Bezoekers BNG kantoor

Visitor registration

Processing	Description / Purposes	Categories of personal data	Special category personal data and criminal offence data	Basis
Access badge	managing access to the BNG office preventing unauthorised access investigating security incidents being able to find out who was present during emergencies or security incidents supporting operational processes such as evacuations	First and last name Date of visit Access badge number	Not applicable	Legitimate interest (Article 6 (1)(f) GDPR) – guaranteeing the physical security of the BNG office, protecting employees, visitors and company assets and complying with internal security guidelines and legal obligations.
Visitor registration (check-in and check-out)	managing access to the BNG office preventing unauthorised access safeguarding safety and security supporting facility processes, such as parking management providing proper reception and supervision of visitors being able to find out who was present during emergencies or security incidents	Visitor's first name and last name First and last name of (co-)host Date and time of visit, including arrival and departure Contact details (email, telephone number) Visitor organisation/company Parking preference - Registration number	Parking space for disabled persons	Legitimate interest (Article 6 (1)(f) GDPR) – delivering the physical security of the office, protecting employees, visitors and assets, facilitating safe and welcoming reception and complying with internal security guidelines and legal obligations.

Processing

Access badge

Description / Purposes

managing access to the BNG office
preventing unauthorised access
investigating security incidents
being able to find out who was present during emergencies or security incidents
supporting operational processes such as evacuations

Categories of personal data

First and last name
Date of visit
Access badge number

Special category personal data and criminal offence data

Not applicable

Basis

Legitimate interest (Article 6 (1)(f) GDPR) – guaranteeing the physical security of the BNG office, protecting employees, visitors and company assets and complying with internal security guidelines and legal obligations.

Processing

Visitor registration (check-in and check-out)

Description / Purposes

managing access to the BNG office
preventing unauthorised access
safeguarding safety and security
supporting facility processes, such as parking management
providing proper reception and supervision of visitors
being able to find out who was present during emergencies or security incidents

Categories of personal data

Visitor's first name and last name
First and last name of (co-)host
Date and time of visit, including arrival and departure
Contact details (email, telephone number)
Visitor organisation/company
Parking preference - Registration number

Special category personal data and criminal offence data

Parking space for disabled persons

Basis

Legitimate interest (Article 6 (1)(f) GDPR) – delivering the physical security of the office, protecting employees, visitors and assets, facilitating safe and welcoming reception and complying with internal security guidelines and legal obligations.

Camera surveillance

Processing	Description / Purposes	Categories of personal data	Special category personal data and criminal offence data	Basis
Camera monitoring (CCTV surveillance)	Securing people, property, confidential information and buildings Preventing and registering incidents, such as theft, vandalism, burglary or unauthorised access Monitoring who enters or leaves the building in support of physical access security Making footage available for internal investigations or providing them to competent authorities in the event of criminal offences.	Visual images of people (face, body, clothing) Time and location of presence Behaviour or actions captured on camera footage	Not intentionally processed, but possibly visible in camera footage: Physical characteristics, clothing or symbols that may indicate racial or ethnic origin Expressions or symbols reflecting political opinions (e.g. flags, banners, clothing or slogans) External characteristics, clothing or symbols that (may) indicate religious or philosophical beliefs (such as a headscarf, a skullcap or a cross). Use of medical devices (for example a wheelchair or crutches) Possible involvement in a criminal offence (such as theft, destruction or unauthorised access).	Legitimate interest (Article 6 (1)(f) GDPR) – providing for the safety of employees, visitors, property and confidential information and preventing and investigating incidents, such as theft, vandalism or unauthorised access. For the unintentional processing of special category personal data: the personal data has been manifestly made public by the data subject (Article 9 (2)(e) GDPR)

Processing

Camera monitoring (CCTV surveillance)

Description / Purposes

Securing people, property, confidential information and buildings
Preventing and registering incidents, such as theft, vandalism, burglary or unauthorised access
Monitoring who enters or leaves the building in support of physical access security
Making footage available for internal investigations or providing them to competent authorities in the event of criminal offences.

Categories of personal data

Visual images of people (face, body, clothing)
Time and location of presence
Behaviour or actions captured on camera footage

Special category personal data and criminal offence data

Not intentionally processed, but possibly visible in camera footage:

Physical characteristics, clothing or symbols that may indicate racial or ethnic origin
Expressions or symbols reflecting political opinions (e.g. flags, banners, clothing or slogans)
External characteristics, clothing or symbols that (may) indicate religious or philosophical beliefs (such as a headscarf, a skullcap or a cross).
Use of medical devices (for example a wheelchair or crutches)
Possible involvement in a criminal offence (such as theft, destruction or unauthorised access).

Basis

Legitimate interest (Article 6 (1)(f) GDPR) – providing for the safety of employees, visitors, property and confidential information and preventing and investigating incidents, such as theft, vandalism or unauthorised access.
For the unintentional processing of special category personal data: the personal data has been manifestly made public by the data subject (Article 9 (2)(e) GDPR)

Meetings

Processing	Description / Purposes	Categories of personal data	Special category personal data and criminal offence data	Basis
Meetings	Organising and facilitating meetings supporting operational processes, such as catering and room allocation being able to communicate with participants about practical information or changes.	First and last name Contact details (email, telephone number) Organisation/company Job title (if specified) Date and time of visit, including arrival and departure Any dietary requirements or preferences (in the case of catering) Registration of attendance	Dietary requirements may indirectly reveal information about health aspects (for example, allergies) or religious beliefs (for example, halal, kosher).	Legitimate interest (Article 6 (1)(f) GDPR) – organising and facilitating meetings and events, providing for safety and supporting operational processes such as catering and communication. Data subject’s consent (Article 6 (1)(a) and Article 9 (2)(a) GDPR) – to share any dietary requirements

Processing

Meetings

Description / Purposes

Organising and facilitating meetings
supporting operational processes, such as catering and room allocation being able to communicate with participants about practical information or changes.

Categories of personal data

First and last name
Contact details (email, telephone number)
Organisation/company
Job title (if specified)
Date and time of visit, including arrival and departure
Any dietary requirements or preferences (in the case of catering)
Registration of attendance

Special category personal data and criminal offence data

Dietary requirements may indirectly reveal information about health aspects (for example, allergies) or religious beliefs (for example, halal, kosher).

Basis

Legitimate interest (Article 6 (1)(f) GDPR) – organising and facilitating meetings and events, providing for safety and supporting operational processes such as catering and communication.
Data subject’s consent (Article 6 (1)(a) and Article 9 (2)(a) GDPR) – to share any dietary requirements

Visitors to the BNG office