Privacy and cookie statement RIFF

This privacy and cookie statement was last amended on 14-09-2023

This privacy and cookie statement applies to the group RIFF Nederland B.V. in Amsterdam, including its subsidiary RIFF Digital Engagement B.V. (hereinafter collectively: “RIFF”). This statement gives you, as a user of our website (, contact person of our customer, applicant, or person who wants to contact us for another reason, insight into the data that RIFF processes, the purposes for which we process it and the way in which the data is processed.

RIFF respects the privacy of all involved and ensures that the personal information you provide is treated confidentially. RIFF adheres to the General Data Protection Regulation (GDPR). This means that we:

  • Clearly state our purposes before we process your personal data, through this privacy statement;
  • Store as little personal data as possible and only the data that is necessary for our purposes;
  • Take necessary security measures to protect your personal information. We also impose these obligations on parties that process personal data for us;Respect your rights, such as the right to inspect, correct or delete the personal data processed by us.

If you have any questions regarding this statement or about exactly what data we keep about you, please contact us using the contact details at the bottom of this statement.

Data processing


When you contact RIFF via email, a completed contact form, or otherwise, we will use such messages to answer your request or question. We keep your data for as long as necessary for this contact, or up to a maximum of 2 years after we last had contact with you. For this we use the following personal data:

  • Name and function;
  • Contact details;
  • Company details;
  • Other personal data that you provide in your message.


On our website we present various references about our services. In this way we try to give you a complete picture of our products and how our clients make use of these in practice. For this we use the following personal data::

  • Name of the reviewer;
  • Function of the reviewer;
  • Reviewer’s photo.

We need this information to assess the reference and to be able to publish it on the website. The ground for processing this data is permission: all reviewers are expressly asked for permission before a reference is placed on our website. This consent can be withdrawn by the reviewers at any time by contacting us. We keep the data until the reference has lost its relevance or in case the permission has been withdrawn.


When you are a client with us, we can use the business e-mail address known to us for commercial communication. You can also give us permission to use the business email address for unsolicited commercial communications, such as our newsletter or event announcements. You can withdraw your consent for this at any time via the link in the newsletter or by indicating this to your contact person. We store your business e-mail address in the newsletter database until you have withdrawn your consent.

Recruitment and selection

We offer various vacancies on our website. You also have the option to apply directly to LinkedIn for jobs we offer, using your LinkedIn account. When you apply for a job with us, we collect the following personal data:

  • Name and address;
  • Gender;
  • Date and country of birth;
  • Contact details;
  • Content of your CV (such as information about study and employment history);
  • Content of your motivation letter;
  • Salary indication;
  • Availability;
  • Any references provided.

We collect this data to process your application, and in preparation for the possible agreement of an employment contract, or in the case of self-employed persons, an assignment agreement.

We store the application data for a maximum of six weeks after the position has been filled. We keep this information so that we can still contact you if the position becomes available again within the probationary period. If we are currently unable to offer you a position, we can – with your permission – store your application data for another year. You can withdraw your consent at any time by sending us an email. If you come to work for us, we will store your application data in your personnel file. This file is kept for as long as necessary and, regarding the application data, up to a maximum of 2 years after employment.


In order to provide our services, we use the name and contact details of the contact person(s) of our clients. For the implementation of our services, we also use data from end customers of our clients and visitors to their social media channels. We are the processor regarding this data. This is because we only process this data on your behalf and will not use this personal data for our own purposes. We only use the aggregated data to improve our services. This means that you must properly inform the data subject yourself about what you use the personal data for, including when using our service.

Visiting our offices

When you come to one of our offices on location, we register this in the agenda. We use the following data for this:

  • Name;
  • Contact details;
  • Company details;
  • Appointment details.

We store this data for a maximum of 1 year after the appointment has been made.

Sharing with third parties

We share personal data with third parties if:

  • we have engaged these parties to process certain data;
  • it is necessary to perform the agreement we have made with you;
  • you give permission for this;
  • we have a legitimate need to do so;
  • we are legally obliged to do so.

The third parties that we have engaged to process certain data may only process the data on written (sub) assignment from us. We require these parties to process such data on our instructions and in accordance with this statement, in a confidential and secure manner. The following third parties process your personal data on our behalf:

  • IT service providers;
  • Our cookie suppliers;
  • The telecom suppliers;
  • The suppliers of the administration tools;
  • The consultants and advisors engaged by us;
  • Online platforms that we use to support our services.

We will only provide your personal data to other companies or institutions if we have good faith that the processing of such data is reasonably necessary to comply with any applicable laws and regulations or an enforceable request from an official body, to resolve, detect, prevent or otherwise act upon issues and we have a legitimate interest in doing so, to protect the rights, property or safety of RIFF or the public against imminent danger to the extent permitted or required by law, or because we have received express permission from you to do so.

Regarding third countries, countries outside the European Economic Area, personal data will only be transferred if we are sure that appropriate safeguards have been taken to protect your privacy.


We use cookies on our website ( Cookies are information files that can be automatically stored on, or read from, the visitor’s device (such as PC, tablet, or smartphone) when visiting a website. This table shows which cookies are used.

Essential cookies

Name Provider Purpose Expiry date Type
_ga_RRL6BVPMET Tracking cookie from Google Analytics. Cookie analyses user activity on the webpage to collect data. HTML
pll_language Stores the user’s preferred language on the website. 1 year HTTP
CookieConsent Stores the user’s cookie status for the current domain 1 year HTTP
PHPSESSID Tracks user session status for all page requests. 1 year HTTP

test_cookie Used to check whether the user’s browser supports cookies. 1 year

On your first visit to our website, you will be given the option to allow, or not, the use of certain cookies. If you have previously indicated that you wish to use cookies, you can withdraw this permission at any time. Please note that you should then manually remove the cookies from your browser. You can disable cookies via the browser, but some aspects of our website may then no longer work properly. We have made agreements with other companies that use cookies about the use of those cookies, however, we do not have full control over what they do with data from the cookies. We therefore recommend that you consult the privacy statement of these parties.

Necessary user-preference cookies

These cookies are necessary for the performance of the requested service or the display of the requested website and the associated functionality. Examples of such cookies are load balancing cookies and cookies that remember the user’s language preference during the browser session. These cookies are not stored longer than the relevant browser session. After you have given permission for the use of cookies on our website, our servers record the data that the browser sends from your peripherals to the server on which the requested information is located. Server log files are kept of this: these contain data such as your web request, IP address and information about the browser used such as browser type, browser language and the date and time of your request (log data).

Statistical cookies

This information is used to compile website statistics, to obtain a picture of popular web pages and see which third party websites link to our sites. We intend to use this data – including your IP address and aggregated visit data – to locate/detect any problems with our server or other technical problems with the website and/or services and to detect misuse thereof, as well as to improve our website.

Marketing cookies

These cookies can track users across different websites and thus enable targeted advertisements, for example. These cookies allow us to track you across multiple channels and see how you behave on our website and on other websites. For example, we can see that you have visited our LinkedIn page or clicked on one of our externally placed advertisements. With that information we can make advertisements, newsletters and offers more relevant to your company, improve your user experience and we can show you the relevant content and advertisements.

Social media

Our website includes social media buttons for Facebook, Twitter, Instagram, and LinkedIn. With the help of these social media buttons, you can choose to indicate via your own social media account with the services that you are interested in our products and services. If you click on a social media button, the relevant social media service may use one or more cookies to recognize you. This will then be visible to the visitors of your personal social media website pages. When using social media websites, the relevant terms and conditions of that social media service are applicable:

  • Facebook (privacy statement);
  • Twitter (privacy statement);
  • Instagram (privacy statement);
  • YouTube (privacy statement);
  • LinkedIn (privacy statement).


We appreciate the trust you place in us, and we will therefore manage your data with the utmost care. RIFF takes appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of data.

New developments/changes

This privacy and cookie statement may be amended from time to time, for example to align with the applicable laws and regulations. If this statement is amended, this will be announced promptly on the website.

Rights of data subjects

RIFF makes every effort to allow users of its website and other data subjects to exercise their legal rights. You have the following rights:

  • Explanation of what personal data we have and what we do with it;
  • Insight into the exact personal data we have;
  • Correction of errors;
  • Deletion of (outdated) personal data;
  • Withdrawal of consent;
  • Restrict data processing;
  • Obtain your personal data in digitally readable standard format for transfer;
  • Object to a particular use

RIFF will ask the requester to identify themselves before processing such requests. RIFF will communicate its decision to the person concerned in writing within four weeks of receipt of the request. This period may be extended for reasons related to the specific rights of data subjects or the complexity of the request. If we extend this period, we will inform you in a timely manner. RIFF will perform this service as quickly as possible and at its expense, unless the request is clearly unfounded or excessive (for example, if we receive many requests from one person).

If you have questions or a complaint about the processing of your personal data by RIFF, you can easily make this known to RIFF free of charge in the following ways:

  • By e-mail:
  • By phone: +31736487070.

Filing a complaint

If you think that we are not helping you in the right way, you have the right to submit a complaint to the supervisory authority. This is called the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Contact details

  • RIFF Nederland B.V.
  • Joan Muyskenweg 22
  • 1096CJ Amsterdam
  • KVK number: 69468982
  • Phone: +31883450300
  • E-mail: