Favorites
Customer portal My UBN

GDPR

Privacy Do's & Don'ts

ABU has summarized the most important consequences of the GDPR for temporary employment agencies in a concise description.

Data breach protocol UBN

A data breach occurs when personal data is processed unlawfully, exposed to loss, or otherwise unjustly or unintentionally falls into the hands of a person or organization that should not have access to that data. This could involve a lost USB stick or a stolen laptop containing personal data, but also a breach of a data system or accidental provision of access to data to persons or entities that should not have access to it. A data breach can be as simple as sending an email to an address file in which all email addresses are visible to everyone.

Examples of data breaches include:

  • You have sent an email containing personal data to the wrong person.
  • Some resumes were thrown in the trash (and therefore not in the shredder).
  • Someone knows your login details for Citrix or another UBN application.
  • You provide proof of identity to an external party, except for foreign nationals' documents to hirers.

Obligation to report

In the event of a serious data breach, UBN is obliged under the General Data Protection Regulation (GDPR) to report this to the Dutch Data Protection Authority (AP) within 72 hours and, in some cases, to the individuals concerned. If it concerns a limited data breach that does not pose a privacy risk to the data subject(s), this does not need to be reported to the AP. Every data breach, no matter how small, must be recorded internally.

It is important that everyone knows what to do in the event of (a suspected) data breach. Below you can read how you are expected to act.

At UBN, we have a central reporting center for (suspected) data breaches.
The members of the UBN data breach reporting center are:

  • Maurits Mulder; 0618131700

If Maurits is unavailable, please contact:

  • ICT Advisor; 0297 288 873

The protocol

Immediately after an employee/staff member discovers or becomes aware that there may be a loss or unlawful processing of personal data within UBN, he/she must report this to the UBN data breach reporting center.

The data breach reporting center decides whether there has been a (potential) data breach and, if so, whether this data breach must be reported to the Dutch Data Protection Authority and/or to the person(s) concerned.

If necessary, the data breach reporting center will notify the Dutch Data Protection Authority and/or the person(s) concerned. Employees are not permitted to report the (potential) data breach to the Dutch Data Protection Authority and/or the person(s) concerned themselves.

If the employee disagrees with the decision of the data breach reporting center to report or not report the (potential) data breach to the Dutch Data Protection Authority and/or the person(s) concerned, they should contact management.

Job openings

I am looking for staff

About UBN