Nmbrs Privacy Statement. 

By using our website and products you agree to the use of your information as described in this Privacy Statement. We process personal information solely in accordance with the European General Data Protection Regulation. (GDPR) We only use data provided explicitly and voluntarily by people visiting our website and information entered by (end)customers of Nmbrs® products. 


Processing through website usage.

When browsing the website Nmbrs processes the personal information you provide in order to request information or services, to receive newsletters, to sign up for an event or to purchase Nmbrs® products and enter into a contract with Nmbrs. The following personal data is processed through our website: 


Identification data 

Corporate information 

(Corporate) Contact information (telephone number(s), 

e-mail addresses etc) 

Account information and passwords



When you provide personal data through the website, your data may be used by Nmbrs and affiliated companies to inform you about relevant products, services and (business) opportunities. Participants in a discussion forum shall, by registration, grant permission for the registration of their data and grant permission for publication on the Internet of the contribution made by them.  


The processing in the Nmbrs® product(s).

In the case that your employer uses the Nmbrs® product(s), we process your personal information for the performance of a contract with your employer, or parties working on behalf of your employer. To provide the Nmbrs® product(s) and services to you, we employ suppliers and (sub)processors. Personal information is only shared with (a selection of) these parties if it is necessary for the performance of our products and services and a lawful basis for processing is present. Nmbrs only employs (sub)processors that ensure your personal information is adequately protected and processed within territories that provide adequate protection levels as obligated by the GDPR. An overview of these parties, or ‘(sub)processors’ is made available at https://www.nmbrs.com/security/subprocessors  We will never share your personal information with parties other than those listed, without your explicit consent, unless it is required by law or court order.


Furthermore your (personal) data is used to improve the quality of our products and services, but only when you are no longer identifiable from that data, by means of aggregation and anonymization. The following personal data can be processed within our products and services:


Identification data (incl. copy ID)

Occupational data 

Residence data 

Education & schooling data 

Social Security number (in Dutch: BSN) 

Leave and absenteeism data 

Contact information (telephone number(s), 

e-mail addresses etc.) 

Performance appraisal data 

Family composition 

Bank account information 

Financial / payroll data 

Employment contract (mutation) data 


Integration with third parties

Customers can integrate third party products and services with the Nmbrs® products and services. These third party integrations are initiated by and at the risk of the customer. Nmbrs has no involvement with the delivery of products and services between customer and their integration partners. Nmbrs accepts no responsibility and/or liability for the exchange of data between those parties.


Processing during the recruitment process

If you apply to a vacancy at Nmbrs and during the recruitment process, Nmbrs has a need to verify your identity, background and capabilities to assess your suitability for the position and match with the company. During this process Nmbrs may use the information you have provided yourself, as well as information provided by your references. As such, Nmbrs will process your personal data where; 

- The type of personal data processed includes but is not limited to : Name, Gender, Age, Nationality, Education, Resume, etc.

- The legal basis for this processing is Consent

- Duration:When hired, the information will become part of your personnel file in the Nmbrs® product. If not, the information will be retained for a period of 2-4 weeks (with a maximum of 1 year if your specific consent is obtained). 

- Transfer: With the exception of the Nmbrs® product, this information will not be shared / transferred to other parties and systems. 


Personal data protection

At Nmbrs, we take your privacy seriously. As such we have implemented technical and organizational measures to ensure your data is protected. Agreements are in place between your employer and Nmbrs, and between us and our suppliers and (sub)processors, specifically with regard to personal data protection. Processing activities, risks and controls are analyzed and monitored continuously and systematically in all phases of our product- and services lifecycle. A breach notification procedure and process is in place to ensure timely and adequate steps can be taken by both Nmbrs and other relevant / affected parties. 


Personal data is processed for the duration of the contract and providing products and services. A data-retention policy is in place to ensure this. A framework is in place to govern personal data protection from an organizational perspective. Nmbrs has an appointed data protection officer (DPO),registered as such with the Dutch Data Protection Authority who oversees GDPR compliance throughout Nmbrs and ensures internal privacy awareness. GDPR-compliance for Nmbrs is not a one-time-effort, but a continuous effort. 


More information about information security at Nmbrs can be found at https://www.nmbrs.com/security  The Nmbrs DPO can be contacted at compliance@nmbrs.nl or +31(0)85 888 9961 (during dutch office hours)


Rights of data subjects

We have established suitable procedures to enable you to find out if your personal data is being processed by Nmbrs and, if so, what such personal data comprises. To enable you to utilize your rights as a data subject: 

  • - Right of access and rectification
  • - Right to erasure or “right to be forgotten”
  • - Right to restriction                  
  • - Right to data portability  

A more in-depth description of your rights as a data subject, you can take a look at https://www.nmbrs.com/en/gdpr

Contact information

A request for access, information or other use of the rights mentioned above, can be done by contacting compliance@nmbrs.com. We will respond to these requests in accordance with the data protection agreements and particularly in accordance with the statutory time limits.

If you are an employee whose employer uses Nmbrs products and services, your request to utilize one the rights mentioned above will be forwarded to your employer as obligated by the data processing agreement between Nmbrs and your employer.

If you would like to know more about how we process and protect personal data at Nmbrs, please contact us by sending an e-mail to compliance@nmbrs.com


Nmbrs uses cookies
Nmbrs "cookies" are used for the service and performance of the website and product. A cookie is a small text file stored on your computer for tracking purposes. A cookie does not identify personal information, but information about your computer usage. You can notify the browser when you receive a cookie, so that you can accept or decline on any occasion. However, rejecting cookies will adversely affect the functionality and usefulness of the website.



Typing and spelling errors reserved. Nmbrs reserves the right to change this Privacy Statement. Therefore, we encourage you to consult this page so that you are always aware of the latest version. We will inform you timely when important changes will be made to this Privacy Statement.

On the website you will find links to third party websites. Although these websites are carefully selected, Nmbrs is not responsible for dealing with your personal information by these third parties. Please read the privacy statement of the website you are visiting.


This statement was last updated / modified on: 23 June 2020.