• Free shipping from € 40 within NL
  • Best price guaranteed
  • Shipped within 24 hours

Privacy Policy

Demir Nut Company VOF values ​​the protection of personal data. We process personal data in accordance with the provisions of the General Data Protection Regulation (GDPR), as well as in accordance with other applicable laws and regulations. In principle, we can be designated as controller within the meaning of the GDPR. You can consult this privacy statement at any time on this website.
Any written requests relating to provisions of this privacy statement can be addressed to: Demir Nut Company VOF, Schuttevaerweg 17, 3044 BA in Rotterdam.

Definitions

a. Personal data: any data relating to an identified or identifiable natural person;
b. Processing of personal data: any action or set of actions relating to personal data, including in any case the collection, recording, organization, storage, updating, modification, retrieval, consultation, use, provision by means of transmission, distribution or any other form making available, bringing together, relating to each other, as well as the blocking, erasure or destruction of data;
c. File: any structured set of personal data, regardless of whether this set of data is centralized or distributed in a functionally or geographically determined manner, which is accessible according to certain criteria and relates to different persons;
d. Controller: the controller who determines the purpose of and the means for the processing of personal data is, within the meaning of this statement, Demir Nut Company VOF;
e. Data subject: the person to whom personal data relates.
f. Third party: any person, other than the data subject, the controller or any other person who is authorized under the direct authority of the controller to process personal data;
g. Consent: any free, specific and informed expression of will by which the data subject accepts that personal data concerning him or her will be processed;
h. Manager: the person who, on behalf of the controller, takes control of the personal data and supervises access, monitoring and security of the collected personal data, is within the meaning of this statement the A. Demir;
i. The Dutch Data Protection Authority (AP): Dutch Data Protection Authority as referred to in Article 51 of the GDPR;
j. GDPR: General Data Protection Regulation, (Regulation EU 2016/679 of the European Parliament and of the Council, April 27, 2016).
k. Google Analytics: Google Analytics is a web analysis service. Google Analytics measures how a website visitor uses the website. Google Analytics also provides insight into how a website visitor found our website.

Article 1 Scope and objective of the statement

This privacy statement relates to the processing of personal data by Demir Nut Company VOF. No other data is processed than is necessary for the implementation of the purposes stated in this statement.

This privacy statement aims to:

- to explain to you in a simple and clear manner which personal data we collect about you and how we process it;
- to ensure that data is not processed for a purpose other than the purpose for which it was collected.

Article 2 Processing of personal data

2.1 Personal data is processed by us for the following purposes:

- to contact you after you have completed the contact form;
- to provide you with information;
- to provide you with quotes;
- to offer our products and to carry out the order (s) that you have given us;
- to charge invoices;
- to deliver the product you ordered to you and to keep you informed of its progress;
- to conduct an assessment in response to an application for a vacancy;
- to comply with a legal obligation;
- to inform you about other relevant products and / or offers that are related to previously purchased products, if you appreciate them;
- to continuously improve, maintain and optimize our products and services;
- to carry out market research, whether or not based on information obtained via 'Google Analytics'.

2.2 Personal data of the following categories of persons may be processed:
- customers;
- customer contact persons;
- other parties involved.

Article 3 Types of personal data

3.1 The following personal data can be processed by the controller:
name, first names, address, postcode, place of residence, telephone number, email address and similar data required for communication, as well as the bank number and IP address of the person concerned;
b. data for the purpose of making payments and collecting claims;
c. data other than those referred to under a to b, the processing of which is required or necessary with a view to the application of another law.
3.2 The processing of the above-mentioned personal data is not based on a legal or contractual obligation. Providing the data as mentioned under 2.1 sub a to h / k is a necessary condition for entering into an agreement with us. As a data subject you are not obliged to provide the personal data. The possible consequences if the data are not provided are that we cannot deliver products to you.

Article 4 Management and access to personal data

4.1 Personal data is collected by the controller.
4.2 Subject to statutory provisions in laws and regulations to this effect, only those who are charged with managing the customer database or those who are related to the processing of personal data or who are necessarily involved in the process have access to the personal data.
4.3 The following third parties have access to the personal data:

- My parcel;
- Post NL;
- Mollie;
- After-pay;
- DHWM.

Article 5 Security and confidentiality

5.1 We take appropriate technical and organizational measures to protect personal data against loss or any form of unlawful processing. Taking into account the state of the art and the costs of implementation, these measures guarantee an appropriate level of security in view of the risks associated with the processing and the nature of the data to be protected. The measures are also aimed at preventing unnecessary collection and unlawful processing of personal data.
5.2 Anyone who acts under our authority to comply with and implement the processing of personal data to which this privacy statement relates, is obliged to observe a duty of confidentiality. Confidentiality does not apply insofar as any statutory provision obliges them to notify or the necessity for notification arises from their task.

Article 6 Retention period

6.1 We do not store your data for longer than is necessary to achieve the purposes for which the data was collected and processed. The following retention period is used by us:

- In the context of making contact, the personal data provided via the contact form will be deleted 6 months after the contact has taken place, unless their retention is necessary in the context of the performance of an assignment;
- In the context of applications for a vacancy, the personal data provided will not be stored for longer than 24 months;
- In the context of the fulfillment of the assignment, personal data will not be stored for more than five years.   

Article 7 Rights of data subjects

7.1 As a data subject, you have the right to receive the personal data that you have provided to the controller in a structured, commonly used and machine-readable format and to have it transferred to another organization.
7.2 If the basis of the processing is based on your consent, as referred to in Article 6 paragraph 1 sub a or Article 9 paragraph 2 sub a GDPR, you as a data subject have the right to withdraw that consent at any time, without this affects the lawfulness of the processing based on the consent before its withdrawal.
7.3 As a data subject, you have the right to request the controller to give you access to your personal data processed by the controller. The controller will inform you in writing within four weeks whether the personal data concerning you will be processed.
7.4 If you discover inaccuracies in your file, a request can be made for correction, addition, removal or blocking. This request contains the changes to be made. The controller will inform the applicant in writing within four weeks of receipt of the request whether or to what extent he will comply with it. A refusal is reasoned.
7.5 If the processing of personal data takes place on the basis that such processing is necessary for the legitimate interest of the controller, the data subject is at his disposal to object at any time.
7.6 The controller will assess within four weeks of receiving the objection whether the objection is justified. If this is the case, the controller will immediately stop the processing.

Article 8 Complaints

8.1 If the data subject is of the opinion that the provisions of this privacy statement have not been complied with in an acceptable manner, the data subject can apply to the Authority or the competent court.

Article 9 Entry into force

9.1 This privacy statement only comes into effect on 25 May 2018.

Upwards