Privacy, disclaimer and cookies

Privacy Statement

SiRM – Strategies in Regulated Markets B.V.
Stadsplateau 17, 3521 AZ Utrecht, The Netherlands
www.sirm.nl
Version: October 2025

1. General information

  1. SiRM takes your privacy seriously. We process personal data when you use our website or our services, or when you provide such data to us yourself (for example via email or a form).
  2. Within the meaning of the General Data Protection Regulation (GDPR), SiRM is the data controller.

2. Personal data we process

We may process the following personal data:

  • Name and contact details (such as email address, telephone number, organisation)
    Other information you provide to us via email
  • IP address, browser data and device information
  • Information about your use of our website
  • Application data (CV, cover letter, correspondence)

3. Purposes and legal bases for processing

SiRM processes personal data solely for legitimate, specified purposes and on the basis of a legal ground as set out in Article 6 GDPR. The purposes and corresponding legal bases are:

  • Carrying out consultancy assignments and agreements with clients, preparing quotations, maintaining contact and performing administrative activities necessary for the provision of our services (legal basis: performance of a contract).
  • Responding to contact requests/inquiries via the website and analysing website usage to improve our website (legal basis: legitimate interest). SiRM concludes that this processing is necessary for its business operations and has a limited impact on the privacy of data subjects.
  • Sending newsletters (legal basis: consent).
  • Recruiting new employees (legal basis: consent).
  • We do not use your data for other purposes and do not sell it to third parties.

4. Retention periods

We do not retain your personal data longer than necessary for the purposes for which it was collected:

  • Contact requests: up to 1 year after the request has been handled.
  • Client data: up to 7 years after the end of the collaboration (due to statutory tax retention obligations).
  • Application data: up to 4 weeks after completion of the recruitment procedure, unless you give consent to retain your data for a longer period (up to a maximum of 1 year).
  • Newsletter data: until you unsubscribe.
  • Website logs: up to 14 months (Google Analytics, anonymised).

5. Sharing personal data with third parties

We only share personal data with parties that provide services on our behalf (“processors”), such as:

  • Microsoft 365 (communication and storage)
  • Web hosting provider and website administrator
  • Google Analytics (anonymised statistics)
  • Data processing agreements have been concluded with all these parties to ensure an appropriate level of security.

6. Cookies and website analytics

SiRM uses functional and analytical cookies. Analytical cookies are only placed if they are anonymised (for example via Google Analytics). For more information, please see our cookie statement at www.sirm.nl.During your first visit, you can refuse or adjust non-essential cookies; this can also be done later via the cookie settings on our website.

7. Security of personal data

SiRM is NEN7510 and ISO27001 certified and has implemented an information security management system with appropriate control measures to prevent misuse, loss, unauthorised access and unwanted disclosure. Examples include:

  • Secure connection (Secure Socket Layer)
  • Strong passwords and multi-factor authentication
  • Access restrictions based on job role
  • Regular staff training on information security

8. Your rights

You have the right to access, rectify, erase, restrict processing of, and transfer your personal data, as well as the right to object to processing. You may submit a request to info@sirm.nl.

For verification purposes, we may ask you to provide proof of identity, in which case you should redact your citizen service number (BSN), photo and the Machine Readable Zone.

We will respond to your request within four weeks.

9. Complaints

If you have a complaint about how we handle your personal data, please contact us via info@sirm.nl. If we are unable to resolve the matter together, you may submit a complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) via www.autoriteitpersoonsgegevens.nl.

10. Changes

This privacy statement may be amended in the event of changes to our working methods or legislation. The most recent version is always available at www.sirm.nl.

11. Data protection contact person

For questions about this privacy statement, please contact: Pam van der Meer – Information Security Contact Person via info@sirm.nl.

Disclaimer

This disclaimer sets out the conditions under which we provide the information and any related services offered to you as a visitor to the website.

View disclaimer

Cookies

SiRM uses various cookies on its website. A cookie is a small text file that is stored by the browser of your computer, tablet or smartphone during your first visit to this website.

View cookie statement Cookie settings