Protecting data and privacy

PostNL believes that it is vital to handle the personal data of its customers and consumers with due care and adheres to all applicable laws and regulations. The most notable of these is the General Data Protection Regulation (GDPR), which is further elaborated on in the General Data Protection Regulation Implementation Act.

We have established a Group Policy on Privacy which outlines the fundamental principles we adhere to as a company regarding the use of personal data. These principles are in line with PostNL's Business Principles. We strive to provide high-quality services, in which reliability is an important factor. We therefore view the protection and careful handling of personal data as an important precondition for further innovation and development of our services. To help achieve this, we have set up governance, processes and procedures to adequately implement 'accountability' in the field of the protection of personal data. This includes a processing register, a reporting process for data breaches, process for handling the rights of the person concerned, implementation of data privacy impact assessments, and the application of the Privacy by Design principle in development of new processes and systems.

PostNL also established a data governance board to provide oversight on how we use and protect data. The Board discussed different data-related topics, including, for example, digital ethics. To the best of our knowledge, there were no substantiated complaints received from customers in relation to breaches of their privacy.