Coach Niko does everything to guarantee your privacy

As Coach Niko, I process the personal data of (potential) participants and suppliers to provide the best possible support for individuals who want to quit smoking. I am committed to protecting your privacy and handle all personal data with the utmost care, in full compliance with the General Data Protection Regulation (GDPR/AVG) and Dutch healthcare legislation.

Privacy statement & GDPR

If you have any questions regarding this statement or your data, you can contact me directly. I act as the primary point of contact for all data protection matters.
Email: info@coachniko.nl
Phone: +31 (0)64 774 9091

QUESTIONS

WHY I PROCESS PERSONAL DATA

I process personal data for the following purposes:

Coaching & Treatment: To provide evidence-based Smoking Cessation (SMR) coaching.
Administrative Management: Handling registrations and financial administration.
Reimbursement & Invoicing: Facilitating direct billing to your health insurer via the Dutch AGB and Vecozo systems.
Continuity of Care: Coordinating with the main contractor or your General Practitioner (GP) regarding your progress.
Long-term Evaluation: To facilitate mandatory national quality monitoring and follow-up calls after the conclusion of the program.
Legal Obligations: Performing mandatory identification checks and maintaining a professional incident register as required by law.

Professional Secrecy

As a KABIZ-registered healthcare professional, I am bound by medical professional secrecy (beroepsgeheim). Your personal and medical information is strictly confidential. It will never be shared with third parties—including family, employers, or non-involved practitioners—without your explicit written consent, unless required by a specific legal mandate or in the case of a mandatory reportable calamity.

PROVISION TO THIRD PARTIES

I engage specialized service providers to ensure the highest level of data security. These parties act as "processors" under a formal processing agreement:

Electronic Patient Dossier (EPD): My system is NEN 7510 certified (the Dutch standard for healthcare information security). All clinical notes are stored exclusively in this secure environment.

Vecozo & Health Insurers: I use the Vecozo secure communication portal to send encrypted declarations to health insurers. Vektis registries are used to verify my professional credentials and facilitate your reimbursement.

Contractors: As a subcontractor, I share necessary coaching progress and attendance data with the main contractor to ensure the quality and continuity of your care.

Quality & Evaluation partner: As part of the quality assurance and aftercare protocol of the Main Contractor, responsible for the long-term evaluation and recording of your smoking status at 5 and 12 months post-intake.

IT & Web Tools: Secure services for email (Google Workspace), website hosting, and financial administration.

I do not provide personal data to parties established outside the EU, nor do I sell your data to third parties.

RETENTION PERIODS

I adhere to the legal retention periods defined by Dutch law:

Medical/Coaching Files: In accordance with the WGBO (Medical Treatment Contracts Act), I retain your coaching record for 20 years from the date of your last treatment.

Financial Records: Basic administrative and invoice data is stored for 7 years, as required by Dutch tax law.

Newsletters & Prospects: Contact details are retained until you opt out or indicate you no longer wish to be contacted.

Under the GDPR, you have the following rights:

Access & Portability: You may view your data or request a digital copy.
Rectification: You can request that I correct inaccurate information.
Deletion: You can request the deletion of your data (noting that legal medical retention duties may take precedence).
Restriction & Objection: You can object to certain types of processing.

To exercise these rights, please contact me via email at info@coachniko.nl or by calling +31 (0)64 774 9091. If you believe your rights have been violated, you have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

YOUR RIGHTS

SECURITY MEASURES

I have implemented rigorous technical and organizational measures to protect your data:

Secure Access: All systems are protected by a strict password policy and multi-factor authentication.
Confidentiality: All persons, including myself and potential administrative substitutes, are bound by confidentiality.
Backups: Regular backups are performed to enable recovery in the event of a technical incident.

If you have a concern regarding the processing of your personal data, please contact me directly so we can resolve it. You always maintain the legal right to file a formal complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), the national supervisory body for privacy protection.

COMPLAINTS