The GDPR entered into force in Europe from 25 May 2018.
Below you will find answers to some important questions regarding the GDPR.
These are of a general nature and apply to all Mercell Source-to-Contract solutions.
Is Mercell Source-to-Contract ready for the GDR?
Yes, Mercell Source-to-Contract meets the GDPR guidelines.
Are the personal data stored in Mercell Source-to-Contract solutions shared with others?
Mercell Source-to-Contract never shares personal information with others.
Has Mercell Source-to-Contract taken technical measures to guarantee the safety of personal data?
Mercell Source-to-Contract has taken all technical measures that are necessary for the protection of personal data, in accordance with the applicable standards.
Does Mercell Source-to-Contract have a Processor Agreement that applies to our organization?
Yes, you can find it on the Mercell Source-to-Contract website, click here.
Can Mercell Source-to-Contract remove personal data from software solutions?
That is possible. However, only the person who manages the Mercell Source-to-Contract account of an organization can submit a request for deletion of personal data. This person is the representative of the controller. If a person / individual (Data Subject named in the GDP) wants to be removed, the representative (manager / admin) of the organization account must be contacted for this.
Note: If you have participated in tenders, keep in mind that your account, and therefore your personal data, cannot be deleted due to legal archiving principles.
Does Mercell Source-to-Contract also process 'Special' personal data?
Mercell Source-to-Contract is not designed with the idea that special personal data will be processed.
The Mercell Source-to-Contract platform is suitable for processing 'normal personal data' of its users and is not specifically suitable for processing special personal data.
Special personal data are
religion or belief;
variety;
political preference;
health;
sexual life;
membership of a trade union;
criminal history;
BSN.
How does Mercell Source-to-Contract handle personal data in the event that a Dynamic Purchase System is set up?
Mercell Source-to-Contract policy and advice to Customers, in the case of a DAS, is not to request special information. It is our Customers' responsibility to determine which (personal) data is requested.
Can Mercell Source-to-Contract remove personal data from a tender?
Our customers own the contents of a tender and are responsible for the processing of personal data. Mercell Source-to-Contract can only investigate whether data can be removed from a tender at the request of the representative of the controller. This must be done through a written request via privacy@negometrix.com.
Has Mercell Source-to-Contract ever had to deal with a data breach of personal data?
No