Skip to content

privacy statement

This is the privacy statement of MegaGroup Trade Holding B.V. and its subsidiaries (such as Bosta, Bevo, Bevo Nordic, Norsup, Reber and Aquadrip) (hereinafter together and in singular referred to as: "MegaGroup"). MegaGroup consists of a group of wholesalers active in water technology in Europe. In order to maintain (current) customer relationships and provide a better product and communication experience, we may process (i.e. collect, store, record, modify, retrieve, access or destroy) personal information (i.e. any data that could contain information about an identifiable natural person) about you. By means of this privacy statement, we would like to inform you about what personal information we process from you and how we use it within our organisation.

Controller of the processing of the personal data within MegaGroup is MegaGroup Trade Holding B.V. (Doornhoek 4205, 5465 TG Veghel). The Privacy Officer of MegaGroup can be reached at

Our compliance with privacy laws

MegaGroup is the data controller as described in this privacy policy. MegaGroup is committed to handling your personal information with care. In doing so, we comply with the laws and regulations that apply to us, such as the General Data Protection Regulation (GDPR).

Please note that you are not obliged to provide us with personal information, but that much of the information we request is essential in order to provide or improve our services to you. If you withhold requested information, we may not be able to provide you with our services.

Why do we collect personal information?

We process candidate information for employment or engagement opportunities at MegaGroup. The information will be gathered and utilised for the following objectives:

  • Evaluate candidates’ skills, qualifications, and suitability for the positions.

  • Conduct necessary background and reference checks.

  • Maintain communication with candidates regarding the recruitment procedure.

  • Retain records associated with our hiring procedures.

  • Adhere to legal and regulatory obligations.

  • Analysing, monitoring, optimising and securing our websites and the technologies used;

  • Conducting market research and management reports on the performance and status of our platforms.

What personal data do we collect?

Generally, the data we collect on this website from all job applicants includes any details provided in resumes, CVs, and/or application forms, such as name, contact information, employment history, qualifications, nationality, and a photograph. We use the personal data of candidates to evaluate their skills, experience, and suitability for roles available at MegaGroup. This information is shared with relevant hiring managers and individuals involved in the recruitment process to determine whether to invite the candidates for interviews.

how we collect this information

MegaGroup collects personal data from candidates in various ways. This data can be obtained through:

  • The contact form on our site; 

  • The cookies placed on our web pages (please refer to our cookie statement for an overview of these); 

  • The means of communication such as telephone and e-mail. 

Retention period

We will not retain your data any longer than is necessary to fulfil the purposes set out in this privacy statement. In some cases, you can delete your personal data yourself if you no longer wish to make use of our services.

Provision of personal data to third parties

MegaGroup may share your personal data within the MegaGroup group for internal administrative purposes, for example. The legal ground for doing so is a legitimate interest.

MegaGroup only shares your personal information with third parties if you have given your consent, if that is necessary for the fulfilment of one of the purposes or if it is required by law. Third parties can be wholesalers, suppliers, courier services or cloud services. When we share your personal information, we have made arrangements both within the group and with third parties regarding privacy and security.

After your explicit consent, your personal information may also be shared with Aqua2life, MegaGroup's non-profit foundation.

Data security

We have implemented appropriate security measures to protect your personal data and to limit misuse and unauthorised access to your personal data. We ensure that the software and technology used to process the personal data are sufficient and comply with current legislation to prevent unauthorised access, modification, disclosure or loss of personal data. If, despite the security measures in place, a security incident does occur, we will take measures to minimise the impact on everyone's privacy. We will also fulfil our obligation to report any breach of your personal data.

Sending information safely outside the European Union

If it is necessary to work with a recipient located outside the European Economic Area (EEA), for example because they offer a service that is not offered within the EEA, we always provide adequate and appropriate safeguards.

We use third parties based outside the European Union for certain processing operations. We have taken appropriate security measures to ensure that your information is properly protected.

Third parties

The following third parties may process personal data as part of our services:

Google Analytics Information about the functioning of the website and optimising the customer experience.

Feedback Company We use the Feedback Company to collect reviews.

Hotjar Hotjar is a technology service that helps MegaGroup to better understand the experiences and needs of users of this website (e.g. how much time is spent on which pages and how often which links are clicked).

Recruitee We use recruitee for our jobs website and the whole recruitment process.

We have made proper arrangements with the above processors. We require these third parties to provide at least the same level of security for the personal data as we, the data controller, offer you.

Third party websites

This statement does not apply to third-party websites that are connected to our website through links. We cannot guarantee that these third parties will handle your personal data in a reliable or secure manner. We recommend that you read the privacy statements of these websites before using them.

Deleting, changing or retrieving your data

You can invoke the following rights as set out in the GDPR (Articles 13 to 20):

• Right to information: The right to ask how your personal information is processed.

• Right of inspection: The right to check whether and how your personal information is processed.

• Right to rectification: If it becomes clear that the data is incorrect, you can request that it is rectified. • Right to object: You have the right to ask us to stop using your personal information.

• Right to be forgotten: In some cases, you also have the right to have your personal data deleted.

Please contact us via the e-mail address We will respond to your request within one month. We reserve the right to extend this period once by up to two months in the case of complex issues. You also have the right to submit a complaint to the Dutch Data Protection Authority against the processing of your personal data. You may contact the Dutch Data Protection Authority for this. For the United Kingdom this can be done at the Information Commissioner’s Office via For the Netherlands, this can be done via

Amendments to this statement

In order to comply with the laws and regulations applicable to us, we will continuously review and update this document. This privacy statement is reviewed regularly and amended as necessary. Any amendments will be published on our website. It is therefore advisable to consult this privacy statement regularly in order to keep abreast of these amendments. If you wish to contact us regarding this privacy statement, you can do so via

This privacy statement was last amended in February 2024.