protection Act (Wbp) and ensures that the same privacy legislation applies throughout the European Union (EU).

HeadFirst believes it is important to handle your personal data with care and has taken steps to demonstrably comply with the GDPR.

What is HeadFirst Select?

HeadFirst Select is an online platform for professionals and clients and offers direct access to a current range of tens of thousands of professionals. Supply and demand in the flexible labor market are now more closely aligned than ever before in a transparent manner. This provides many advantages, such as an optimal price-quality ratio and better matches in terms of knowledge and skills.

Who is HeadFirst Select intended for?

HeadFirst Source Group offers independent professionals the opportunity to register in HeadFirst Select to build a profile. In addition, suppliers can create profiles of professionals with whom they collaborate. Both independent professionals and suppliers can place bids on assignments. Clients can log in to their own HeadFirst Select environment and place assignments and view profiles of independent professionals selected for them.

Who do the HeadFirst Select Terms of Use apply to?

The Terms of Use apply to independent professionals, suppliers and clients who create an account and use HeadFirst Select and/or otherwise use the services of HeadFirst Source Group. Please note: if you are a professional and a supplier registers you with HeadFirst Select, you are bound by the agreements you have made with this supplier. You cannot then log in to HeadFirst Select yourself.

How are my personal data protected?

All personal data that you provide to HeadFirst Source Group will be treated with the utmost care and in accordance with applicable EU and national regulations. You can read more information about the way in which we process personal data in our Privacy Statement.

When do the HeadFirst Select Terms of Use apply?

The Terms of Use apply to the use of HeadFirst Select and other services of HeadFirst Source Group and apply from the moment you use our services, for example by creating an account on HeadFirst Select. After you have created an account, you can further complete your profile and use the various options in HeadFirst Select.

What does HeadFirst Source Group do about GDPR compliance?

HeadFirst Source Group attaches great importance to privacy compliance; first under the Personal Data Protection Act and now under the GDPR. Because the GDPR imposes stricter obligations and gives more rights to data subjects, HeadFirst Source Group has taken a number of actions to be able to comply with this.

For example, HeadFirst Source Group has appointed a Data Protection Officer who monitors compliance with the GDPR and advises the organization on compliance.

HeadFirst Source Group has updated its Privacy Statement to provide more information about data processing and your rights.

We pay continuous attention to data protection. Compliance with the GDPR and other laws and regulations regarding the processing of personal data is an ongoing process.

Who is responsible for processing my personal data?

HeadFirst is responsible for processing personal data via HeadFirst Select. We process personal data together with our affiliated companies:

HeadFirst IT B.V.
Oyster Coast B.V.
Source Automation B.V.
Source Payroll B.V.
Source Payroll Services B.V.
Source Automation BVBA (Belgium)
Source Automation Luxemburg SA
Proud Payroll B.V.
Proud ICT B.V.
Associates B.V.
Designated Professionals B.V.

If you are a professional whose personal data is provided to us by a supplier, this supplier is independently responsible for this. The supplier may use its own privacy statement and terms and conditions. We recommend that you consult these.

Whose personal data do we process?

Which personal data we process depends on the services that are used. This concerns in in any case the following persons:

- visitors to our websites and readers of our mailings;
- independent professionals who use HeadFirst Select (based on registration, profile and/or digital safe);
- clients who use HeadFirst Select;
- suppliers who use HeadFirst Select;
- professionals from whom we receive personal data via a supplier.

For what purposes are my personal data processed?

Our core activity is mediation in the hiring of external personnel and contract management. HeadFirst Select ensures that professionals and clients can easily find each other and that the best match is made. In this context, we process your personal data for administration, service provision, compliance and security.

When may my personal data be stored?

Personal data may not simply be processed, a legal basis is required for this. We only process personal data on the basis of the following principles:

The data processing is necessary for the execution of an agreement. This is the case, for example, when you use HeadFirst Select. Our agreements are laid down in the Terms of Use.
Consent of the person concerned. In certain cases, we may ask for permission to process your data, for example when we want to send you direct marketing messages.

The data processing is necessary to comply with a legal obligation. We must process certain personal data in order to comply with tax or employment law obligations, for example.
The data processing is necessary to safeguard legitimate interests. For example, we have a legitimate interest in optimizing our services and securing our systems and property.

Who has access to my personal data?
Our employees have access to your personal data on a need-to-know basis. These may also be employees of companies affiliated with us.

In addition, we may share personal data with third parties in certain cases. We only do this when it is necessary for our services.

With external service providers such as hosting parties and IT suppliers. To the extent that these parties qualify as processors and process personal data on our behalf, we have concluded a processing agreement with them.
With our clients and possibly with the supplier by whom the professional has been registered in HeadFirst Select. In addition, we may share personal data with other parties with whom we collaborate, such as financial service providers. Only if and to the extent required by law, with supervisors, tax authorities and investigative authorities.

Are my personal data safe?
We have taken appropriate technical and organizational security measures to protect the personal data that we process against loss or unlawful use. For example, we secure our systems and applications in accordance with the applicable standards for information security. We have also made agreements with our service providers and oblige them to take adequate security measures.

Are my personal data processed outside the EEA?

In principle, we process your personal data within the European Economic Area (EEA). We use servers that are located in Europe and our group companies are located within the EEA. Because we can use processors that have their main establishment outside the EEA, it cannot be ruled out that we share personal data directly or indirectly with organizations outside the EEA. To the extent that this is the case, we take appropriate measures to legitimize this processing.

How long will my personal data be stored?

We only store personal data for as long as this is necessary for predetermined purposes. This means that we process personal data in any case as long as you are registered with us and/or have an agreement with us. We can then retain the personal data for some time, for example when we still have obligations towards you or when a legal retention obligation applies.

How can I view, change or delete my data?

You are the boss of your own data. That is why you have the right to view, rectify, transfer and delete personal data that relate to you. You can also object to the use of your personal data or request that this use be limited. You can exercise these rights by logging in to HeadFirst Select and viewing and/or changing your personal data there.

How can I file a complaint?

If you have complaints about how we handle your personal data, you can reach us by telephone on 023 – 568 56 30 or by e-mail via privacy@headfirst.nl.

Recent updates

Nieuws

Voor ZP'ers

Zakelijke reisverzekering voor zelfstandig professionals: alles wat je moet weten

Als zzp’er ben je regelmatig onderweg voor je werk. Of je nu een internationale klant bezoekt, een congres bijwoont of tijdelijk in het buitenland werkt, een zakelijke reis brengt risico’s met zich mee. Gelukkig kun je je hier goed tegen beschermen met een zakelijke reisverzekering. Maar wanneer is zo’n verzekering nou echt nodig? En is het verplicht? Dat en meer leggen we je in dit artikel uit.

Nieuws

Voor ZP'ers

Wet & regelgeving

Het belang van een woon- of vestigingsland voor de belasting (Fiscale Domicilie)

Fiscale domicilie verwijst naar het land waarin je voor belastingdoeleinden officieel gevestigd bent. Dit is doorgaans het land waar je woont en werkt, maar kan in sommige gevallen ook afhangen van waar je bedrijf is ingeschreven of waar je economische activiteiten plaatsvinden.

Nieuws

Voor ZP'ers

Wet & regelgeving

Alles over de Verklaring Omtrent Gedrag (VOG)

Een Verklaring Omtrent Gedrag is een officieel document dat wordt uitgegeven door de Dienst Justis, onderdeel van het Ministerie van Justitie en Veiligheid.