(hereinafter referred to as: ‘Privacy Statement‘)
Effective from: 2022-06-28
The Management Drives group, hereinafter referred to as: ‘Management Drives’, is the supplier of the Management Drives App, hereinafter referred to as: ‘MD App. MD is a mobile application developed by Management Drives. *Management Drives has authorized AppInChina to publish and provide maintenance to the app in Mainland China. Management Drives respects the privacy of all its customers and processes all personal data processed by it in accordance with the General Data Protection Regulation, hereinafter referred to as: the ‘GDPR’, the Privacy Statement and all other applicable legislation and regulations.
By means of this Privacy Statement, Management Drives wishes to inform all parties that come into contact with the MD App about the way in which Management Drives handles the personal data of individuals, hereinafter referred to as: the ‘Data Subjects’, which data are processed by Management Drives in its capacity as Processor or Controller within the meaning of the GDPR.
Management Drives sets out the following in this Privacy Statement:
Name and contact details Management Drives:
Management Drives International B.V., Herenlaan 2, 3701 AT Zeist
Info@managementdrives.com, +31 30 635 54 00
Name and contact details Sub-processors:
Management Drives obtains the personal data from the Data Subjects, whether or not via an authorised third party, because the Data Subject is using or is intending to use the services of Management Drives because the Data Subject completed a questionnaire and is using the MD App.
Most of the data are provided by the Data Subject, whether or not through an authorised third party.
Management Drives processes the personal data for the following purposes:
Management Drives is the provider of the MD App. Management Drives processes the personal data of Data Subjects in order to enter into or perform the agreement which is concluded, directly or indirectly, with Data Subjects. Management Drives also processes personal data if required to do so by law, because it has a legitimate interest in doing so or if permission has been given.
If a Data Subject has given Management Drives permission to process their personal data for certain purposes, the Data Subject may revoke this permission at any time in the same manner as it was provided by him or her.
If Management Drives collects personal data on the basis of its legitimate interest, it will ensure by means of pseudonymisation or anonymisation that the personal data cannot be traced back to the Data Subject. In the event that Management Drives processes personal data on the grounds of its legitimate interest, the Data Subject has the right not to complete these data or to object free of charge to the processing.
Management Drives will process the following categories of personal data for the purposes described below:
Used for app functionality to login and identify the user. An account must be created in order to use the MD App, otherwise a user will not get access.
Used for app functionality to login and identify the user and communication. The results of the questionnaire is linked to the email address of the user. The email address is required to create an account and communicate.
Used for app functionality and to identify a user. Users can be found on their first and last name in order to share their profile. A first and last name is required for the database and search functionality to work.
Used for displaying the MD Profile that is linked to the email address. The MD Profile is retrieved when creating an account in the MD App.
Used for app functionality and to identify a user. The administration number is created upon registration for the MD App.
Special category data is not processed.
The MD App might request access to following functionalities on your device.
| Device permission | Corresponding business function | Description of function and scenario | Whether to be turned off |
| Pictures | Edit user or team information | Upload picture to set as profile picture. | Yes. When it’s turned off only corresponding functions will be affected, instead of other functions in the app |
If Management Drives acts as a Processor, it will apply the same retention period as the Controller, with the proviso that Management Drives has instructed the Controllers to apply a retention period of 10 years.
In the case of processing where Management Drives acts as a Controller, it will not retain the data longer than necessary for the purpose for which they were collected. Management Drives applies a retention period of 10 years in this respect. After this period the data will be destroyed by Management Drives, unless it is required to retain the data for a longer period of time in order to comply with a statutory obligation.
Management Drives uses the following sub processors for hosting and maintaining the MD App:
Centric Netherlands B.V. Business Unit: Solution Engineering is a hosting provider and software developer. Management Drives uses Centric’s services to manage, maintain and develop the MD App. The data from the MD App is stored by Centric Netherlands B.V. in the Netherlands. Centric Netherlands B.V. Business Unit: Solution Engineering is ISO 27001 certified. Centric Netherland B.V. and Management Drives have concluded a processor agreement that complies with the GDPR.
Amazon Web Services is a cloud provider that provides storage services. Management Drives uses Amazon’s services to store data from the MD App. The data from the MD App is stored by Amazon Web Services in the data centre of Amazon in Frankfurt am Main. Amazon Web Services is ISO 27001 certified. Amazon Web Services and Management Drives have concluded a processor agreement that complies with the GDPR.
Management Drives is a Dutch company that also operates internationally. All data processed by Management Drives, are processed and stored only in the data centres of its sub processors and only in the European Economic Area (EEA).
The following measures are taken by Management Drives to ensure the ‘availability’, ‘integrity’ and ‘confidentiality’ of the MD App in order to prevent a personal data breach.
Only authorised employees of Management Drives responsible for managing the database have access to the personal data. Employees will only have access to personal data if they have signed a non-disclosure agreement and comply with the other security regulations applied by Management Drives. Employees of Management Drives are aware of the security risks and their obligations with regard to the protection of personal data.
Management Drives ensures that both internal and external audits are carried out on a frequent basis in order to demonstrate that the obligations under the GDPR are being met.
Under the GDPR, the Data Subject has the following rights:
(This is the Data Subject’s right to receive personal data and to transmit the data unhindered to another Controller or the right to request that personal data be transmitted directly to another Controller);
(This is the Data Subject’s right to be ‘forgotten’ in the MD App);
(This is the Data Subject’s right to access the personal data concerning them which are being processed);
(This is the Data Subject’s right to modify or supplement the Data Subject’s personal data which are being processed);
(This is the Data Subject’s right to have less of his or her data processed);
(This is the Data Subject’s right to human intervention in automatic decisions with legal effect);
Management Drives has adjusted its app, processes and internal organisation to these rights so that it can respond properly, whether or not via an authorised third party, to the requests of Data Subjects.
In the event of complaints relating to the manner in which Management Drives processes personal data, the party concerned must first contact Management Drives (see above under 1. ‘General contact information’). In addition, the parties concerned have the right to submit a complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) via its website: https://autoriteitpersoonsgegevens.nl/en.
Management Drives reserves the right to amend its Privacy Statement. At the time of the amendment, the new policy will automatically be in force and replace the previous version. Since amendments may be made, Management Drives advises all parties that come into contact with Management Drives or the MD App to regularly review the Privacy Statement. This statement was last amended on June 28 2022.
For questions and/or comments about this Privacy Statement, please contact info@managementdrives.com.
If you would like to terminate your account and erase all your personal information and data, go to Settings-Delete account in the MD App. Or contact us at info@managementdrives.com, we will process it within 15 working days.