Driessen Group deploys JuriBlox Privacy to monitor its various companies’ compliance with the General Data Protection Regulation (GDPR). This allows the group to keep a grip on its handling of privacy, despite its six subsidiaries operating independently.

Every day, Driessen Group is in the business of enabling work happiness for as many people and organisations as possible. The six companies of Driessen Group help many thousands of people find or get temporary and permanent jobs (Driessen, Reijn and Jeij), let employees grow, prosper and excel (Mensium), and take care of all HR processes and systems down to the last detail (IJK and TSF). They do this from the centre of people and work: the Brainport Human Campus.

From family business to family of businesses

Jan van den Veerdonk, Information Security & Privacy Officer at Driessen Group: “In 2018, we transformed the family business into a family of companies. All these companies are part of Driessen Group, but have their own distinctive brand name, positioning and corporate identity. Many support services are organised by the companies themselves, but some matters are centrally invested at group level. For example, we deploy JuriBlox Privacy to keep a grip on how the companies within our group deal with privacy.”

Deze oplossing draagt bij aan een zorgvuldige omgang met de GDPR. “The solution gives us a unified platform that allows us to secure our privacy standards across companies. This way, we ensure that everyone is GDPR compliant,” says Van den Veerdonk. “Driessen Group attaches the utmost importance to privacy protection. This is seen as a ‘family value’ that must be implemented and monitored in the same way within all underlying companies of the group. JuriBlox helps make this possible.”

Lots of clarity

“For example, our HR services organisation IJK receives all kinds of information requests from employees and clients every day. For example, employees ask for a lost pay slip to be sent or clients request a Certificate of Good Conduct. In other cases, employees actually want to submit information. Previously, service employees had to constantly check what they were and were not allowed to do, which is error-prone. Thanks to JuriBlox, a comprehensive set of guidelines and rules is now available to guide them in this. They can also refer to these guidelines in their response to employees and clients. It gives a lot of clarity.”

In view of the GDPR, Driessen Group maintains a register of processing operations and an incident register. “The way we design these registers has changed quite a bit because of the platform. Previously, we worked with Excel spreadsheets, which were shared via SharePoint. The platform now ensures that processing and incidents are recorded uniformly.”


Within the various organisations, privacy ambassadors have been appointed by Van den Veerdonk. “They support in companies to shape privacy policies in a unified way. We work with all ambassadors in the JuriBlox platform.

The platform provides interesting insights and helps identify any areas for improvement. “For instance, within one of our companies, there was traditionally a lot of communication via e-mail. Because of some reported incidents related to e-mail, we decided to move away from this,” says Van den Veerdonk. “To facilitate this, we revamped a specific business application on this. As a result, all messaging within the organisation now takes place within this app.”

Privacy Impact Assessments

Driessen Group also uses the platform to conduct Privacy Impact Assessments and Data Privacy Impact Assessments, which identify privacy risks. “Within our group, we have two software houses, which are constantly further optimising our applications and making changes in them. Keeping a grip on this continuous flow with changes and new software projects was challenging. What may seem like a small and simple software project can have a big impact privacy-wise.”

Any new project that processes personal data must therefore be compulsorily notified to JuriBlox. A Privacy Impact Assessment is also mandatory. This is regardless of the size of the project or the number of personal data processed. “Thanks to this working method, we keep an overview of all projects within the different organisations that are part of Driessen Group. Besides AVG compliance, this also offers other advantages. If we see that similar projects are being carried out within our group, we can link these departments or teams.”

Uniform processor agreements

One of Driessen Group’s companies regularly acts as a data processor for customers. This party also uses JuriBlox Privacy to draft processor agreements with these customers. Templates ensure that all agreements are drafted uniformly. “Some 900 to 950 deals have now been created with the help of the platform.”

Driessen Groep likes the cooperation with JuriBlox. “The platform gets regular updates. New features are always rolled out after working hours. Before the implementation of an update, you often receive a reminder to save your work in time. We are also in regular contact with JuriBlox on the platform, which ensures short lines of communication.”


In the search for a platform that could help them meet the administrative obligations of the AVG, several solutions were explored. “We looked at a number of players in the market, including a major international player, Since we focus exclusively on the Dutch market, JuriBlox’s user-friendly platform was the best fit for us.”

“We have been using JuriBlox Privacy since 2018, making us one of the first users. Since then, the platform has developed rapidly and expanded significantly,” says Van den Veerdonk. “We are far from using all the functionalities of the platform. In the coming time we want to expand its use even further”

The building block of the legal process


© 2016 – 2024 JuriBlox B.V.

This is a staging environment