JinQinsight Privacy Statement
Version: 1.1
Effective date: 1-8-2026
1. Who is JinQinsight (JQ)?
JQ is a digital absence reporting and triage platform that supports employers in the initial handling of absence notifications. The platform helps employers process absence notifications in a consistent, careful, and privacy-friendly manner.
JQ only processes personal data that is necessary for registering absence notifications and determining the appropriate follow-up route. The platform does not process medical diagnoses, complaints, treatments, or other medical content.
Data Controller
JinQinsight B.V.
Chamber of Commerce number: 42062165
E-mail: admin@jinqinsight.nl
2. Which personal data does JQ process?
Depending on the services provided, JQ only processes personal data necessary for the performance of the agreement with the employer. This includes:
• Employee name
• Private e-mail address
• Employer
• Department or team
• Date and time of the absence notification
• Selected absence category
• User and authorization data
• Log data required for security and auditing
JQ does not process free-text fields in which medical information can be entered.
3. Which absence categories does JQ use?
An employee can only choose from predefined categories:
• Unsafe situation
• Conflict
• Informal caregiving (mantelzorg)
• Personal circumstances
• Dissatisfaction with work
• Sick
By working exclusively with predefined categories, JQ prevents the processing of unnecessary personal data or medical information.
4. How does JQ handle medical notifications?
When an employee selects the category "sick", the notification is automatically classified as a medical notification.
JQ uses this selection solely to refer the employee to the occupational health service or the medical service provider designated by the employer.
JQ does not request medical explanations. JQ does not process diagnoses. JQ does not process complaints. JQ does not process information regarding treatments or limitations.
Further handling of the medical notification takes place exclusively through the occupational health service in accordance with applicable laws and regulations.
If an employee selects the confidential counsellor option in the decision tree, a "false" sick notification will also be sent to the employer. This is intended to protect the employee.
5. Non-medical absence notifications
When an employee selects unsafe situation, conflict, informal caregiving, personal circumstances, or dissatisfaction with work, JQ supports the employer with practical advice regarding possible follow-up actions.
These recommendations only support the employer’s decision-making process. The employer remains fully responsible for the final assessment and any follow-up actions.
6. Why does JQ process personal data?
JQ processes personal data solely for:
• Registering absence notifications
• Routing medical notifications to the occupational health service
• Supporting employers in handling non-medical absence notifications
• Securing the platform
• Managing user accounts
• Complying with legal obligations
Personal data is not used for marketing, profiling, or automated decision-making.
7. Legal basis
JQ processes personal data only on the basis of the legal grounds set out in the General Data Protection Regulation (GDPR).
For services provided to employers, processing takes place because it is necessary for the performance of the agreement and for the legitimate interests of the employer, insofar as permitted under the GDPR.
8. Who has access?
Within JQ, only authorized persons have access to personal data. This includes only:
• Designated managers
• HR staff
• System administrators
Access is granted solely where necessary for the performance of their duties. Employees do not have access to the JQ platform.
9. Security
JQ implements appropriate technical and organizational security measures to protect personal data against loss, unauthorized access, unlawful processing, alteration, and destruction. These measures are aligned with the nature of the processing, the state of the art, implementation costs, and the risks to the rights and freedoms of data subjects, in accordance with Article 32 of the GDPR.
Security measures include:
• Hosting within the European Economic Area (EEA) via Exoscale
• Encryption of data during transmission (TLS) and storage
• Multi-factor authentication (MFA) for application administrators
• Role-based access controls according to the need-to-know principle
• Logging and monitoring of security-relevant events
• Periodic security updates and patch management
• Encrypted backups and recovery procedures
• Monitoring and handling of security incidents
JQ periodically evaluates these security measures and adjusts them where necessary based on technological developments, changes in legislation and regulations, and new security risks.
10. Retention periods
Personal data is not retained longer than necessary for the purposes for which it was collected or as long as required by law.
After the retention period has expired, personal data is deleted or anonymized.
11. Sharing personal data
Personal data is shared only where necessary for the provision of services. In the event of a medical notification, only the information necessary is forwarded to the occupational health service.
In addition, JQ uses carefully selected IT service providers that process personal data solely on behalf of JQ and with whom data processing agreements have been concluded.
12. Rights of data subjects
Data subjects have the right to:
• Request access to their personal data
• Have personal data corrected
• Request deletion where permitted by law
• Object to processing
• Request restriction of processing
• Lodge a complaint with the Dutch Data Protection Authority
Requests may be sent to: admin@jinqinsight.nl
13. Amendments
JQ may amend this privacy statement if required by legislation or changes to its services.
The most current version will be made available through the organization using JQ.