Privacy statement Fixicover B.V.
Fixicover B.V. ("Fixicover") takes your privacy and the security of your information very seriously.
In this privacy statement certain definitions (both singular and plural) are used:
- Statement: this privacy statement;
- GDPR: General Data Protection Regulation.
1. Principles relating to processing of personal data
Fixicover processes personal data in accordance with the principles relating to processing of personal data as determined in the GDPR. The principles are:
- lawfulness, fairness and transparency;
- purpose limitation;
- data minimisation;
- storage limitation;
- integrity and confidentiality;
Fixicover shall be responsible for, and be able to demonstrate compliance with these principles.
2. Explanation of this Statement
Fixicover will not process provided data without a specific purpose. The GDPR is created to protect the privacy of individuals. Because of this legislation, the use of your personal data by others is limited. Therefore, Fixicover has a duty to its clients to:
- inform them about what data is processed, how the data is processed and for what purpose;
- inform them about who can access the data;
- inform them on what basis the personal data is processed, e.g. through their consent (in which case such consent is requested), for the performance of a contract to which their data is processed or for the purposes of the he legitimate interests pursued by us, unless such interest are overridden by the interests or their fundamental rights and freedoms which require protection of personal data.
3. Personal data processed by Fixicover
When you become a client of Fixicover, visit the website or contact us via our contact form on the website, we will (possibly) process your personal data. Fixicover will collect your name, address, telephone number, e-mail address, unique discount codes and IP address. If Fixicover will process other personal data, this will be necessary for compliance with the agreement and/or a legal obligation.
The data allows us to:
- administratively comply with the concluded agreement with the client;
- to provide our services;
- reach clients and/or interested parties if necessary;
- to further develop and/or optimize our services.
Fixicover does not provide personaldata toother individuals or companies outside the Fixicover-organisation, unless:
- it is required to do so by law;
- you have giving your consent;
- it is necessary for executing the concluded agreement between the parties.
Regarding the last bullet, Fixicover engages third parties to ensure that the services are safe and efficient. The following third parties may receive your personal data:
- Sun Recourses LLC (US) (for the distribution of the products from Fixicover)
- Uber (only regarding Uber-drivers)
- Google Sheets (US) (to share data to Uber and Sun Recources LLC)
- BigCommerce (US) (regarding sales data)
- Sendcloud (NL) (regarding shipping data)
- ShipStation (US) (regarding shipping data)
- Braintree (US) (regarding payment, financial data is not shared with Fixicover)
Fixicover is responsible for the services provided by these parties. In the event that access to your personal data by a third party is necessary, Fixicover will conclude a data processing agreement with that third party to ensure the processing of your personal data is correct, safe and confidential.
Depending on the purpose of processing and the types of personal data, the retention period of personal data varies. Fixicover will not process personal data any longer than is necessary for its purpose, unless Fixicover is required by law to keep data for a longer period of time.
4. Your rights as a data subject under the GDPR
As a data subject, you have specific rights under the GDPR. These rights are:
The right of access which means:
- 1) the right to know whether data concerning him or her are being processed and
- 2) if so, access it with loads of additional stipulations (GDPR Article 15).
The right to rectification
- When personal data are inaccurate, then controllers need to correct them (GDPR Article 16).
The right to erasure or right to be forgotten
- When personal data has been made public, and you want to erase them, you have the right to do so (GDPR Article 17).
The right to restriction of processing
- Simply said, the right of the consumer to limit the processing of his/her personal data with, once more, several rules and exceptions of course (GDPR Article 18).
The right to be informed
- In general, the GDPR asks controllers and so on to inform data subjects on several matters. Providing clear and correct information is a key duty in many regards. Simply said, the GDPR wants consumers to know because if you do not know, you cannot decide. However, here we rather mean GDPR Article 19 which, again simply put, means that personal data that have undergone an action as a consequence of one of the others where feasible. And then the data subject also has a right, even if not strictly called a right, to ask “who are all these recipients who got to see my data”.
The right to data portability
- The right to give back the personal data as required allows the transfer to another data subject (GDPR Article 20).
The right to object
- GDPR Article 21 states you have the right to object if you do not want the personal data processing to be done. This might seem a bit overlapping with other data subject rights, but it is not.
- The right to not be subject to a decision based solely on automated processing
- Do not base a decision solely on automated means, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
- The right to submit a complaint to the supervisory authority (Autoriteit Persoonsgegevens). If you believe that the processing of personal data relating to you infringes the GDPR you can submit a complaint to the Autoriteit Persoonsgegevens. You can only submit such a complaint if the complaint is about your own personal data (or you are authorized to submit a complaint on behalf of another) and if you agree that the Autoriteit Persoonsgegevens uses your personal data to address Fixicover about your complaint (GDPR Article 77).
In the event that your request is not executed, Fixicover will explain the reason thereof. One of the reasons may be that your file contains information that is or may be of interest to others. Fixicover will reply to your request within one (1) month after receival.
Fixicover will handle your request and all data provided regarding your request with due care and confidentiality.
For questions on this Statement or if you wish to exercise one of your rights, you can contactus by email or contact our data privacy expert Wouter Neef (firstname.lastname@example.org and Weteringschans 85 E, 1017 RZ Amsterdam).