How do we obtain your personal data?
We may receive your personal data in the following ways:
• From our clients: When a client hires us to collect outstanding debts, we receive the personal data necessary for this. This is required to carry out our debt collection services.
• Directly from you: You may provide us with personal data yourself, for example when you contact us and share information about yourself.
• From public sources: We may obtain data from public registers.
• From third parties: Sometimes we receive information from other parties, such as bailiffs or lawyers. This only happens if it is legally permitted and necessary for our work.
What personal data do we process?
In carrying out our work ACCS processes various personal data, including but not limited to:
• Name, address, and place of residence
• Date and place of birth
• Gender
• Contact details, such as email address and phone number
• Bank account number
• Financial information
• Data related to the claim (such as claim details, invoice number, vehicle registration, payment details, recovery options, VAT number, Chamber of Commerce number, insolvency data, data from bailiff assignments on behalf of ACCS, Land Registry data, correspondence)
• Footage from security cameras
Which personal data we process depends on the specific situation.
Sensitive and special categories of personal data
ACCS recognizes that financial data are sensitive personal data. However, processing these data is necessary to perform our duties properly. There is no less intrusive way to do this. We only process data that are strictly necessary, this is called data minimization.
In principle, ACCS does not process special categories of personal data. In exceptional cases we may do so based on a compelling legitimate interest or laws that permit this in certain circumstances or activities.
On what legal grounds do we process your personal data?
Every organization processing personal data must have a legal basis. We process personal data based on the following legal grounds:
• Legitimate interest
• Consent
• Performance of a contract
• Legal obligation
How long do we keep your personal data?
We keep your personal data only as long as necessary for the purpose for which we collected them. If we no longer need your data for that purpose, we delete them. However, sometimes we are legally required to keep your data for a longer period.
In most cases ACCS keeps your personal data for up to 7 years after closing your file. After that, we delete your data from our systems.
With whom do we share your personal data?
ACCS shares your personal data with other parties only if necessary to perform the contract or to comply with a legal obligation. We enter into data processing agreements with companies that process your data on our behalf. These agreements include strict requirements to protect the security and confidentiality of your data. This way, we ensure your data are well protected.
If we transfer your personal data to companies located in a third country, we ensure appropriate safeguards are in place.
How do we protect your personal data?
To protect your personal data, ACCS has implemented various measures:
• Technical measures, such as secure systems and encryption
• Human measures, including training our staff on privacy
• Physical measures, such as secured buildings and access controls
• Technological controls to reduce risks
We comply with recognized quality standards, including ISO 9001:2015 and ISO 27001:2022. We also hold an ISAE 3402-II report. To ensure compliance ACCS undergoes regular audits by independent accredited certification bodies. We hold valid certificates and reports for all these standards.
Additionally, we ensure ongoing compliance with applicable privacy laws.
What privacy rights do you have?
You have several rights to control your personal data. These include:
• Right of access. You can ask which personal data we use about you.
• Right to rectification. If your data are incorrect or incomplete, you can ask us to correct or complete them.
• Right to erasure. In certain situations, you can ask us to delete your personal data.
• Right to withdraw consent. If you previously gave us permission to use your data, you can withdraw that consent at any time.
• Right to restriction of processing. You can ask us to limit how we use your data or to temporarily stop processing them, for example if too much data are requested or if you have made a request that we are still reviewing.
• Right to data portability. You can ask us to transfer your digital personal data to another organization providing similar services.
• Right to object. In certain cases you can object to the use of your personal data, for example for specific personal reasons. We will carefully consider and weigh your request.
• Right to lodge a complaint. If you disagree with how we process your data, you can contact our Privacy Officer. You also have the right to file a complaint with the data protection authority.
Contact
Our Privacy Officer supervises ACCS’s compliance with privacy laws. This role is held by Joyce Reynders, our Quality & Compliance Manager.
Name: Joyce Reynders
Address: Meerenakkerweg 1a, 5652 AR Eindhoven, The Netherlands
Email: privacy@accsinternational.com
The Privacy Officer is registered with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). Our Privacy Officer is also listed in the EIPACC European Register of Data Protection Professionals (RDPP).
