Privacy Policy

Privacy Policy

Dils is the trading name of Dils Netherlands BV In accordance with and for the purposes of Article 13 of Regulation (EU) 2016/679 on the protection of personal data (‘ GDPR ‘), this text explains how we protect the privacy of visitors to the company website www.dils.nl (‘ Website ‘ ) and to the various sites operated by Van Gool Elburg Vastgoedspecialisten BV (‘ Project Websites ‘ ), describing how we collect, process and protect personal information, what rights are guaranteed to data subjects, and how to contact us.

Personal data is information relating to an identified or identifiable natural person, defined as a ‘data subject’ (hereinafter also referred to as a ‘User’), such as personal details, contact details (telephone, email) and browsing data.

Data controller

The controller, who determines the purposes and means of processing personal data, and to whom one may turn to exercise the rights recognized by the GDPR, is: Dils Netherlands BV

Mediation in the acquisition, alienation and rental and leasing of mainly commercial real estate, carrying out promotional activities for third parties, and providing consultancy services in the aforementioned areas

Dils Netherlands BV
Gustav Mahlerplein 72 | 1082 MA | Amsterdam
VAT. No. NL0073.12.969.B.01 | Chamber of Commerce No. 33,180,131.

The Data Controller can be contacted by sending an email to privacy.netherlands@dils.com or by post to the Data Controller’s address, stating the reason for the request.

Sources and categories of processed data, nature of data provision and processing methods

The personal data processed is primarily collected from the User when they visit the Website or Project websites or use the services offered. These guidelines analyze the personal data processed in the various sections of the Website or Project websites and only regulate the processing of personal data that takes place on the Website or Project websites, not on other websites to which the User is redirected.

We may also obtain information from other sources. For example, we may collect information about you from third parties, including social media platforms, data enrichment services, vendors and partners, and publicly available sources. If you create an account or log in through a third party, we may have access to certain information from that site, such as your name, account information, and other information you choose to provide, in accordance with the authorization procedures established by the third party.

Contact section for brokerage and real estate advisory services

Dils collects, through the Website and the various Project Websites, the personal data that Users voluntarily provide by completing the dedicated contact form regarding brokerage and real estate advisory services, real estate projects or individual properties promoted on the Website or Project Websites.

The following data is collected in this section:

(i) first and last name
(ii) email address and telephone number
(iii) additional fields to describe the User’s request

Dils cannot perform a preliminary check on the information entered in the free-to-fill fields by the User.

Providing information in these sections is optional. If the User chooses not to provide this information, the contact request to Dils cannot be sent and Dils will therefore be unable to respond.

Purposes of the processing

The personal data provided will be processed to respond to contact requests sent by Users to Dils via the form, and in particular:

  1. To fulfill the User’s specific contact request.
  2. To comply with contractual obligations and/or obligations arising from EU law, legislation and regulations and provisions of competent authorities and supervisory bodies.
  3. To send newsletters, promotional messages regarding properties or other real estate projects (including related events or promotional activities), market research, and commercial communications, via both automated and traditional contact methods. In this context, we use, among other things, obtained email addresses and telephone numbers to contact individuals or companies for commercial purposes.

Legal basis

The processing of personal data for the purposes referred to in points 1 and 2 is based on the principle laid down in points (b) and (c) of Article 6(1) of the GDPR, according to which processing is lawful when it is necessary for the performance of a contract or for measures taken at the request of the data subject prior to entering into a contract, or for compliance with a legal obligation.

Pursuant to Article 6, paragraph 1, point (a) of the GDPR, the processing of personal data for the purposes referred to in point 3 is based on the User’s specific consent. This consent may be withdrawn at any time, without prejudice to the lawfulness of processing before its withdrawal, in accordance with the instructions in the “Rights of the Data Subject” section.

The processing of personal data in relation to the purposes mentioned in point 3 is also based on Article 11.7, paragraph 4 of the Telecommunications Act, which permits communication by e-mail without prior consent for the purpose of offering own, similar products or services to existing customers, provided that they were adequately informed when obtaining their contact details and were offered the option to unsubscribe.

Finally, the processing of personal data in relation to the purposes mentioned in point 3 is also based on Article 11.7, paragraph 3 of the Telecommunications Act, which permits communication by e-mail without prior consent for the transmission of unsolicited communications for commercial, ideological or charitable purposes to legal entities or natural persons acting in the exercise of a profession or business, where use is made of electronic contact details used and made known by the end-user for receiving unsolicited communications for commercial, ideological or charitable purposes, or if the end-user is established outside the EEA and the regulations applicable in the relevant country are met.

Data retention period

For the purposes mentioned in points 1 and 2, Personal Data will only be kept for as long as necessary to recontact the User and for a period of up to 12 months following the response to the User’s request, in order to deal with any follow-up information or requests.

For the purposes mentioned in point 3, personal data will be kept until the User’s express consent is withdrawn or until the User objects. The User may object to the processing of their personal data for this purpose both when requesting products and services (by expressly not giving consent for promotional purposes as mentioned in point 3) and in subsequent commercial communications from the Data Controller, by writing to privacy.netherlands@dils.com or via the unsubscribe option in the footer of the email received.

HR Contact Area – Working with us

Through its corporate website, Dils collects personal information that Users voluntarily provide by completing the appropriate form in the ‘Work with us’ section of the website.

The following types of data are collected in this section:

(i) first name, last name, date of birth
(ii) desired workplace
(iii) email address and telephone number
(iv) Curriculum Vitae and motivation letter

Dils cannot perform any prior checks on the information entered in the fields that are freely available to the User. If sensitive data is provided (in particular regarding racial and ethnic origin; religious, philosophical, or other beliefs; political opinions and membership in political parties, trade unions, associations, or religious or philosophical organizations; as well as personal data that could reveal health status or sexual orientation), this data will be deleted immediately in the absence of a written statement from the data subject consenting to its processing by Dils.

Providing information in these sections is optional. If the User chooses not to provide such information, they will not be able to submit a contact request to Dils, who will therefore not be able to respond appropriately.

Purpose of the processing

The personal data provided will be processed to respond to contact requests sent by Users to Dils via the form, and in particular:

  1. managing incoming applications for the purpose of personnel recruitment and selection.

Legal basis

The processing of personal data for the purposes mentioned in point 5 is based on the principle expressed in point (b) of Article 6(1) of the GDPR, according to which processing is lawful if it is necessary for the implementation of pre-contractual measures taken at the request of the data subject.

Data retention period

The data collected via the relevant form in the “Work with us” section and the resumes submitted spontaneously will be used exclusively for candidate evaluation and, if not selected, deleted within 12 months. In the event of a positive assessment, the data will be retained for the entire duration of the employment relationship.

Browsing data

In addition to the data provided directly and intentionally by the User, the IT systems and software procedures used to operate the Website obtain, during normal use, certain browsing data, the transmission of which is implicit in the use of TCP/IP.

This is information that is not collected to be associated with identified data subjects, but which, by its very nature, could allow Users to be identified through processing and association with data held by third parties. This category of data includes the IP addresses or domain names of the computers used by Users to connect to the site, the URI (Uniform Resource Identifier ) notation of the resources requested, the time of requests, the method used to submit requests to the server, the size of files obtained in response, the numerical codes indicating the status of the server’s response (successful, error, etc.), and other parameters relating to the operating system and the Users’ IT environment. This data is used exclusively to compile anonymous statistics on the use of the website and to ensure its correct functioning. It may be used to ascertain liability in the event of a criminal offense.

For more relevant information, please refer to the Cookie Policy.

Legal basis

The processing of browsing data is based on the principle expressed in Article 6, paragraph 1, point (f) GDPR – the legitimate interest of the controller in maintaining the security of the website and that it is not used in a way that prejudices the rights of third parties or as a channel for the commission of criminal offences or possible fraud (see: Recital No. 47 of the GDPR).

Processing Methods and Security

Processing of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission or dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Regarding security, access to personal data is only permitted to personnel formally authorized by the Controller, as well as for the relevant activities described above. Your data will be processed using methods and means suitable to ensure data confidentiality and may be processed electronically, automatically, or by non-automated means (paper archives), both with adequate security measures, as prescribed by the GDPR, to prevent data loss, unlawful or incorrect use, and unauthorized access.

Data provision to third parties

Without prejudice to any communications to comply with legal obligations, the Data Controller will only transmit the personal data provided by users to third parties selected to support the requested service, that is to say, for the realization of the purposes indicated above, and appropriately designated as processors, such as:

  • external companies for the management of the information system, website or databases and telecommunications networks.

Finally, Users’ data may be communicated, in accordance with the law, to police services and to judicial and administrative authorities, for the detection and prosecution of crimes, for the prevention of and protection against threats to public security, to enable the Controller to establish, exercise or defend legal claims, and for other purposes related to the protection of the rights and freedoms of others.

User Rights

Under the GDPR, the User has the right to request from the Controller access to personal data (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing of personal data concerning him or her (Art. 18), the right to data portability (Art. 20) or to object to processing (Art. 21), as well as the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or significantly affects him or her (Art. 22).

Where the processing of personal data is based on the User’s explicit consent, pursuant to Article 7, paragraph 3 of the Regulation, there is the possibility to withdraw the consent given for sending communications and updates for promotional and commercial purposes.

You also have the right to lodge a complaint with the competent supervisory authority (Article 77 of the Regulation) if you believe that the processing by the Controller does not comply with the provisions of data protection legislation. In the Netherlands, you can lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). More information about filing a complaint can be found on the Authority’s website: www.autoriteitpersoonsgegevens.nl .

Requests can be addressed to the Controller in the following ways:

Changes to the Policy

The Data Controller reserves the right to modify this privacy policy at its sole discretion. We encourage Users to regularly consult this page to stay informed of any changes.

Last updated: March 2026