We value that our services are transparent, personal and reliable. In that context, we think it is important that you know exactly which personal data we collect and how it is used and shared.
We describe the processing of your personal data in this Privacy Statement. This Privacy Statement may change from time to time if new developments give cause to do so. You can always find the most current Privacy Statement at our website.
What is personal data?
The General Data Protection Regulation (GDPR) states that personal data is any information about an identified or identifiable natural person. This means that information is either directly about someone or can be traced back to this person.
We are a Danish Company. Owned by Bike-Shoppen Aps, who is responsible for the processing of personal data as set out in this privacy statement.
For what purposes do we process personal data?
We only process your personal data for carefully defined purposes. We receive personal data from you inter alia because you purchased or want to purchase one or more products from us. The law then speaks of data processing that is necessary for the preparation or execution of an agreement. The bottom line is that we cannot help you as a customer if we do not process this data from you. Your personal data is also used because we carry out marketing activities. This is referred to by law as processing for legitimate interests. Below you will find more information about the different goals.
- To be able to process orders through our website
As soon as you have made an order, we process data such as: First and last name, address details, phone number, e-mail address. Payments are made through our payment provider OnPay (OnPay is a data controller. Please see the website of OnPay for more information). We do not process any financial data, other than if a payment was successfully processed for a specific order. This purpose is necessary for the conclusion or performance of an agreement (Article 6 paragraph 1 sub b GDPR).
- For customer service: handling questions / comments / complaints
You can call and email us. To ensure that we can help you immediately we use the data available in our customer relationship system, which includes your contact information and purchase history, et cetera. This is necessary for the conclusion or performance of a contract (Article 6 (1) (b) GDPR) and / or our legitimate interest (Article 6 (1) (f) GDPR).
- News mail
You do not automatically get News Mails. You can subscribe to them for free and as easily unsubscribe if you do not want to recieve them any longer.
- Location data
- IP address or app IDs
- Internet browser and device type
- Website language
The data from the analytical and marketing cookies are not linked to the other data you provide during the ordering process. We refer to our cookie statement for more information about cookies. The legal basis is consent, which you give by agreeing to our cookie conditions in the cookie banner on the website (Article 6 paragraph 1 sub a GDPR).
- To support our marketing communication campaigns
We are very happy to help you the right items for your project, for example by email. We also like to share our offer on Facebook. We also advertise with the help of Google Ads. This way we can use your data to show useful advertisements. In order to show you personalized advertisements when you visit Social Media or other websites and apps, we can match your e-mail address or other identifying information such as cookies with Facebook or Google Ads.
Through Facebook Custom Audiences (or "custom audiences") we can target advertisements on Facebook to our own customers. Facebook will undo this operation [the hashing] on its servers and look for the associated Facebook account information. Facebook can thus show the requested ad on your personal profile. For this processing, we have entered into a(n) (processor) agreement with Facebook and Google.
Who do we share your data with?
In a number of cases, we provide your data to external parties. For example, the external service providers (like our payment provider) who help us process your personal data. However, we will never sell your data to other parties.
Processors who help us process your personal data may only use your data on our instructions and to perform the relevant services they provide to us. They may not use or pass on your data independently.
- third party warehouse suppliers
We share your order data with the relevant warehouse, including mainly name, email address, telephone number, time, customer ID number, order number and the type of items.
- website visitors when we share your review(s)
We ask you to leave a review on our website to help other customers find the right items for the right project. By adding a review to an item, we share your: (nick)name and review. After posting, the review is public. Please use a nickname and not your real name if you prefer not to have your real name visible on our website.
- service providers
We can use the services of third parties to process your data in accordance with this privacy statement. These third parties act as processors for us. This includes the party that hosts our website, suppliers who help us with marketing activities (such as Facebook) and suppliers who help us send order confirmations.
Third parties who act as processor for us have entered into a processor agreement with us which, among other things, states that they will only process your data in accordance with our instructions, treat the data confidentially and secure it properly. [We also share order and financial information that could contain personal data in specific circumstances within our group for administrative purposes.]
How long do we keep your data?
We keep this data for as long as is necessary for the purpose for which we use your data. And as long as the law obliges us to keep your data. Exactly how long that is differs. From a few months to many years, for example because that is necessary for our accounting.
How we protect your data
Pursuant to Article 32 of the GDPR, we are obliged to take appropriate technical and organizational measures to prevent the loss of personal data or unlawful processing.
We pay a lot of attention to properly securing personal data. For example, the (personal) data that you enter on the website during transmission is encrypted and the (personal) data is sent via a secure connection.
All our employees and external service providers have signed a confidentiality agreement. We handle information that you entrust to us with care. That is why only certain employees get access to your data.
We apply a high level of security for your data. The data is stored on a secure server, among other things. This server is only accessible to persons who are expressly authorized to do so. The building where the server is located is also well secured.
Where do we store your data?
We work with various applications to obtain and store certain data. To guarantee your privacy, we choose our suppliers carefully and these applications are bound by strict rules. Most data is stored within the European Union.
For the data that is sent outside the EU, we only work with parties that offer sufficient protection according to European rules. If we (possibly via our external service providers) process your data outside the EU, we will ensure adequate protection of your personal data. For example, by using special contacts to ensure this (for example, EU Standard Contractual Clauses).
You have the right to be well informed about what we do with your data and why we need your data. We do this by means of this privacy statement. In addition to the right to be informed transparently, you have the following rights:
- Right of access (if you want to know what data we collect from you);
- Right to rectification (we are happy to adjust all data that are no longer correct);
- Right to be forgotten (in some cases you can ask us to delete your data);
- Right to restriction of processing (in some cases you may ask us to limit the processing of your data);
- Right to data portability (if you wish, we can pass on your data to another party or give you a copy of your data);
- Right to object (in some cases you may object to the use of your data).
If you want to exercise one of your rights, you can contact us (see contact). We will respond to your request within one month.
If we need your consent
If we process your data on the basis of consent, you always have the right to withdraw your consent. You can easily do this by emailing firstname.lastname@example.org If we have no other basis for the data that we process on the basis of consent, we will no longer use this data and delete it.
In case of complaints, for example about the way in which we use your data or how we respond to your privacy-related questions, you can submit a complaint to the Dutch Data Protection Authority.
If you have any questions about this Privacy Statement or want to exercise your rights as data subjects, you can contact us at Info@bikervest.eu