Welcome to our website. The protection of your personal data is of particular concern to us, therefore we process your private data exclusively on the basis of the legal regulations. With this data protection declaration we want to inform you about the processing of your data in our company and your rights.
Processing on our website
When you visit our website, we automatically collect certain non-identifiable information. This technical information is used for the management of the website and to optimize the website and services of Shopronics Netherlands. We process personal data in a manner that is in accordance with the General Data Protection Regulation (the “AVG”), the GDPR-based implementing legislation and the other current privacy legislation.
Processing within the framework of business relations
As part of the business initiation and relationship, we process the data received from you. Furthermore, we process data which we have legitimately received from credit agencies, creditor protection associations, publicly accessible sources (e.g. business register, register of associations, land register, media) and other companies with which we have a permanent business relationship.
Personal data includes:
Your master/contact details such as:
- as a private customer: first and last name, address, contact data (e-mail address, telephone number, fax), date of birth, data from proof of identity (copy of ID card), bank data
- as a corporate customer or supplier: name of your legal representative, company, commercial register number, VAT ID number, company number, address, contact person contact data (e-mail address, telephone number, fax), bank data
- In addition, we also process the following other personal data:
- Information about type and content of our business relationship such as contract data, order data, sales and receipt data, customer and supplier history, consulting documents, vehicle data,
- Information about your financial status (for example, creditworthiness data),
- Advertising and sales data,
- Documentation data (e.g. consulting protocols), image data,
- Information from your electronic dealings with Shopronics (e.g. IP address, log-in data),
- other data that we have received from you in the course of our business relationship (e.g. in customer meetings),
- Data that we generate ourselves from master/contact data and other data, e.g. by means of customer requirements and customer potential analyses.
- The documentation of your declaration of consent for the receipt of e.g. newsletters.
- Image data from video surveillance systems
Who receives my data?
If we use a service provider in the sense of order processing, we nevertheless remain responsible for the protection of your data. All contractors are contractually obliged to treat your data confidentially and to process it only within the scope of the provision of services. The contractors commissioned by us will receive your data if they require it to perform their respective services. These are, for example, IT service providers that we need for the operation and security of our IT system as well as advertising and address publishers for our own advertising campaigns.
Your data will be processed in the Shopronics customer database. The Shopronics customer database supports the enhancement of the data quality of existing customer data (duplicate cleanup, moved/dead indicator, address correction), and enables enrichment with data from public sources. This data is made available to the Shopronics Group companies participating in theShopronics customer database (participating companies) and can be used for personalised direct marketing campaigns (e.g. newsletters), for targeted online marketing and personalised online shop design.
The Shopronics customer database will enable participating companies that look after the same customers to use information about these customers across organisations. The aim of this approach is to provide customers with the most up-to-date and relevant information at all times. This processing of customer interests constitutes profiling within the meaning of Art. 4 EU GDPR; an automated decision making does not take place. Customer data is stored separately for each company, with Shopronics Group acting as a service provider for the individual participating companies.
An overview of the Shopronics Group companies can be found under the following link: https://www.shopronics.nl/groepstructuur/
If an offer is made / sold via manufacturer portals, data you have provided will be processed directly in the manufacturer’s portal.
If there is a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors may be recipients of your data.
In addition, insurance companies, banks, credit agencies and service providers may also be recipients of your data for the purpose of initiating and fulfilling contracts.
How long will my data be stored?
We process your data until the end of the business relationship or until the expiry of the applicable guarantee, warranty, statute of limitations and statutory retention periods (for example from the Dutch Commercial Code or the Tax Code); in addition, until the end of any legal disputes in which the data is required as evidence.
In video surveillance, image data is usually deleted within 4 weeks.
In principle, we do not transfer any data to a third country. A transmission will only take place in individual cases on the basis of an adequacy decision of the European Commission, standard contractual clauses, suitable guarantees or your express consent.
What data protection rights do I have?
You have a right to information, correction, deletion or restriction of the processing of your stored data, a right of objection against the processing as well as a right to data transferability and to a complaint in accordance with the requirements of data protection law.
Right to information:
You can request information from us as to whether and to what extent we process your data.
Right to correction:
If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.
Right of deletion:
You can request us to delete your data if we process it unlawfully or if the processing interferes disproportionately with your legitimate protection interests. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated storage obligations.
Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, provided that there is no legal transaction or legal retention period to the contrary.
Right to limitation of processing:
You may request us to restrict the processing of your data if
- you dispute the accuracy of the data for a period of time that allows us to verify the accuracy of the data.
- the processing of the data is unlawful, but you refuse to delete it and instead request a restriction on the use of the data,
- we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
- you have lodged an objection to the processing of the data.
Right to data transfer ability:
You may require us to provide you with the data you have provided to us in a structured, current and machine-readable format and to allow you to pass this data to another person in charge without our interference, provided that
- we process this data on the basis of an agreement you have given and revocable or in order to fulfil a contract between us, and
- this processing is carried out using automated methods.
- If it is technically feasible, you can ask us to transfer your data directly to another person responsible.
Right of objection:
If we process your data for legitimate reasons, you can object to this data processing at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. We will then no longer process your data unless we can prove compelling reasons worthy of protection for the processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims. You can object to the processing of your data for the purpose of direct advertising at any time without giving reasons.
Right of appeal:
If you are of the opinion that we violate Dutch or European data protection law when processing your data, please contact us to clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for us.
If you wish to assert any of the above rights against us, please contact us under firstname.lastname@example.org. In case of doubt, we may request additional information to confirm your identity.
11. Which data is captured by visiting this website
In addition, general information about the usage behaviour of visitors is recorded on the website with the help of analysis tools. These include, for example, pages accessed, length of stay, referring pages as well as general information about your computer system such as operating system, screen resolution, browser used, etc. All data collected is stored anonymously and cannot be assigned to you personally. If you do not agree with this anonymous recording of your usage behaviour, you can prevent this by deactivating cookies in your browser.
Use of Google Analytics
This website also uses Google Analytics, an Internet analysis service from Google. Google Analytics uses so-called cookies (small text files) which are stored on your computer and which enable an analysis of your use of the website.
We inform you that this website uses Google Analytics exclusively using a deactivation add-on “_anonymizeIp()”. Your IP address is not completely stored. The identification of the visitor of the website is excluded.
By installing the browser add-on to deactivate Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=en) you can object to its use. By doing so, you inform Google Analytics that no information about the website visit should be transmitted to Google Analytics. Without your express consent, we will not use tracking tools to track
– personal data about you,
– to transfer such data to third parties and marketing platforms, or
– link the data with your personal data (name, address, etc.).
Using Google’s re-marketing feature
Use of Social Plugins
We have included social plugins on our site, which are deactivated by default for data protection reasons. When you access our site, no data is generally transmitted to social media services such as Facebook, Twitter or Google +, and the creation of a profile by third parties is therefore excluded.
Deactivated social plugins are highlighted in gray.
However, you have the possibility to activate the social plugins with one click and thus give your consent for communication with the respective social network. When you activate the social plugin, certain data is transferred to the respective social network, such as your IP address, information about the browser and operating system used, the website accessed and the date and time. In the course of this communication, data from a server of the social media provider is also uploaded to our website. The provider of the social plugin receives information about which specific websites you visit, regardless of whether or not the provider of the social media plugin (e.g. facebook) is currently logged in or whether you have clicked on the plugin or not. The provider can also process this data outside the European Union and is also able to create individualized user profiles. We have no influence on the type, scope and purpose of data processing by the provider of the social media service.
An activated social plugin is displayed in color and data is already transferred to the social media service at this point – as described above. With a second click you can use the social plugin.
At http://developers.facebook.com/plugins you can get more information from Facebook about the plugin and the corresponding social media service. Facebook’s data usage guidelines can be found at: http://www.facebook.com/about/privacy.
What profiling we perform of you visiting our website?
On our website, profiling takes place on the basis of your click behaviour. This profiling is designed to improve your customer experience when you visit our website. For example, if you are mainly interested in products and content related to retail, you will be redirected to the “Retail” target group entry page the next time you visit the website.
Our customer relationship management also includes profiling based on your purchasing behavior in our branches and customer meetings.
In all these cases, there is no automated decision making in the sense of the GDPR.
Am I obliged to provide data?
The processing of your data is necessary to conclude or fulfil your contract with us. If you do not provide us with this information, we will usually have to refuse the conclusion of the contract or the execution of the order or we will no longer be able to execute an existing contract and will therefore have to terminate it. However, you are not obliged to give your consent to the processing of data that is not relevant or legally required for the fulfilment of the contract.