We value the protection of your personal information. Therefore we carefully handle the processing of personal information of our users.
We process personal data only on behalf of the employer.
2. What is Personal Information?
Personal information is data that is directly or indirectly traceable to a (living)person. Examples of personal data are: name, address, date of birth, telephone number, location data, email address or an IP address.
3. Why do we process Personal Information?
We processes Personal Information with the aim of providing services and allowing these services to function as good as possible, to improve the functioning of our services and to generate statistics. The data is shared with the employer.
In addition, data is processed for security purposes and to be able to communicate efficiently with users of our services.
4. Based on what grounds do we process personal data?
Except that we processes personal data with your explicit consent, we do so because it is necessary for the functioning of our services on the basis of the agreement with our customers (your employer) and on the grounds of our legitimate interest in the fulfillm ent of our business processes.
In order to be able to use our services (such as: prehiring, preboarding, onboarding, continuous learning and offboarding) it is therefore necessary that you provide personal information such as; first name, last name, email. Without this personal data, we are not able to perform our services (completely) properly. Additional personal information can be processed when your employer asks for certain human resource related information. This information is not required to create an Appical account.
Indirectly from your employer
We generally do not collect sensitive information about you, unless you provide it to us voluntarily. For example, you may provide sensitive information such as racial or ethnic origin, sexual orientation, health information or religious or philosophical beliefs in a workflow that your employer has created. You consent to us collecting sensitive information which you provide to us voluntarily. If we need to collect any sensitive information for a specific purpose, we will ask for your consent.
5. What kind of (categories) Personal Information do we process?
We process the following personal information:
First name, Last name & Email address.
This information is required to create an account. Additional data can be entered by Employer or by You but this is optional.
First name, Last name & Email address, Skype ID, Linkedin ID, Job title & department, phone number, profile picture, IP Address, or any information asked through HR Forms by your employer.
Our feature HR Forms allows your employer to directly collect certain information for human resource purposes.
As a user, when you respond to HR Forms hosted by us, we collect, on behalf and upon instructions of your employer, information relating to you and your use of our services from a variety of sources:
(i) Information we collect directly from the user:
HR Forms responses
During employment measures are implemented to ensure that all (permanent and short term) staff comply to the information security requirements. All staff will be instructed at employment and trained during employment as is required based on their role and access to information according to the information classification guidelines. During employment employees are made aware of rules and procedures concerning security.
A program for information security awareness, education and training is defined and implemented. Staff awareness on information security requirements is validated during employment on regular intervals.
Our customers own all textual and visual content within their courses. The customer specific content will remain property by our customers and will not be re-used for other purposes.
6. Sharing Personal Information with third parties and (categories of) recipients
We only share personal information with third parties if this is necessary for our services, when there is a legal obligation, or when we are specifically requested by the customer (the employer). We do not pass on personal data to third parties other than; Digital Ocean, Intercom Mailchimp (Mandrill) and Amazon (Amazon Web Services). Sub-processors that comply with the EU-U.S. Privacy Shield might process data outside the EEC.
7. How long do we store Personal Information?
We do not store Personal Information any longer than necessary. Specifically, this means that the Personal Information is removed from our system when a user is deleted or 18 months after a user is deactivated (access to Appical is cancelled) by the employer.
8. Right to withdraw consent, access, rectification and erasure of Personal Information
At all times you are entitled to revoke your consent with regard to the processing of personal information by us, the right to inspect and correct the processed Personal Information and the erasure and transfer of the Personal Information processed / stored by us. You can also submit a complaint about the processing of Personal Information to the Dutch Data Protection Authority.
9. Source of Personal Information
Personal information that is not obtained from you directly is obtained from your employer.
We use the following types of cookies:
– Functional Cookies
– Statistic Cookies
– Marketing Cookies
Disable cookie collection
It is possible to set your browser so that you do not receive cookies. However, in that case it may be that you can not make use of certain services, or that our website and app work less well.
We value the protection of your Personal Information. Therefore we apply the highest possible security standards, technical and organizational measures to protect your Personal Information against abuse.
Appical has an ISO27001:2013 certification for Information Security Management. ISO 27001 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system. It ensures organisations can apply a framework to business processes to help identify, manage and reduce risks to information security, and considers not only IT but all business operations.