Skip to content

Privacy Policy

Last modified: June 17th, 2021

Welcome to the Qdossier Privacy Policy

This privacy policy refers to the processing of personal data through the website of Qdossier,, including the Dossplorer services ( We collect and use information for a variety of purposes about our customers and other individuals with whom we come into contact (including through the website). This privacy statement describes how your information is collected, used, and shared when you use our services.

Qdossier Services, a trademark of Qdossier B.V.; Qdossier Consultancy, a trademark of eCTDconsultancy B.V.; Qdossier Solutions, a trademark of Qdoor B.V., hereafter to be named “Qdossier”. In the remainder of this statement any reference to “we”, “our” or “us” means Qdossier. Any reference to “you” means the individual person in relation to whom we hold personal information.

Qdossier are the controllers of your personal data within the meaning of the General Data Protection Regulation (“GDPR”). We are therefore responsible for the implementation and compliance with the GDPR.

Our contact details are

Julianastraat 11
5141 GL Waalwijk

General information

We take the protection of your personal data very seriously. We treat your personal data confidentially and according to the GDPR and this privacy policy. We do this by checking with our legal partner whether our services meet the right requirements, both in terms of data security and compliance with the data protection legislation.

When you share information with us, for example by visiting our website or creating a Dossplorer Account, we want you to be clear about how we are using information and the ways in which you can protect your privacy.

Our Privacy Policy explains:

  • What information do we collect and why we collect it
  • How we use that information
  • The choices we offer, including how to access and update information

What personal data do we process and why

We collect personal data that we need for the provision of our services. Some of this personal information is required to allow you to make use of our services. We also collect additional personal data to tailor our services to your specific wishes. It is your responsibility that the personal data provided is accurate and relevant.

We collect, among other things, the following data and documents with personal data included therein:

1)  Customer (customer contact person)

  • To be able to contact our customers we collect the first name, last name, email address, telephone number, and address data of our customer contact person;
  • In order to invoice for our services we process your payment details;
  • In order to create a Dossplorer account we also collect the name of the company you work for and your role
  • You will receive e-mails from us as soon as you have placed an order. We keep you informed of the progress of your order via these e-mails

2) Website visitor

When you use our website, we will automatically receive data from you. We collect this information via cookies to gain more insight into the use of our website and to improve our website.

For more information about the use of cookies, please refer to our cookie statement. In this context, we process the following information from you:

  • Information about the browser used (type, version, screen resolution, etc.);
  • IP address;
  • Language preferences;
  • Data related to the use of the website.

3) Dossplorer account

  • To create a Dossplorer account, Qdossier staff collects information about the company you are affiliated to and the role held within that company. We store your user name, user roles assigned, user account status, and account creation date. The email address provided can be used to inform you about upcoming changes or improvements to the tool. In addition, notifications could be sent by the Dossplorer application to the provided email address.
  • User activity is logged in Dossplorer to allow customers for maintaining an audit trail, as required by regulations such as CFR 21 part 11. The activities captured as part of the audit trail are:
    • User events; login/logout, confirm account, enrollment date, and set password, IP address, and browser used
    • Dossier events; import and deletion of dossiers and sequences and, the creation, modification, and deletion of metadata, date modified, the reason for modification, modified by, and the opening of documents.
    • User roles: changes to the user roles assigned to Dossplorer accounts, including the role(s), date assigned, date modified, modified by, and assigned by
    • User inactivation: changes to the status of a user, including details about the (in)activated user, the user that made the change, and a time stamp
  • A Dossplorer business administrator will receive e-mails from Qdossier as soon as a new order for additional Dossplorer credits is placed. Qdossier keeps the person informed of the progress of the order via these e-mails.
  • When support tickets are generated by a Dossplorer user, those contact details need to be stored and processed to be able to respond. It is also important to track support tickets and who raised those, to be able to set priorities for Dossplorer improvements. 

4) Contact Us

  • When you contact us, we keep a record of your communication to help solve any issues you might be facing.


Legal basis for processing personal data

We base the processing of your personal data on different legal grounds. These are:

1. Performance of a contract (art. 6 (1) (b) GDPR)

We process a large part of the personal data that we collect from you because the processing of these data is necessary for the execution of your agreement with us. These personal details are necessary, for example, to be able to contact you.

2. Compliance with a legal obligation (art. 6 (1) (c) GDPR)

There are several laws that we will have to comply with. Based on these regulations, we are required to process certain personal data about you. We may also be obliged to provide your data to third parties for this reason.

3.Legitimate interest (art. 6 (1) (f) GDPR)

We would like to offer you the best possible service. In order to do so we process your personal data. This is the case, for example, when sending e-mails regarding the progress of your order and by visiting our website. In doing so, we always take your privacy interest into account.

4. Your explicit consent (art. 6 (1) (a) GDPR)

For everything else, we will only use your data with your explicit consent.

With whom we share your personal data

We sometimes use third parties to process your personal data on our behalf. These parties are called “processors”. When we do so, we put in place strict obligations to ensure that these processors solely process your personal data in accordance with our strict instructions. We do not use the services of processors that are located outside the EU.

We will also share your personal data with third parties in the following circumstances:

  • Where we are required to do so by law (for example pursuant to a court order or where we have a statutory obligation to disclose your personal data);
  • If we sell the whole or part of our business and the purchaser needs your personal data in order to continue with the business. In this case, the terms of this privacy policy will continue to apply to the way in which the purchaser uses your personal data;
  • Where we have your consent to do so;
  • Where disclosure of your personal data is necessary for connection with legal proceedings.
  • A Dossplorer user with the role ‘business administrator’ can see user names, roles assigned, account status, and account creation date. Users with the role of business admin may be able to:
    • change your account password
    • suspend or terminate your account access
    • access or retain information stored as part of your account
    • receive your account information in order to satisfy applicable law, regulation, legal process or enforceable governmental request
    • restrict your ability to delete or edit information or privacy settings
  • A Dossplorer user with the role ‘audit’ may view or receive audit trail information related to your account information in order to satisfy applicable law, regulation, legal process or enforceable governmental request. The Dossplorer user with the role ‘audit’ can see:
    • user events; login/logout, confirm account, enrollment date and set password, IP address and browser used
    • dossier events; import and deletion of dossiers and sequences and, the creation, modification and deletion of metadata, date modified, reason for modification, modified by, and the opening of documents
    • user roles: changes to the user roles assigned to Dossplorer accounts, including the role(s), date assigned, date modified, modified by, and assigned by

Please refer to your domain administrator’s privacy policy for more information.

How long do we save your personal data

We keep your personal data as long as necessary for the purpose for which we use your data. And for as long as the law obligates us to store your data. The time period that applies depends. Ranging from several months to many years.

How we secure your personal data

We consider your privacy to be of paramount importance. Therefore we process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Your rights

Under the GDPR, you have the right to access, rectify, port, and erase your data. You also have the right to object to and restrict certain processing of your data.

You can exercise your rights by sending an e-mail to or contact us via the information listed on our contact page. In order to verify your identity, we request a copy of your identity with your national security number and photo made invisible. Following this request for access, you can request us to correct or delete your personal data. If you believe that we do not handle your personal data carefully, you can contact us via the above contact details. You also have the right to submit a complaint to the Dutch Data Protection Authority (“DDPA”).

It is also possible to object to the processing of your personal data by us if your personal data are used for purposes other than necessary for the execution of an agreement or are necessary for the fulfillment of a legal obligation. For example, you can object to the use of your personal data for marketing and sales activities. You can do this by sending an e-mail to You also have the so-called right to data portability. This means that you have the right to obtain the personal data that you have provided to us in a clear form. You can therefore also send an e-mail to info(at)

Other Dossplorer related terms

Your use of the Services is governed by other terms and conditions in addition to this Privacy Policy, including the Dossplorer Terms of Service and Dossplorer Acceptable Use Policy, and may be subject to laws and regulations in your jurisdiction.


Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes). We will also keep prior versions of this Privacy Policy in an archive for your review.