The GDPR entered into force in Europe from 25 May 2018.

Below you will find answers to some important questions regarding the GDPR.

These are of a general nature and apply to all Mercell Source-to-Contract solutions.

Is Mercell Source-to-Contract ready for the GDR?

Yes, Mercell Source-to-Contract meets the GDPR guidelines.

Are the personal data stored in Mercell Source-to-Contract solutions shared with others?

Mercell Source-to-Contract never shares personal information with others.

Has Mercell Source-to-Contract taken technical measures to guarantee the safety of personal data?

Mercell Source-to-Contract has taken all technical measures that are necessary for the protection of personal data, in accordance with the applicable standards.

Does Mercell Source-to-Contract have a Processor Agreement that applies to our organization?

Yes, you can find it on the Mercell Source-to-Contract website, click here.

Can Mercell Source-to-Contract remove personal data from software solutions?

That is possible. However, only the person who manages the Mercell Source-to-Contract account of an organization can submit a request for deletion of personal data. This person is the representative of the controller. If a person / individual (Data Subject named in the GDP) wants to be removed, the representative (manager / admin) of the organization account must be contacted for this.

Note: If you have participated in tenders, keep in mind that your account, and therefore your personal data, cannot be deleted due to legal archiving principles.

Does Mercell Source-to-Contract also process 'Special' personal data?

Mercell Source-to-Contract is not designed with the idea that special personal data will be processed.

The Mercell Source-to-Contract platform is suitable for processing 'normal personal data' of its users and is not specifically suitable for processing special personal data.




Special personal data are


religion or belief;
variety;
political preference;
health;
sexual life;
membership of a trade union;
criminal history;
BSN.

How does Mercell Source-to-Contract handle personal data in the event that a Dynamic Purchase System is set up?
Mercell Source-to-Contract policy and advice to Customers, in the case of a DAS, is not to request special information. It is our Customers' responsibility to determine which (personal) data is requested.

Can Mercell Source-to-Contract remove personal data from a tender?
Our customers own the contents of a tender and are responsible for the processing of personal data. Mercell Source-to-Contract can only investigate whether data can be removed from a tender at the request of the representative of the controller. This must be done through a written request via privacy@negometrix.com.

Has Mercell Source-to-Contract ever had to deal with a data breach of personal data?

No