Privacy- and Cookie Policy

This privacy and cookie statement was most recently revised on the 8^th of March 2023.

Onewave the Agency B.V. (hereafter: Onewave) offers services in the field of (personal) energy and vitality. We do this through vitality programmes, workshops, our website (www.onewave.agency) (hereafter: service), among other things. As part of the services we offer, we process personal data. This privacy and cookie statement tells you which personal data we process and what we do with it.

Our privacy and cookie statement at a glance

Your privacy is of great importance to us. We therefore comply with the General Data Protection Regulation (hereinafter: GGDPR). This means that we:

• Record our purposes before we process your personal data, as set out in this privacy and cookie statement.
• Store as little personal data as possible and only the data necessary for our purposes.
• Ask for explicit consent for the processing of your personal data, should consent be required.
• Take the necessary security measures to protect your personal data. We also impose these obligations on parties who process personal data on our behalf.
• Respect your rights, such as the right of access, rectification or erasure of your personal data processed by us.

We obtain various personal data from you. We specify for each purpose what data we obtain from you, for what purpose we process these data and for how long they are stored. If you have any questions or would like to know exactly what information we store about you, please contact us. Our contact details are mentioned at the bottom of this privacy statement.

For delivery of our Services

As a programme participant, we process various (special) personal data from you. These personal data are collected in different ways.

We find it important to stress that under no circumstances we share sensitive data with your employer, or anyone, other than yourself

We process the following personal data upon registration for our program:

• First and last name
• Date of birth
• Address
• Postal code
• Place of residence
• Gender

We process the following personal data once you participate in the programme:

• Length
• Contact details (e-mail address and phone number)
• Heart rate (variation)
• Activities (exercise behaviour)
• Number of hours of sleep
• Perception on quality of sleep
• Movement through GPS data
• Oxygen use
• Data on (chronic) diseases and/or conditions
• Medication use
• Any personal data you provide to us yourself as a participant in the context of keeping your diary/logbook

We process health data based on your personal consent so that we can provide our services to you. Again, under no circumstances do we share this data with anyone other than yourself. All processing of other personal data necessary for the performance of our services (such as your name, address and contact details), we process on the basis of the performance of the agreement.

We keep your personal data for up to 12 months after the service is terminated. We keep some data longer if we are legally obliged to do so (e.g. because of the 7-year tax retention obligation).

For contact and complaint handling

When you send us an e-mail, fill in the contact form on the website, contact us by telephone, or contact us in any other way, you agree to our terms and conditions of contact (execution of the agreement).

For this purpose, we process the following personal data:

• Name
• Business information (if you contact us from a business perspective)
• Contact details (e-mail address and telephone number)
• Social media account
• Any information you provide as part of the content of a message

We store these contact moments with the personal data you provide for the purpose of carrying out the contract and handling your complaint if necessary. We keep this information for as long as necessary for this contact or up to 2 years after we last had contact with you, because we want to make sure we have handled your question or complaint properly.

For newsletters

Through our website, you can sign up for Onewave’s newsletter (consent). We send out a newsletter by e-mail once a month containing promotions, inspiration, insights and the latest Onewave products and services. Furthermore, we can send personalised messages based on your account should you wish to do so.

We process your e-mail address for this purpose.

We keep your data until you unsubscribe from our newsletter. If you no longer wish to receive the newsletter, you can unsubscribe at any time via the link at the bottom of the newsletter.

To request white paper, demo and/or informative talk

On our website, you can request a free white paper, demo and/or informative meeting. Onewave will then contact you regarding the white paper, demo and/or informative talk. To be able to contact you and make you an appropriate offer, Onewave needs some personal data from you. Filling in your personal data (online) is necessary so that we can contact you about the white paper, demo and/or informative talk, therefore the processing is necessary for the execution of the agreement.

To this end, we process the following personal data:

• First and last name
• Contact details (e-mail address and telephone number)
• Company name
• Function
• Any personal data you enter yourself as message content

We keep your personal data for a maximum of two years. We keep some data longer if we are legally obliged to do so (e.g. because of the 7-year tax retention obligation).

For supplier services

We purchase our products from various suppliers. In this context, we require various data to complete the order (execution of the agreement).

For this purpose, we process the following personal data:

• Company name
• Business address
• Name contact person
• Contact details (e-mail address and telephone number)
• Financial details
• Any other information you share with us

We store this data up to two years. We keep some data longer if we are legally obligated to do so (e.g., because of the 7-year tax retention obligation).

For handling job applications

If you apply for one of our job openings or submit an open application, we process your personal data for the purpose of handling your application and in preparation for a possible employment contract.

For this purpose, we process the following personal data:

• Name and address details
• Contact details (e-mail address and telephone number)
• Curriculum Vitae
• Motivation letter
• Salary requirements
• References
• Any other information you provide with your application

Your application details are stored for a maximum of 6 weeks after the position has been filled. We store this information so that we can contact you should the position become vacant again within the probationary period. If we are unable to offer you a position at this time, we may – with your consent – keep the application data for one more year. You can revoke your consent at any time by sending us an e-mail. We will store your application data in your personnel file should you decide to work for us. This file will be stored for as long as necessary, and the application data will be kept for a maximum of 2 years after entering into employment.

A social media and internet screening can be part of the application procedure. This is necessary for us to preserve our image when hiring new staff; we do this on a legitimate interest basis. We will do a search of your name on Google and any profile you may have on various social media. This applies, of course, insofar as these profiles are public. We will not ask you to grant us access to a private social media page or to accept a request from us. The results of the screening will be discussed with you. Should you have any objections to this, you can inform us by e-mail at the time of your application.

Onewave will only share your data with third parties to the extent permitted by current legislation. We may provide your personal data to third parties when:

• We have engaged them to process certain data (f.e. the IT supplier of the tooling that we use, or the coach that helps you as part of the program);
• We have a legal basis to do so;
• We are legally obligated to do so (e.g., if the police demand this in case of a suspicion of a crime).

Third parties processing personal data on our behalf or yours:

• IT suppliers and service providers
• Hosting party
• Cookie service providers
• Payment service providers and collections agencies
• Mail order companies
• Marketing companies
• Coaches
• Partners
• Government departments (e.g. tax authorities, municipalities)

Onewave may provide your personal data to parties located outside the European Economic Area (EEA) to provide those services. Onewave will only do so if there is an appropriate level of protection for the processing of personal data.

This privacy statement applies only to the services of Onewave. we are not responsible for the privacy practices of other websites, which can be accessed through a link on our website.

Our website uses first-party and third-party cookies. Cookies are small data files that can be automatically stored on or read from the visitor’s device (such as PC, tablet or smartphone) when visiting a website. This is done via the web browser on the device.

We use the following types of cookies:

• Functional cookies: these cookies have a functional role within the website. The cookies ensure that the website functions properly.
• Analytical cookies: these cookies give us insight into how our website is used. Based on this information, we can make our website more user-friendly.
• Marketing cookies: these cookies make it possible to show you personalised advertisements (via our advertising partners).

The cookies may collect the following data from you, among others:

• Name
• Login information
• Screen display options
• IP address
• Cookie ID
• Website and click behaviour
• Referrer URL
• Behaviour within the application

On your first visit to our website, we will display a message explaining how cookies are used. We will ask for your consent for the use of cookies to the extent we are required to do so.

The list of the cookies we use is shown in the overview below. 

Functional:

• Various:
  First-party cookies with strictly functional purposes.
  PURPOSE: These cookies enable necessary functionalities of the application, such as remembering the chosen language and whether consent has been given for cookies, displaying the cookiebanner etc.
  RETENTION PERIOD: Maximum 2 years

Analytisch:

• Hotjar (Hotjar Ltd., Malta / Privacy Statement):
  PURPOSE: Hotjar offers a service that helps us better understand our website visitor experience (how much time they spend on which page, what links they decide to click on, what website visitors like and don’t like, etc.). This allows us to improve our website based on their feedback. Hotjar uses cookies and other technologies to collect data on our website visitors behaviour and their devices (in particular, device IP address (captured and stored only in anonymized form), device screen resolution, device type (unique device identifiers), browser information, geographical location (country level only), preferred language for viewing our website).
  RETENTION PERIOD: Maximum of 1 year
• Google Analytics (Google LLC, United States  / Privacy Statement):
  PURPOSE: These cookies are placed to gain insight into visitor behaviour and to improve the user experience. We have configured these cookies to be privacy-friendly. That means the following:
  • We have concluded a data processing agreement with Google;
  • We only provide Google with masked IP addresses;
  • We do not share data with Google; and
  • We do not use other Google services in combination with analytics.
  RETENTION PERIOD: Maximum 2 years

Marketing:

• Google Adwords  (Google LLC, United States Staten / Privacy Statement):
  PURPOSE: Google AdWords cookies are used to return website visitors based on their online website behaviour.
  RETENTION PERIOD: Maximum of 1 year
• Hotjar (Hotjar Ltd., Malta / Privacy Statement):
  PURPOSE: Hotjar is a technological service that helps us better understand our users’ experience (how much time they spend on which page, which links they decide to click on, what users like and dislike, etc.). This allows us to improve our application with user feedback. Hotjar uses cookies and other technologies to collect data from the behaviour of our users and their devices (in particular, IP addresses of devices (captured and stored only in anonymised form), screen resolution of device, device type (unique device IDs), browser information, geographical location (country level only), preferred language for displaying our application).
  RETENTION PERIOD: Session

Enabling and disabling cookies

You can set your web browser to only accept cookies with your consent. Consult your browser guide for more information. Please note that many websites will not function optimally when cookies are disabled. 

Deleting cookies

Most cookies have an expiry date. When an expiry date is set, the cookie is automatically deleted once that date passes. You can also choose to delete the cookies manually before the expiry date. Please consult your browser guide for more information. Below, you will find a link to the provider’s website for each browser, which provides step-by-step instructions on how to block or delete cookies.

• Internet Explorer
• Google Chrome
• Firefox
• Edge
• Safari

Personal data security is of great importance to us. We therefore take appropriate technical and organisational security measures with regard to the processing of personal data to be carried out, against loss or against any form of unlawful processing (such as unauthorized access, corruption, alteration or disclosure of personal data). We constantly update security and pay close attention to what can go wrong.

You can always contact us if you have any questions regarding our privacy and cookie statement. Besides that, you have the following rights regarding your personal data:

• Right of access: you have the right to access the personal data we process about you.
• Right to rectification: you have the right to correct or supplement the personal data we process about you, e.g., if they are incorrect or incomplete.
• Right to object: you have the right to object to the processing of your personal data and to direct marketing.
• Right to erasure: you may request us to erase your personal data.
• Right to withdraw your consent: if you have consented to us processing personal data, you can withdraw your consent at any time.
• Right to data portability: if it is technologically possible, you have the right to have the personal data we process about you transferred to a third party.
• Right to restrict processing: in some cases, you can request that we restrict the processing of your personal data (temporarily or otherwise).

We may ask you for identification to fulfil your request. We require this information to ensure that the requested personal data belongs to the right person.

We will generally comply with your request within one month. However, this period may be extended by two months depending on the specific privacy rights or the complexity of the request. If we extend this period, we will inform you in good time.

If you wish to exercise any of your rights, you can do so by sending an e-mail to info@onewave.agency.

When there is a change in our services, we will also need to change our Privacy and cookie statement. Please consult this Privacy and cookie statement regularly for the most up-to-date information.

If you have any questions or wish to make a complaint about the use of your personal data, please send an e-mail to info@onewave.agency. We will address each question and complaint internally and communicate this further with you. Should you feel we have not been able to help you properly with any questions about your privacy, you have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

For questions about our Privacy and cookie statement or your rights, you can always contact us using the following information:

Onewave the Agency B.V.

Retiefstraat 75a

1092 VZ Amsterdam

E-mail address: info@onewave.agency

Phone number: + 31 20 30 86 332

Chamber of Commerce no.: 71387447