Below you will find all the information regarding your privacy.
We take your privacy seriously at Dytter, and we promise to be responsible and transparent in our treatment of your data. Below you can read which information we request from you, directly or indirectly, why we need it, and what we do with it. If you don’t think we’re keeping this promise, or if you have any questions, this page also explains what steps you can take, and how you can contact us.
To make it easy for you, we’ve listed out all of the privacy-related topics covered here by number—just find the number you want information about:
- Personal data we process, including an explanation why we need that information.
- What special and/or sensitive personal data we process.
- What happens to incomplete profiles, and what we mean by this.
- The cookies and related techniques that we use to receive feedback and to continually improve our services. We’re also happy to explain how to remove cookies if you wish.
- How we protect your personal data.
- How long we keep personal data, and how we chose that period
- Which personal data we share with third parties, and why.
- How you can view, modify or delete your data.
- Information on how to file a complaint if we cannot keep our promise.
- The place of processing.
- Information about automated decision-making, i.e. a decision made by a machine without a person in between (in short: we don't do this).
- When we are allowed to make adjustments to this privacy statement.
- The Medical Treatment Agreement Act (Geneeskundige Behandelingsovereenkomst).
- Questions and comments, and our contact information.
We process several different types of data, and we make a distinction between data that you provide voluntarily and data that we receive from you (automatically) after approval, such as data provided by cookies. We'll get into more detail about our cookies later.
1. The data that you provide voluntarily includes:
- Primary personal data: This includes your first and last name, gender, physical address, telephone number and e-mail address. We need this to contact you—for example: to send a newsletter, for the care agreement, for invoicing, for the provision of the care services and to notify you of changes.
Dytter also processes personal data if we are legally obliged to do so, such as information that we need for our tax return.
- Other personal data: This includes information from a legal representative (if applicable), information about the care you need or can provide, some personal details such as whether you are a smoker or have pets, what languages you speak, information about the care referral (if applicable), availability (for care providers), company information (for independent care providers). We need this information in order to accept your profile, so that you can use our online care platform and services.
- Location data: We need your location data to ensure that the care is delivered to the correct address, but also to see which care providers are located near you.
- Payment details: In order to process a payment, we need the details of your company (for independent healthcare providers) and a bank account number (for healthcare users).
Data we receive through cookies, after approval, includes:
- Information about your activities on our website, for example which pages you visit on our website. Dytter analyzes how you use the website in order to improve it, and to tailor the range of products and services to your preferences.
- Some information about your visits to other websites (this is primarily because of advertising networks that Dytter works with).
- What kind of device and internet browser you are using.
2. Dytter processes the following special and / or sensitive personal data about you:
- Health, through the booking information of care services at Dytter and the reported information from functionalities 'transfer' and 'care plan' (only for the care recipient)
If a person under the age of 16 registers as a care recipient with the consent of their parent or guardian, this also requires processing special and/or sensitive personal data. The parent or guardian concerned must then register on the care recipient's profile as a legal representative.
We do not intend to collect data from website visitors who are younger than 16 years old. The exception to this rule is if they have permission from a parent(s) or guardian to use our website and/or services. However, we cannot check whether our website visitors are older than 16 years. We therefore recommend that parents and guardians monitor the online activities of their children, in order to prevent (special) personal data from being collected from minors without their consent.
If we have collected data from a minor without the consent of their parent(s) or guardian, please contact us at email@example.com. This is the best way to request that we delete this data. When making such a request, please include copies of identification from both the parent (s) or guardian and the minor, so that we can verify that the request is coming from a parent or guardian, and concerns a minor. This is necessary, because such a request can only be made by a parent, guardian, or legal representative. Please obscure or blackout your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and Citizen Service Number (BSN) in this copy. This is to protect your privacy.
3. Incomplete profiles
If your profile is incomplete, you won’t be able to make a booking proposal because we won’t have the necessary information.
We may not be able to determine, for example, which care is required, where the care must be provided or how the care will be paid for. Care providers with incomplete profiles are not displayed in the web app, and cannot be booked for service.
In addition to a fully completed profile, it is necessary for the care provider to successfully pass a screening process. This screening shows whether the care provider is authorized to provide care. The care provider only becomes visible when he or she successfully passes the screening and the profile has been fully completed.
4. Cookies and related techniques that we use
A cookie is a small text file that is stored on your computer, tablet or smartphone when you first visit this website. Dytter only uses functional cookies and analytical cookies that do not infringe your privacy, so we cannot trace the data we receive from you back to you as a person.
- Functional cookies: These cookies are necessary for the technical operation of the website and for your ease of use. They ensure that the website works properly, and they remember your preferences—for example, when giving criteria for your ideal care provider, or when setting your availability as a care provider.
- Analytical cookies: We use these cookies to see how you use our website, so that we can optimize it where necessary. These cookies only show your anonymized activity on our website, so there’s no way for us to identify you as a person based on this data (we have disabled this).
- Cookies from third parties: Cookies are also placed on our website by third parties, typically advertisers and social media companies.
After agreeing to the cookies, it is possible to withdraw your agreement. It is also possible to delete the cookies at any time after your visit to our website. To see exactly how this works, go to the following pages, depending on which browser you use:
5. How we protect personal data
We take your data security very seriously. This includes taking appropriate measures to prevent unauthorized access, misuse, or loss of your information, or any unauthorized changes or unwanted disclosure. If you feel that we may not be properly secured, or if you see any indications of abuse, please let us know by contacting us at firstname.lastname@example.org .
6. How long we keep personal data
Dytter does not store your personal data any longer than is legally allowed, or strictly necessary, to achieve the purposes for which it was collected. We use the following retention periods for the following (categories) of personal data:
- Profile information: 15 years in accordance with the legal retention period of the health information.
- Screening information (if you are a healthcare provider): 5 years after completion of the screening, after this period your data will be anonymised. The copy of your ID card will be kept for 2 weeks.
- Booking information: 7 years
- Health information: 15 years, in accordance with the legal retention period for medical records according to the WGBO.
- Website visitor information: As long as there is an agreement between Dytter and Google Analytics and as long as you continue to visit our website or web app. With one-time visits, the data will be deleted after 36 months.
7. Sharing of personal data with third parties
Dytter will not sell your information to third parties and will only provide your information if necessary for the execution of our agreement with you or to comply with a legal obligation. We have entered into agreements with the companies with whom we work, who may process your data on behalf of Dytter, to ensure that they—like us—have sufficient measures in place to ensure that your personal data is stored securely. However, we remain responsible at all times for the processing of your data. There are a number of companies that we work with, who receive certain data from you. However, they are not allowed to do anything with this data, except store it. All obligations that we mention in this privacy statement also apply to the following systems:
- CRM system: Our CRM (customer relationship system) stores the data of healthcare providers who have registered with Dytter. We store this information in the CRM so that we can contact you, but also to provide you with better service.
- Screening system: Healthcare providers are asked to go through a screening process. In this case, the independent screening party requires your personal information, as well as information necessary to determine whether you are an authorized healthcare provider.
- Marketing tools: We use a number of marketing systems. One of them sends newsletters and other commercial or informational emails. We also use systems that give us insight into how visitors navigate through our website, which allows us to improve our website experience.
- Payment service: We use a payment service, which makes it easy and quick to pay invoices. In order for a payment to take place, the service needs the right data to ensure that invoices reach the right people.
- ICT systems: We use a number of ICT systems to provide our service. These ensure that the web app can be used, allowing you to, for example, create a profile or make a booking. Without these systems, we’re unable to offer our services.
8. View, modify or delete your data
Under current laws and regulations, you have the right to know which information that companies such as ours keep about you. You also have the right to view, amend or delete your personal data at any time. We will also forward these requests to the aforementioned companies we work with.
View and adjust your data
You can view data in your account. If you want to adjust your data, this is possible via the personal settings in your account.
Delete your data
If you no longer want to use Dytter and want to delete all your data, we ask that you make this request via email to email@example.com. Please include a copy of your ID with your request so that we can be sure that you’re the one making the request. This is because nobody else, besides your legal representative, is authorized to do so. To protect your privacy, please obscure or black out your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and Citizen Service Number (BSN) in this copy.
Object to or withdraw your consent for data processing
You also have the right to withdraw your consent for the data processing, or to object to the processing of your personal data by our company. You also have the right to data portability, which means you can submit a request that we send you the personal data we keep on file, or that is kept on file by one of the organizations mentioned above.
9. Submitting a complaint
You also have the right to file a complaint at any time with the national supervisory authority, the Dutch Data Protection Authority. This can be done through the following link: https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons .
10. Place of processing
Your personal data may be processed outside the Netherlands. This may include countries that do not have extensive privacy legislation, or legislation that is different than what exists in the Netherlands. We will always ensure that your personal data is properly protected and secured. We have concluded an agreement with our partner companies that allows us to guarantee that your data will be properly protected.
11. Automated decision making
Dytter does not use data for automated decision-making. Automated decision-making refers to decisions made by computer programs or computer systems, with little or no human involvement, which can have significant consequences for you. Instead, every significant decision at Dytter is made by a person: an employee of Dytter and/or one of the companies we work with. We do not use data to make automatic decisions for you.
12. Adjustments to privacy statement
We can and may adjust this privacy statement at any time. You will always find the most current privacy statement on our website: www.dytter.com . If substantive changes take place, we will indicate and report this to you.
13. Medical Treatment Agreement Act
Dytter is an online care platform where care recipients and care providers can put together their own healthcare arrangement. As soon as a care provider is booked to provide care, the provider is responsible for the care provided, and any data that they submit regarding the recipient and the care provided, in our web app. Examples of this data include the indication, transfers and documents for a treatment plan. This agreement is concluded between the care recipient and the care provider.
This privacy statement therefore does not regulate the recording of personal or other data about the care recipient in the context of the Medical Treatment Contracts Act (WGBO). This is considered a matter between the care recipient and the care provider. We only ensure the security of these data.
14. Questions and comments, and our contact information.
If you have any questions or comments, please let us know. For questions regarding this privacy statement, please contact our Data Protection Officer, André Piso, at firstname.lastname@example.org