Privacy statement.

One Executive Search B.V. values and respects the privacy of its customers, candidates and business partners and strives to protect the privacy and confidentiality of personal data that is processed by One Executive Search in connection with the services we provide to our clients and candidates. 

One Executive Search will process your personal data carefully and always in accordance with applicable laws and regulations. We take this responsibility serious and have no intention of using your information for anything else than our services.

This Privacy Statement describes how we use your personal data in our operations (as a controller). We collect, use, share and process personal data that are necessary for the purposes mentioned in this privacy statement or that are legally permitted.

In this privacy statement we use a number of terms that have a specific meaning under the applicable privacy rules. At the bottom of this privacy statement is an overview of these defined terms.

One Executive Search has appointed a Data Protection Officer. Do not hesitate to contact our Data Protection Officer if you have questions about the processing of personal data by One Executive Search. If you contact us, you will receive a response within one month.

Name: Merijn van Oijen

E-mail: privacy@executivesearch.one

Regular mail:

One Executive Search B.V.Attn. Merijn van OijenStadsplateau 73521 AZ Utrecht

What do we do with your personal data?

What are personal data?

Personal data are all data relating to an identified or identifiable natural person, such as a name, address, e-mail addresses and e-mails, or a copy of a passport, but also financial data or copies of e-mails and contracts, under the condition that such data relates to a natural person.

What personal data do we collect and process about you?

Your contact details and CV - including your name, address (and proof of address), gender, date of birth, education, work experience, e-mail address, telephone details, nationality, resume and any other information you have provided (such as when you add your own photo to your resume). Under certain circumstances we may also ask you to provide salary details.

Potentially interesting positions - positions that you have responded to or for which we have taken you into consideration and have approached you.

Conversation notes and correspondence - personal reports and notes of contact moments (not limited, but including phone calls, video calls or face to face meetings) and email correspondence with you.

What is our legal basis for the processing of your personal data?

One Executive Search only processes your personal data for legitimate purposes. Moreover, the use of your personal data will always be justified on the basis of one or more of the legal “processing grounds” included in the GDPR. The summary below contains a brief explanation of the different legal processing grounds under the GDPR on the basis of which One Executive Search uses your personal data.

Execution of an agreement - One Executive Search needs your personal data to enter into an agreement with you and / or deliver its services to you.

Legitimate interests - One Executive Search uses your personal data to represent a legitimate interest and its reasons for using your personal data outweigh the disadvantage of your right to protection of personal data.

Legal claims - your personal data are required for One Executive Search to defend you, us or a third party, or to initiate a claim against.

Our legal obligations - we are required to process your personal data according to a legal obligation.

Consent - you have consented to the use of your personal data (in which case you have received a (digital) consent form relating to such use. You can withdraw your consent at any time by sending a notification to our Data Protection Officer.

For what purposes does One Executive Search collect your personal data and on which processing grounds do we trust for their use?

In this section we describe the purposes for which One Executive Search processes the different categories of personal data that it collects. For each processing purpose we have included the applicable processing grounds on the basis of which we justify the use of your personal data:

To assess your application for a specific job - At the moment we receive your application for a specific position or your interest in an open discussion about possible career options, we will use your personal data to assess your suitability for this position and/or other positions.

Processing ground(s) - our service to candidates (execution agreement), explicit consent (you can choose to have your data removed from our database at any time)

In order to be able to offer you suitable functions in the future - Your profile (including your personal data) will also be processed and we will keep you constantly informed about possible suitable functions via email, telephone, newsletters, and social media.

Processing ground(s): our service to candidates (execution agreement), explicit consent (you can choose to have your data removed from our database at any time)

For the benefit of our services to our clients - One Executive Search needs personal information from clients for the execution of our agreement(s) with them. This includes the use of your personal data to ensure that One Executive Search can deliver its services to its clients.

 Processing ground(s) - (preparation of) the execution of an agreement, legal obligations, legitimate interests (to allow us to provide our services and to share personal data between different One Executive Search entities, if applicable).

For marketing purposes - we may use your personal data to contact you by e-mail (for marketing purposes). You can unsubscribe from this marketing communication at any time. We will only bring our own products and services to your attention and will not provide your contact information for this purpose to third parties (with the exception of third parties who process personal data on our behalf, such as social media platforms).

Processing ground(s) - legitimate interests (to enable us to promote our financial services and products), and explicit consent (you can withdraw this permission at any time).

To defend our legitimate interests and change our corporate structure - One Executive Search may share your personal data in connection with legal proceedings or investigations with third parties, such as government agencies and litigating third parties (these third parties are in that case not controllers on behalf of One Executive Search and process personal data for their own purposes). We may also provide your personal data to potential buyers of, or investors in, any part of One Executive Search’ activities in the context of a purchase or investment.

Processing ground(s) - legal obligations, legal claims, our legitimate interests (allowing us to cooperate with law enforcement agencies and regulators and to allow One Executive Search to change its activities).

How long are personal data stored?

Our retention periods for personal data are based on our business needs and legal requirements. We retain personal data as long as necessary for the processing purposes for which the personal data have been collected and all other permitted related purposes. For example, we store certain transaction data and correspondence until the limitation period for claims arising from the transaction has expired or to comply with statutory retention obligations that apply to such data. When we no longer need personal data, we will irreversibly anonymize the data or destroy the data in a safe manner.

Where do we get your personal data from? 

We collect personal data directly from you or via publicly accessible sources (such as LinkedIn, Google or people referring us to you).

Where do we store your personal data?

We store your personal data on IT systems located in the Netherlands, with cloud backup services in the EU and United States of America. All IT service providers act as processors on behalf of One Executive Search.

How does One Executive Search protect my personal data?

One Executive Search and its IT service providers have implemented appropriate technical and organizational measures to secure the processing of personal data. These precautions depend on the sensitivity, format, location, quantity, distribution and storage of personal data, and include measures to protect personal data against unauthorized access. Where applicable, these measures include the encryption of communications over SSL, encryption of information during storage, firewalls, access controls, separation of tasks, and similar security protocols. We restrict access to personal information to staff and third parties who need access to such information for legitimate and relevant business purposes.

All our employees, contractors and third parties who have access to your personal data and act on the instructions of One Executive Search are obliged to maintain confidentiality and we use access controls to restrict access to your personal data to persons who need such access for the execution of their responsibilities and tasks.

One Executive Search has its security and systems regularly monitored. One Executive Search takes the security of its IT infrastructure very seriously.

Do we share your personal data?

One Executive Search could engage other processors to process your personal data on our behalf, including social media platforms for marketing purposes, IT service providers, and other service providers.

Changes to this privacy statement

One Executive Search is authorized to amend this privacy statement in the interim. The most recent version of the privacy statement will be available at all times on the One Executive Search website.

What are your rights?

Under the GDPR you have certain rights with regard to your personal data. These rights are listed below. Questions about the privacy statement of One Executive Search must first be addressed to our DPO.

Please note that certain exceptions apply to the exercise of these rights and so you may not be able to exercise certain rights in all situations:

Right of access - You have the right to access your personal data and can generally access all personal data that we have from you within one month of your request to One Executive Search.

Correction - You can request us to correct inaccuracies in your personal data.

Deletion - You may request us to delete personal data under certain circumstances. In that case, we will take reasonable steps to inform other processors who process the personal data on our behalf that you have requested the removal of links to, and copies or replicas of your personal data.

Limiting processing - You may, under certain circumstances, request us to limit the processing of personal data, for example if the accuracy of your personal data is disputed by you.

Transferability - You may request us to obtain the personal data that you have provided to us that we keep in a structured, current and machine-readable form, for example to send it to a third party.

Submitting a complaint - You can submit a complaint about the processing of your personal data by One Executive Search to the supervisory authority in your country (in the Netherlands, for example, this is the Dutch Data Protection Authority).

These rights are subject to certain exceptions to protect the public interest (for example the prevention or detection of crime) and our interests. We will respond to most requests within a 30-day period.

Some legal terminology defined

According to applicable privacy legislation (including, but not limited to, the GDPR), the terms below have a defined meaning as set out in the summary below.:

GDPRThe European General Data Protection Regulation (EU) No. 2016/679. The GDPR applies from 25 May 2018 in all EU Member States.

Personal dataAny information about an identified or identifiable natural person (“the data subject”); an identifiable natural person who can be identified directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an online identifier or one or more elements characteristic of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

Processing of personal dataAn operation or a set of operations relating to personal data or a set of personal data, whether or not carried out via automated processes, such as collecting, recording, organizing, structuring, storing, updating or modifying, retrieving, consulting, using, providing by means of transmission, distribution or otherwise made available, align or combine, protect, delete or destroy data.

ControllerA natural or legal person, a government agency, a service or any other body that, alone or jointly with others, determines the purpose and means of the processing of personal data; where the purposes and means of this processing are laid down in Union or Member State law, it may specify who is the controller or according to which criteria it is designated.

ProcessorA natural or legal person, a government agency, a service or another body that processes personal data on behalf of the controller.

Special categories of personal dataPersonal data showing race or ethnic origin, political opinions, religious or philosophical beliefs, or membership of a trade union, as well as genetic data, bio-metric data for the unique identification of a person, or data on health, data related to a person’s sexual behavior or sexual orientation are prohibited, or personal data concerning criminal convictions and offenses.