Privacy Statement for Applicants


As Zestgroup (including its companies such as Zest Consultancy, Zest Academy, Zest Industries, Zest Utilities and Zest Purchasing), we want to meet the requirements of the General Data Protection Regulation (GDPR) as an organization.

In our service, we gather your personal data. In this document we explain which data we gather & store, and for what purpose we use it. The provision of our consultancy services automatically leads to a collaboration with employees in your organization. This collaboration may occur on the one hand in the role of a temporary colleague, but also in the role of client and of course also in the form of the person who is responsible for credit management.

As your supplier of consultancy services, we believe it is important to provide you with information about:

  • The personal data that we process from you
  • The way we do that
  • The provision of data to others within or outside Europe
  • How long we store your data
  • How we protect this data

In addition, we want to inform you about your rights via this privacy statement. Finally, we would like to let you know where to go with questions, requests or complaints. We ask you to read this information carefully.

Important definitions and Basic principles

Personal data refers to any information on an identified or identifiable natural person. This contains the information you provide us with in the context of the mutual administration, but also the names, business email addresses and business telephone numbers that you, or your employees, share with us.

The processing of personal data refers to all actions that we can carry out with your personal data. This is therefore a very broad concept. Actions include: collecting, recording, organizing, storing, updating, modifying, retrieving, consulting, using, forwarding, distributing, making available, bringing together, relating, shielding, erasing and destroying of data.

The primary basic principles when processing personal data are:

  • Purpose binding: data may only be processed for a specific and explicitly defined purpose. This means that it should be considered why data must be processed (purpose) and what the necessity is for the data (principle of necessity: subsidiarity and data minimization).
  • Basis: there must be a foundation for every data processing. A basis is a term from the legislation. A number of principles are stated in the law. Only when we can use one of these bases, we may process data.
  • Proportionality: this principle means that the infringement of the interests of the person involved in the processing of personal data may not be disproportionate in relation to the purpose of the processing.
  • Rights: data subjects have rights with regard to the personal data processed about them. This concerns the right to information that is collected, on inspection, a copy, supplement, correction, and removal.
  • Subsidiarity: it must be examined whether the purpose of the processing can also be achieved in another way that reduces privacy.
  • Transparency: data subjects, whose data are processed, must know which personal data is being processed, for what purpose (where appropriate) and how they can exercise their rights.
  • Responsibility: the person responsible for the processing of personal data must account for taking measures that implement the basic principles with respect to the processing of personal data.
  • Carefulness: the data must be treated ‘neatly’. This relates on the one hand to taking security measures and on the other hand to more organizational and cultural characteristics of dealing with data.

This Privacy Statement applies to Zestgroup BV and its affiliates, collectively referred to as “Zestgroup“.

Foundations on which we are allowed to process your data according to the law

We process your data for one or more of the following reasons, as mentioned in the General Data Protection Regulation (GDPR):

  • To be able to decide whether we want to enter into an employment contract with you.
  • For the conclusion and / or performance of the employment contract.
  • To comply with a legal obligation (for example: the correct payment of taxes and premiums or the identification obligation).
  • Because we, as an organization, have a legitimate interest in this (for example: the situation in which a legal procedure imminent).
  • A situation of vital importance (for example: in an emergency situation, such as an accident or a condition where acute care is needed for you).
  • We need your clear and unambiguous consent for certain actions.

Obligation to provide data

You are obliged to provide us with the requested information if it is necessary for us to process this data in order to enter into, for example, an employment contract, to execute it and / or to comply with a legal obligation. In those cases, you can not refuse to provide the data. If you do, it may mean that we do not hire you or you can not use certain facilities.

Data we process from you

We only process the following data from you:

  • Your name, first names, initials, possible title, gender, date of birth, address, Postal Code, place of residence, telephone number and other information that we need to be able to communicate with you, such as your email address.
  • Information about courses and internships you have followed.
  • Information about the job you are applying for and your motivation to apply for this.
  • Data concerning the nature and content of your current job, and data about the termination of that current job.
  • Information about the nature and content of the previous jobs you have had and information about the termination of those jobs.
  • Other details with a view to fulfilling the function, which have been provided by you or which are known to you, such as the references.
  • Other data necessary for the implementation or application of a law.

The processing of the above data is only for one or more of the following purposes:

  • The assessment of your suitability for a position that is or can be available.
  • Internal control and company security.
  • The implementation or application of a law.

With the invitation for the first (introductory) meeting, we will ask you for permission to store and process the data. We store the data in the personnel file to be created. If at some point you decide to stop the application, we will delete the data and ask you only to keep your name and date of birth for another 6 months, so as to be sure that we will not approach you again unnecessarily. If we decide to continue and eventually enter into an employment contract, the data will remain in the file (see also the details for the employee below). No questions are asked about health and absenteeism during the application procedure. If there are reasons that may limit a future commitment to a customer, then we assume that you will report these information.

Storage of your personal data

When storing personal data, our basic principle is that we do not store data longer than necessary for the purpose for which we have processed it. As far as there are, we observe the statutory retention periods. Data may be retained by us for longer if we have a legitimate interest in it (for example, when legal proceedings are underway or have been announced and we must be able to defend ourselves).

Securing your personal data

The security of your personal data is well regulated by us through physical, administrative, organizational and technical measures. We therefore have an appropriate level of protection. We also update this periodically if necessary.

Part of the security is also the reporting and handling of data leaks. A data breach is a violation of the security of personal data, whereby personal data (permanently) are lost, or unlawful processing can not reasonably be excluded.

Your rights

Under the terms of the General Data Protection Regulation (GDPR), you have the right to ask us for the personal data that we process from you:

  • Access your data
  • A copy of your data
  • To receive information about the processing of your data (this privacy statement also applies for this, but you may still have questions that are not answered).
  • Information to be corrected that is actually not correct.
  • Complete incomplete information when needed for the purpose for which the data is processed.
  • In certain cases to have your data removed. Please note: we do not have to comply with this if we still have a legitimate interest in (longer) storage of data or in order to comply with a statutory duty or on the basis of another reason stated in the law.
  • In certain cases to “limit” the data that we process from you. Please note: we strive to collect as little data as possible (data minimization).
  • In certain cases to object to the use of your data.
  • If you have given permission for the use of your data to withdraw permission. The withdrawal then applies to future use of your data.
  • If you supplied the data yourself or if data was created by you and you have given permission for this or the data are required for the execution of the agreement, and if the data is digitally processed: to get your data in a standard format and, if this is technically possible, transfer this data to another party in this way.
  • Submit a complaint to the competent organization that monitors compliance with the privacy legislation in the Netherlands. In the Netherlands, this is the Dutch Data Protection Authority (AP) in The Hague. In this case, we would appreciate it if you first contact us to see if we can solve your complaint.

If you wish to invoke your rights, you can contact the contact persons mentioned in this privacy statement. If we have good reasons to refuse your request, we will explain why this is so.


If you have questions, requests or complaints about the processing of your personal data, please contact:

Adaptation of the privacy statement

We reserve the right to amend this privacy statement. If this is a major change, we will inform you accordingly.

Date of this privacy statement

This privacy statement is from May 22, 2018.


Want to know more?

More information, contact, apply; we'd love to hear from you!